Hacker News new | past | comments | ask | show | jobs | submit login

> Discord doesn't comply with the OpenSSL license.

In what way? Have you reached out to Discord to make them aware? They seem fairly committed to open source from everything I've read.




The OpenSSL license for Discord's bundled versions of OpenSSL [0] has two conditions which are being violated. When they advertise the features of their client, or offer binaries of their client for download, they do not include the verbatim text, "This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit. (http://www.openssl.org/)"

They know that they are violating this license; they don't care. They are free to clean up their act at any time.

[0] https://www.openssl.org/source/license-openssl-ssleay.txt


But that's not what the license says.. it says:

* 3. All advertising materials mentioning features or use of this software * must display the following acknowledgement: * "This product includes cryptographic software written by * Eric Young (eay@cryptsoft.com)"

I'm not a lawyer, but my interpretation of "this software" is OpenSSL, which wouldn't apply this clause to all advertising of discord features. It would be when they run advertisements that reference discord features that rely specifically on OpenSSL features. Which, isn't going to be that often, right?

> They know that they are violating this license; they don't care. They are free to clean up their act at any time.

Is this a known issue that's been brought up before? I've never heard of it, and would be interested to read up on it! I'm especially curious as to their response.


We are not aware of non-compliance with the OpenSSL license. We attribute usage of OpenSSL in our licenses page (along with all the other OSS projects we use.) https://discordapp.com/licenses - reproducing the copyright notice as required by condition 2 of the license:

> Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.

As for condition 3, I am unable to locate any marketing materials which mention the usage of OpenSSL. However, if any such material exists that is in non-compliance we are very interested in ensuring that we are in compliance.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: