Re: [Mingw-cross-env-list] License issue / dependencies on OpenSSL

[Volker Grabsch]

Hello Lothar, Tony,

Sorry for joining the discussion so lately. I also hope that
Mark Brand will join this discussion.

Lothar May schrieb:
> 2011/2/21 Tony Theodore <address@hidden>:
> [...]
> > In the mean time, my current thinking is that compile time options are
> > no substitute for diligence on the part of developers. We can't
> > pre-empt all use cases or shield people from licence violations.
> 
> Hmmm of course you are right. Actually, I don't know how many such
> "traps" there are, but I think OpenSSL is a special candidate...

The OpenSSL issue is a very important point. We already disabled
some compiling options for other projects (e.g. ffmpeg) because
of licensing issues, and I think we should do that in this case,
too.

While I fully agree with Tony that it is the developers' responsibility
(i.e. not our responsibility) to be aware of and to solve the
licensing issues of their projects, I also think that mingw-cross-env
should always provide sensible defaults.

With "sensible defaults" I'm thinking of two points, in that order:

1) don't make the developer run into unexpected licensing issues
2) make the packages as feature complete as possible


Having clarified those general points, let's come to the concrete
case of Qt + OpenSSL:

I've always been wondering why so many projects are using OpenSSL.
There's the excellent GnuTLS library which provides the same
functionality and has a plain LGPL license (LGPL 2.1 or later).

I see why BSD-licensed projects are prefering OpenSSL over GnuTLS.
But I don't see why any GPL/LGPL-licensed project would want to
use OpenSSL. In particular, I don't see why Qt is using OpenSSL.

It would be great if our Qt expert, Mark Brand, could elaborate
this issues. Mark, do you think it is a good idea to disable
Qt's OpenSSL support in mingw-cross-env by default?


Greets,
Volker

-- 
Volker Grabsch
---<<(())>>---