Re: [Bug-gnubg] Serious bug: Random.org - Important Request for Comments

[Dan Fandrich]

On Tue, Jan 13, 2015 at 04:27:13PM -0700, Michael Petch wrote:
> On 2015-01-13 2:47 PM, Dan Fandrich wrote:
> > My view is only that the OpenSSL license
> > is a non-issue when developing an app using libcurl.
> 
> This isn't my view. Hypothetically assume we use OpenSSL on the back end
> of libcurl. Since our project is GPL'ed and we are linking with libcurl
> we are also linking against openssl (to support that backend). The end
> result of building binaries of our project is that it is going to link
> directly or indirectly with OpenSSL and I believe that it would still
> require our product to contain an exception to allow for this (or
> alternatively use something on the backend with a license that is
> compatible).

If you use an OpenSSL back-end, you will need this exception. But why use the
OpenSSL back-end?  You've already had trouble compiling it, it has license
issues, it has historically been insecure. I have no idea why you're planning
on using it.  Use a different SSL library without these problems!

>>> Dan