Announcement

Collapse
No announcement yet.

OpenSSL 3.0 Officially Released

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • OpenSSL 3.0 Officially Released

    Phoronix: OpenSSL 3.0 Officially Released

    After many development snapshots and three years worth of work, OpenSSL 3.0 is now available as a major update to this widely-used SSL library...

    https://www.phoronix.com/scan.php?pa...L-3.0-Released

  • #2
    But is it secure?

    Great that they ditched their vanity OpenSSL license in favor of the more established Apache License.
    Now if only Python, PHP and PostgreSQL could do the same.

    Comment


    • #3
      What's a clinet ?

      Comment


      • #4
        Too bad they didn't pick something GPLv2 compatible like BSD+Patent. It would be great if a 3-clause BSD+Patent license gets approved by the OSI. I think it would be favored over Apache 2.0 since the vast majority of people only use it as a BSD-3+Patent license anyways.

        Comment


        • #5
          Originally posted by orzel View Post
          What's a clinet ?
          A typo for "client" I believe.

          Comment


          • #6
            Originally posted by sinepgib View Post

            A typo for "client" I believe.
            Dang, you probably right.
            That and double citing of "support for kernel TLS", could use some proofreading

            Comment


            • #7
              Originally posted by fanbelt View Post
              Too bad they didn't pick something GPLv2 compatible like BSD+Patent. It would be great if a 3-clause BSD+Patent license gets approved by the OSI. I think it would be favored over Apache 2.0 since the vast majority of people only use it as a BSD-3+Patent license anyways.
              There's also the LLVM exception for the Apache 2.0 license: https://spdx.org/licenses/LLVM-exception.html . Used by at least LLVM and CUPS.

              That gives GPLv2 compatibility while keeping the Apache 2.0 that corporate lawyers seem to like.

              Comment


              • #8
                Originally posted by fanbelt View Post
                Too bad they didn't pick something GPLv2 compatible like BSD+Patent. It would be great if a 3-clause BSD+Patent license gets approved by the OSI. I think it would be favored over Apache 2.0 since the vast majority of people only use it as a BSD-3+Patent license anyways.
                I don't think a BSD+Patent license that's compatible with the GPLv2 is possible because the patent-related requirements, being not present in the GPLv2, would count as additional restrictions and thus inherently GPLv2-incompatible.

                The LLVM exception is sort of a grey area since it's effectively saying "if courts deem that the patent rules are incompatible with the GPLv2, then you may ignore them when redistributing this code as part of a larger GPLv2 work"... so I have trouble seeing how it's significantly different from just releasing something under "Apache-2.0 OR GPL-2.0" terms.

                Hell, the Rust ecosystem uses "Apache-2.0 OR MIT" because, as long as you care about getting your changes upstreamed, it has the same effect, patent-wise.
                Last edited by ssokolow; 07 September 2021, 11:28 AM.

                Comment


                • #9
                  Originally posted by orzel View Post
                  What's a clinet ?
                  A wine brand. I guess they need security too in order to prevent outsiders from stealing their wine-making process

                  Comment


                  • #10
                    Originally posted by orzel View Post

                    Dang, you probably right.
                    That and double citing of "support for kernel TLS", could use some proofreading
                    That's not a half bad idea TBH. Maybe Michael could give someone a premium account in exchange or something.

                    Originally posted by Vistaus View Post
                    A wine brand. I guess they need security too in order to prevent outsiders from stealing their wine-making process
                    In my country there was a time where someone tainted a batch of wine with methanol, blinding and killing several people before anybody realized it. So yeah, they need security too

                    Comment

                    Working...
                    X