Hi,

> openssl@1.0 has 7,029 dependent packages, so it may be hard to sort it
> out.  I wonder what would be the best way to approach it.

I can't believe I seriously suggest the following but:

A license algebra and guix commands that automate part of the lawyering,
by using the "license" field of the packages, which would now have at
least "and-license" and "or-license" operators and maybe also finer-grained
ones, and a placeholder for "it's too difficult, sort it out manually"
(maybe just detect the list we have now as "it's too difficult").

If we do it, we should add a disclaimer that it doesn't replace the need
for legal counsel entirely.