Using LGPLv3+ license for libgnutls?

Alvaro Lopez Ortega alvaro at
Wed Sep 10 10:10:37 CEST 2008

Hello Simon,

Relicensing GnuTLS under LGPLv3 could be a problem for some other Free 
Software projects, actually. As you have pointed, it would not be legal 
for GPLv2 software to link against a LGPLv3 library, and that would turn 
to be a major problem for those projects and, at the end of the day, a 
handicap for GnuTLS.

If I looked after GnuTLS' wellbeing, I'd personally stick with the 
current license.  It is a perfectly fine Free Software license that 
wouldn't decrease GnuTLS' potential target audience.

Besides, it would be definitely much more friendly with the Free 
Software developers who either don't follow the GPLv3 way or they are 
not ready yet to do so.

Simon Josefsson wrote:

> The license compatibility matrix is useful, see:
> The problem is for GPLv2-only projects that wants to use a LGPLv3
> library.
> Using LGPLv3+ also has consequences for projects that wants to copy code
> from GnuTLS (they need to be GPLv3+ or LGPLv3+), but that is not
> something that happens widely enough to care about as far as I am aware.
> If anyone knows of significant code re-use from gnutls, let me know.
> /Simon
> "David Marín Carreño" <davefx at> writes:
>> But I don't catch what is the problem: a proprietary licensed product
>> can be dinamically linked to a LGPL3 library. And, as far as I know
>> (and, please, correct me if I am wrong, as I am not a lawyer), a GPL2
>> product can still be dinamically (or even statically) linked with a
>> LGPL3 library.
>> We are not talking about GPLv3. It's LGPLv3.
>> Perhaps, the problem would be the GPL'd parts of gnutls...
>> -- 
>> David Marín Carreño
>> 2008/9/9 Joe Orton <joe at>:
>>> On Tue, Sep 09, 2008 at 01:46:17PM -0400, Daniel Kahn Gillmor wrote:
>>>> On Tue 2008-09-09 12:01:23 -0400, Simon Josefsson wrote:
>>>>> I tried to do some systematic searches, but the debian copyright
>>>>> information tends to be incorrect (not mentioning versions) or difficult
>>>>> to parse.
>>>> This is sadly true.  Automatic resolution of this sort of question
>>>> would be much easier if the machine-readable debian/copyright proposal
>>>> was more widely-adopted:
>>> We have such a standard agreed at Fedora but the hard work is really in
>>> auditing N thousand packages to meet it.
>>>>> I recognize cups, snort and ekg, and they are fairly well known.
>>>> fwiw, gobby seems to be GPL-2+, not GPL-2, at least according to the
>>>> debian copyright info, so it's possilbe that the fedora tags are wrong
>>>> on that package:
>>> I agree, good catch, thanks; I've filed a bug to get this fixed in
>>> Fedora.
>>>> And cups appears to be ambiguous as far as the GPL'ed bits (though the
>>>> LGPL'ed bits are pretty clearly V2-only):
>>>> [0 dkg at squeak ~]$ grep -A6 ^INTRODUCTION /usr/share/doc/cups-common/copyright
>>>> The Common UNIX Printing System(tm), ("CUPS(tm)"), is provided
>>>> under the GNU General Public License ("GPL") and GNU Library
>>>> General Public License ("LGPL"), Version 2, with exceptions for
>>>> Apple operating systems and the OpenSSL toolkit. A copy of the
>>>> exceptions and licenses follow this introduction.
>>> Following the guidance at I
>>> would say that since the code is explicit about being licensed per the
>>> terms in LICENSE.txt, "GPLv2 only" is a reasonable interpretation.
>>> If anybody thinks this is important to clarify I can chase it with the
>>> Fedora licensing guys.
>>> Regards, Joe

Greetings, alo

More information about the Gnutls-devel mailing list