[tech] regarding OpenSSL License change

Fri Mar 24 14:48:40 MST 2017

hmmmm. something sounds a little Phishy there. It is even more interesting that Theo showed up in the thread.

Assuming for the moment that the email is legit, it might not be a bad idea to send a response back to openSSL giving them your acceptance or rejection and the logical reasons why.

-eric
from the central office of the Technomage Guild, Securities and Exchanges Dept.

On Mar 24, 2017, at 2:00 AM, Ed wrote:

> More OpenSSL drama brewing behind the scenes ...
> just FYI
> 
> ---------- Forwarded message ----------
> From: Theo de Raadt <deraadt at openbsd.org>
> Date: Thu, Mar 23, 2017 at 9:18 AM
> Subject: [tech] regarding OpenSSL License change
> To: tech at openbsd.org
> 
> 
> Lots of people have been receiving emails like the one below.
> 
> They have never asked the community of authors what they want.
> 
> I think OpenSSL are using a github "garbage-in / garbage-out" style of
> process.  Feel free to dig into what they think I am author of, and
> why.
> 
> The start suggests they want to privately collect sufficient consensus
> to pass their agenda.  They appear to be considering all actions in
> the tree (including mine) on equal grounds.
> 
> The last sentence suggests they don't care at all about the rights of
> the authors.
> 
> 
> ----
> 
> 
> Date: Wed, 22 Mar 2017 16:48:10 -0400
> From: license at openssl.org
> To: deraadt at cvs.openbsd.org
> Subject: OpenSSL License change
> Message-ID: <20170322204810.ra49WTmWN%license at openssl.org>
> User-Agent: s-nail v14.8.6
> Status: O
> 
> Hello!
> 
> This mail is coming from the OpenSSL development team.
> 
> This is a pre-release email before we "go public."  In particular,
> the most recent blog entry, listed below, is not yet available.  But we
> thought, as an important downstream fork, that we'd give you the courtesy
> of participating early.
> 
> We are working to change the license for OpenSSL. We want to move from
> the current license (which is custom-written and has some uncommon
> requirements on end-users), to the widely-accepted and common
> Apache License (version 2).  You can find some explanation in
> our blog entries:
> 
>    https://www.openssl.org/blog/blog/2017/03/20/license/
>    https://www.openssl.org/blog/blog/2015/08/01/cla/
> 
> We wrote some tools to look through every version of our files, and
> our scripts found your email address.  You can see what we found:
> 
>    https://license.openssl.org/cgi-bin/lookup.py?uid=619
> 
> We are asking for your permission to change the licence for your
> contribution. Please visit this link to respond; you will have a chance
> to accept or decline, and enter a brief comment (you can use the comment
> to give the names of other people we should contact, for example):
> 
>    https://license.openssl.org/cgi-bin/reply.py?uid=619&p=pCUKaKssFLWJztCE8FHe
> 
> If you have any questions or concerns, send email to license at openssl.org;
> please be patient for a response. You can also post to the public mailing
> list, openssl-dev at openssl.org; details about that list can be found at this
> site:
> 
>    https://mta.openssl.org/mailman/listinfo/openssl-dev
> 
> If we do not hear from you, we will assume that you have no objection.
> 
> Thank you!
> 
> -The OpenSSL Development Team
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.phxlinux.org/mailman/listinfo/plug-discuss