[rrd-developers] [rrd] Why / How / When is version 1.2 developed?

Sebastian Harl sh at tokkee.org
Thu Apr 9 16:12:26 CEST 2009

Hi Kevin and Tobi,

On Thu, Apr 09, 2009 at 03:49:57AM -0500, kevin brintnall wrote:
> I'm considering making a "soft" dependency on OpenSSL for the rrdcached
> auth code.

Apart from the currently ongoing discussion about technical issues
regarding authentication concepts (in which I mostly share Florian's
point of view - quite frankly, I'm pretty disappointed about how
security is handled, driven by PR related arguments and irresponsible
users instead of real technical aspects of how to provide good and
_real_ security), we'll run into license issues when using OpenSSL. The
problem is that the OpenSSL / SSLeay license is incompatible to the GPL
(see [1]). In order to make it possible for users to link RRDtool
against libssl, a special exception has to be added to the license of
_each_ source file that will later be linked against libssl (see [2]).
Since this is a license change, it would require the permission of
_every_ copyright holder of those pieces of the software, which is
basically impossible in RRDtool. Using, e.g., GnuTLS would be a valid
option though ...


[1] http://www.gnu.org/philosophy/license-list.html#OpenSSL
[2] http://www.gnu.org/licenses/gpl-faq.html#GPLIncompatibleLibs

Sebastian "tokkee" Harl +++ GnuPG-ID: 0x8501C7FC +++ http://tokkee.org/

Those who would give up Essential Liberty to purchase a little Temporary
Safety, deserve neither Liberty nor Safety.         -- Benjamin Franklin

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: Digital signature
Url : http://lists.oetiker.ch/pipermail/rrd-developers/attachments/20090409/3ee60268/attachment.bin 

More information about the rrd-developers mailing list