mingw-cross-env-list
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Mingw-cross-env-list] Re: License issue / dependencies on OpenSSL

From: Tony Theodore
Subject: Re: [Mingw-cross-env-list] Re: License issue / dependencies on OpenSSL
Date: Tue, 22 Feb 2011 13:59:41 +1100 
On 22 February 2011 11:21, Garth Dahlstrom <address@hidden> wrote:
> Not to side-step the issue of licensing, but I'm not entirely convinced the 
> reason the Qt SDK for Windows do not build with OpenSSL enabled (they don't 
> dynamically against OpenSSL on Windows in the SDK) doesn't have more to do 
> with US crypto export controls then whether the linking of BSD against LGPL 
> code is okay or not.
>
> If you think about it, the classes that link against OpenSSL are copyright of 
> Nokia (QSsLSocket class)...  If they thought there was a problem with linking 
> between BSD and LGPL code, they could have just removed these classes.
>
> The issue of cypto control is skirted by not redistributing OpenSSL as part 
> of Qt,   it becomes the problem/liability of the operating system company on 
> how to enforce that the crypto levels are okay for the country the machine 
> runs in.   Microsoft just chooses not to redistribute OpenSSL libs at all.

That's a very good point, I thought Nokia were in Finland, who knows
what their laws are or if they have some sort of "free" trade
agreements place. Here in Australia, we've got all sorts of new IP
provisions as part the most recent FTA with the US, and the Canadian
laws allow OpenBSD [1] to ship crypto quite freely.

There's more to consider than licences and patents. This would be a
good test for Watson :)

> Obviously, if someone builds from source, there is nothing anyone can do 
> about crypto export controls.

I think that's the crux of the matter - a "diligent" developer (like
the informed voter) will do their research and seek advice related to
their situation. The most we can do as a project is try to make people
aware that they need to do this.

> [ I'm so old, I remember a time when Netscape Navigator could only distribute 
> a 40-bit encryption version outside the US because of US Crypto export 
> regulations]
>

Those were happy days when I didn't think about encryption at all and
had three letter passwords.

Cheers,

Tony

[1] http://www.openbsd.org/crypto.html
reply via email to
[Prev in Thread] Current Thread [Next in Thread]