cURL / Mailing Lists / curl-library / Single Mail


Re: Updated Mozilla certdata inclusion?

From: Daniel Stenberg <>
Date: Tue, 12 Feb 2008 13:33:29 +0100 (CET)

On Mon, 11 Feb 2008, Yang Tse wrote:

> In that way there would be absolutely no doubt that the license that applies
> to that file is the Mozilla triple license, and that lib/curl simply
> passes/distributes it along with absolutely no change at all.

As long as the license is clear it doesn't matter if the file is changed or
not since the license does allow us to change it and we do distribute the
script that does the change.

As I just wrote in the bug report for this issue, I've come to think more
about the license for this file and how it really should affect us nor users
of libcurl very much. The triplet license (MPL, LGPL or GPL) affects only the
cacert file and what expands or builds upon it etc, but in all practical
purposes nothing is doing that. libcurl is simply loading that file into
memory and uses it.

I'm not a lawyer but I've read a few licenses, and when thinking about it I
don't see how our usage of this file (with the triplet license) would make us
have to adjust any license or how it would be a burdon to any particular user.

The only thing that users of this file need to remember is that it is licensed
differently than libcurl so customers can in fact request it (the "source" of
it at least) and if the file is changed the changes need to be offered as
well. I don't think these are sacrifizes that are very painful for us nor to
users of libcurl.

Or am I being naive now?

  Commercial curl and libcurl Technical Support:
Received on 2008-02-12