[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: TLS-based authentication?

* Oliver Eikemeier (eikemeier@fillmore-labs.com) wrote:
> >  The reason I ask is that it would be difficult to support that using
> >  GNU TLS in place of OpenSSL and we're wondering how much interest
> >  there is for it.
> Because of licensing issues? Sorry, I didn't get the point. Afaik OpenLDAP
> isn't GPLed?

The problem comes up when a GPL'd application links, directly or
indirectly, against OpenSSL.  OpenSSL has a version of the famous BSD
'advertising clause' and that conflicts with GPL'd applications because
it stipulates that derived works are not allowed to have more
restrictions placed on them than those of the GPL.

OpenLDAP gets involved because it can use OpenSSL and because things
linking against the OpenLDAP libraries end up bringing OpenSSL into the
picture.  Now, we really want encryption and to support TLS in the
Debian packages but there are alot of GPL'd applications that use the
OpenLDAP libraries (a big one being samba).  So we're working (and
getting close to finishing I believe) on adding support to OpenLDAP for
GNU TLS which doesn't have these conflicts with GPL'd applications.


Attachment: pgpf4NQ90FOCR.pgp
Description: PGP signature