Hi Max,

Unfortunately, it would not be possible for us to re-license the project to GPLv2 - this would require agreement with all copyright holders of code contributed to Mbed TLS 2.17, which isn't feasible.

For this reason I'm afraid we cannot offer an exception for individual projects.

Regards

Dave Rodgman

On 13/01/2022, 10:28, "Maximilian Fillinger via mbed-tls" mbed-tls@lists.trustedfirmware.org wrote:

Hello!

OpenVPN can be compiled with OpenSSL or mbedtls. However, OpenVPN is licensed under GPLv2 only. If I understand correctly, that means it is not legal to distribute binaries of OpenVPN that are linked with mbedtls 2.17 or later.

At Fox Crypto, we produce a hardened version of OpenVPN, called OpenVPN-NL, for use by the Dutch government, which uses mbedtls. (The latest release is rather old and still uses 2.16.)

Is there anyone I could ask about making an exception for linking OpenVPN with mbedtls?

Regards, Max Fillinger -- mbed-tls mailing list -- mbed-tls@lists.trustedfirmware.org To unsubscribe send an email to mbed-tls-leave@lists.trustedfirmware.org