aws-lc-rs is a cryptographic library using AWS-LC for its cryptographic operations. The library strives to be API-compatible with the popular Rust library named ring.
aws-lc-rs lists its license as SPDX-License-Identifier: ISC AND (Apache-2.0 OR ISC), which could lead people to assume that it doesn't have code under the old OpenSSL license. However, https://github.com/aws/aws-lc/blob/main/LICENSE gives a clearer picture of the licensing, showing that aws-lc still has code under the old OpenSSL license. Please document this in the license field of aws-lc-rs so that, for instance, people looking to preserve GPL-compatibility are not misled into thinking that aws-lc is just ISC and Apache-2.0.
Solution:
Please modify the license field in Cargo.toml to also include the OpenSSL license as an AND.
Problem:
aws-lc-rs lists its license as
SPDX-License-Identifier: ISC AND (Apache-2.0 OR ISC)
, which could lead people to assume that it doesn't have code under the old OpenSSL license. However, https://github.com/aws/aws-lc/blob/main/LICENSE gives a clearer picture of the licensing, showing that aws-lc still has code under the old OpenSSL license. Please document this in thelicense
field ofaws-lc-rs
so that, for instance, people looking to preserve GPL-compatibility are not misled into thinking that aws-lc is just ISC and Apache-2.0.Solution:
Please modify the
license
field inCargo.toml
to also include the OpenSSL license as anAND
.