OpenSSL Relicenses Apache License v.
March 24, 2017
OpenSSL project is changing its license to the ApacheLicense v 2.0
(ASLv2). As part of this effort, the OpenSSL team launched a new website
and has been working with various corporate collaborators to facilitate
the re-licensing process.
"This re-licensing activity will make OpenSSL, already the world's most
widely-used FOSS encryption software, more convenient to incorporate in
the widest possible range of free and open source software," said Mishi
Choudhary, Legal Director of Software Freedom Law Center (SFLC) and
counsel to OpenSSL. "OpenSSL's team has carefully prepared for this
re-licensing, and their process will be an outstanding example of 'how
to do it right.' SFLC is pleased to have been able to help the team
bring this process to this point, and looks forward to its successful
and timely completion."
The website will aid the OpenSSL team's efforts to contact everyone who
has contributed to the project so far, which includes nearly 400
individuals with a total of more than 31,000 commits. The current
license dates back to the 1990's and is more than 20 years old. The open
source community has grown and changed since then, and has mostly
settled on a small number of standard licenses.
After careful review, consultation with other projects, and input from
the Core Infrastructure Initiative and legal counsel from the SFLC, the
OpenSSL team decided to relicense the code under the widely-used ASLv2.
"The Linux Foundation is excited to see the OpenSSL project re-licensing
under the Apache License," said Nicko van Someren, Chief Technology
Officer, the Linux Foundation. "Using a standard and well-understood
license is a huge benefit when incorporating a FOSS project into other
projects and products. OpenSSL has made huge progress in recent years,
in part through support from the Linux Foundation's Core Infrastructure
Initiative, and this license move will further help to ensure it remains
one of the most important and relied-upon open source projects in the
website contains a list of every email address mentioned in every single
commit, a searchable database of authors, and the ability to send email
and approve the license change. Because email addresses change, the
website will also be updated over time to record email bounces and the
names of people the project is still trying to reach.
"Oracle is proud to extend its collaboration with the OpenSSL Foundation
by relicensing its contributions of elliptic curve cryptography," said
Jim Wright, Chief Architect of Open Source Policy, Strategy, Compliance
and Alliances, Oracle. "OpenSSL is a critical component in both Oracle
products and the infrastructure of the Internet, and we strongly believe
the increased use of cryptography fostered by OpenSSL will benefit the
entire enterprise software community."
"Intel is thrilled to see OpenSSL moving to the standard Apache 2.0
license, improving license compatibility within the Open Source
ecosystem," said Imad Sousou, Vice President and General Manager of the
Open Source Technology Center, Intel. "This will help defragment the
open source cryptography ecosystem, leading to stronger and more
pervasive use of crypto to improve privacy and security in the global