>
> I've been thinking about the license issues for a while ... and I'm
> wondering if this should be discussed with someone who knows law and
> Open Source licenses, as IANAL.
Agreed, we'd need some legal advise on this. If you want, I explain our
situation/plans to Software Freedom Law Center
(http://www.softwarefreedom.org/services) and see what they think.
> <disclaimer>
> It is not easy to debate licenses, as they can quickly evolve into
> religious wars. I have no intention to either start or feed such
> a disagreement or debate. This is a reflection of how I see things
> in OpenVPN's perspective, and that perspective only.
> </disclaimer>
>
> Something which makes me wonder ...
>
> * Developer would have to use the BSD license for the bounty features
> o This would allow the project to relicense the code under GPLv2
> (while mentioning the original author)
>
> Does this mean that we can take the BSD contributed code and publish it
> as GPL in OpenVPN? Just like that (while maintaining the original
> author)? If so, what is the point of enforcing BSD on the contribution?
> As OpenVPN is GPLv2 licensed, we need to provide the source code.
I _think_ relicensing BSD-licensed code under GPLv2 is possible. For
example, I believe the ath5k wireless driver (in Linux kernel) is based
on OpenBSD kernel code.
>
> o This would allow both developer (payee) and payer to use the code
> any way they wish
>
> Is it likely that someone who pays for a feature to be included into
> OpenVPN - and then would do something extra "magic" with it, throw out
> the original patch and replace it with their changes? They can anyway
> not distribute this software unless providing the source code with these
> changes.
The discussion in the meeting revolved around who owns the code (payee
or payer). BSD license would allow all parties (payee, payer, OpenVPN
project) use the code the way they want. However, I think the cases
where BSD license (=do as you please with the code) would provide real
benefits to GPLv2 are rare. In those cases, it's always possible for the
developer and payer to arrange copyright issues between themselves.
>
> You can argue that it's a company specific change and that the software
> is not distributed - but the employees in that company do get this
> software somehow - most often as verbatim copy, and these employees can
> then internally request the source code according to the GPL license.
> Since the GPL is so restrictive, this modified source code cannot be
> distributed (even though internally) with even an NDA. In the moment
> you copy this change from one place to another place, it is technically
> speaking a form of distribution.
>
> In this context a BSD license does not make sense to me. OpenVPN is
> GPLed, and any modifications done to OpenVPN needs to be shared and to
> be made available in source code format on request.
>
> Personally, I would also not enforce BSD as the only license for
> bounties. We need to provide at least a choice, at least between GPL
> and BSD.
I'm starting to lean towards GPLv2 only. I don't think BSD license
provides any _real_ benefits to the developer or payer. The theoretical
benefits ("use the code as you please") are negated by the fact that
extending a GPLv2-licensed application imposes restrictions on
distribution of the code. Also, most OpenVPN code is useless outside
OpenVPN so there's little value in being able to do "whatever you
please" with it.
>
> I would not consider to license my contributions to OpenVPN as BSD,
> because a) I want other people to be able to review my code at any
> point, no matter the circumstances the code is used, and b) If someone
> modifies/improves the code, I want these changes to be shared with the
> community. GPL gives that possibility.
Here we come into the religious issues ;). I prefer GPLv2/3 in most
cases, as it protects the freedom of the code, rather than freedom to
use the code as you please (like BSD-style licenses). Both protect the
freedom of the users - from different angles. Both have their uses and I
don't think discussing their relative merits or the definition of
freedom in detail makes much sense.
Anyways, in our context I don't see any/many benefits in using
BSD-license for the contributions.
--
Samuli Seppänen
Community Manager
OpenVPN Technologies, Inc
irc freenode net: mattock
