[starseeker]

Although I personally think matching the OpenBSD libressl license would have been better, I still have to regard the move towards using one of the mainstream, modern standard open source licenses for such a widely used and critical software component a Good Thing. I do, however, also agree with those voicing skepticism about the "silence gives consent" bit - this is important enough to be worth doing without adding a (very) questionable practice like that to the mix. I'd suggest instead setting up some sort of "relicensing coverage" report, and use the yay/nay/no-answer status of various diffs to figure out a price tag for re-writing the bits that can't be relicensed.

I don't suppose the libressl folks could end up creating a 2-clause BSD implementation of the SSL/TLS stack that could divorce itself completely from its openssl origins? (Yes I know that's almost certainly impractical for such a large, complex and thorny code base and problem set, but it's a nice dream... maybe some cryptography researchers/companies/etc. looking to make a name the the industry could target and re-implement specific pieces/algorithms/etc...)