[dm-crypt] license of libcryptsetup (was: verity for GRUB?)

Arno Wagner arno at wagner.name
Thu Oct 11 11:21:15 CEST 2012

On Thu, Oct 11, 2012 at 09:23:03AM +0200, Milan Broz wrote:
> On 10/11/2012 07:10 AM, Arno Wagner wrote:
> > On Wed, Oct 10, 2012 at 03:04:49PM -0700, Geoffrey Thomas wrote:
> >> Yeah, if you're planning on looking into relicensing, I'd encourage
> >> you to make as much of cryptsetup as you can GPLv2+ instead of
> >> GPLv2, so that the code is more reusable in other projects, even if
> >> it ends up not being relevant for my specific use case.
> > 
> > Quick qestion: What is the GPLv2+? I am unable to find any formal 
> > references or comparisons, just GPLv2. Pointers appreciated.
> Nice list is here
> http://en.wikipedia.org/wiki/List_of_FSF_approved_software_licenses
> http://www.gnu.org/licenses/gpl-faq.html
> Basically, it is shortcut:
> GPLvX means GPL version X only, GPLvX+ "... or any later".

I see. Logical. Must be the cold I have at the moment clogging 
up my synapses ;-)

> And why there is resistance to GPLvX+? Well, "or any later" means
> any later. Who knows what is in not yet written GPLv(X+y)? :-)
> (And v3 has own problems as well.)

It does indeed. 

> The basic problem is in compatibility matrix, mainly with GPLv3 vs GPLv2
> which are not compatible, see http://gplv3.fsf.org/dd3-faq
> Because of repeating questions an problems, I would really like to switch
> libcryptsetup (IOW cryptsetup library, not binary itself)
> to something less restricted (currently most of the code is GPLv2 only).
> Perhaps LGPLv2+. But it requires approval from all authors.
> (I will perhaps try to get these, otherwise I switch just verity part...)
> (TBH, I would myself prefer any new crypto code under even less restricted
> licenses like BSD or MIT licence. But cryptsetup already depends on other
> GPL libraries, so not sure if it makes sense.

I don't want my stuff under modified BSD or MIT by default. While 
it does cause problems, I think the GPL-idea still serves a purpose. 

I can live with LGPLv2.1+ (seems to be the most compatible one)
for any code I contribute. For documentation, completely free
for small things and CC "Attribution-Share Alike 3.0 Unported" 
(as I use in the FAQ) for larger things would be my choice, but
anything reasonably similar is fine. 
I am willing to do a "modified BSD" code-fork for a specific purpose 
(if somebody asks and has a good reason). I have done that in the past 
for some research code, i.e. public GPL code and special BSD release 
for an industry partner. There, I put a note in the BSD license statement
that a GPL version was also available and a pointer to it (in these 
cases my long-term email). As BSD requires the license statement to
be left intact, that at least makes hiding the original code difficult 
and allows people to find it if they are interested.

I know that legally this is a minefield if many people contribute,
but maybe it could work?

> Anyway, if anyone has better idea or any notes here, please let me know.
> Now is the best time to complain ;-)



Arno Wagner,    Dr. sc. techn., Dipl. Inform.,   Email: arno at wagner.name 
GnuPG:  ID: 1E25338F  FP: 0C30 5782 9D93 F785 E79C  0296 797F 6B50 1E25 338F
One of the painful things about our time is that those who feel certainty 
are stupid, and those with any imagination and understanding are filled 
with doubt and indecision. -- Bertrand Russell 

More information about the dm-crypt mailing list