Re: SHA, MD, and openssl

[Richard Stallman]

[[[ To any NSA and FBI agents reading my email: please consider    ]]]
[[[ whether defending the US Constitution against all enemies,     ]]]
[[[ foreign or domestic, requires you to follow Snowden's example. ]]]

    I'm not aware of any patent issues for SHA or MD5.
    As for as license, Emacs is linking against a library
    that is normally distributed with the major components of
    the operating system, so that part of the GPL applies.

What it is normally distributed thus, the system library
exception applies.  But it would be good to verify that that is
generally true.  Do users ever install these libraries separately
from the major system components?

    > What about systems where openssl is not normally present out of the
    > box?  Aren't we encouraging people to install it?

    Not particularly.  The build will work just fine without openssl,
    and no part of the documentation or installation instructions
    encourages people to install openssl.

This is a red herring.  There is nothing wrong with installing
OpenSSL.  It is free software, after all.  As a general matter, we
encourage people to install OpenSSL.

However, when they install it, the GPL3 system library exception does
not cover it.

-- 
Dr Richard Stallman
President, Free Software Foundation
51 Franklin St
Boston MA 02110
USA
www.fsf.org  www.gnu.org
Skype: No way! That's nonfree (freedom-denying) software.
  Use Ekiga or an ordinary phone call.