Re: [License-discuss] Possible alternative was: Re: U.S. Army Research Laboratory Open Source License (ARL OSL) Version 0.4.1
On 28/02/17 17:09, Smith, McCoy wrote: > You should consider the fact that CC0 has an express disclaimer of > patent licenses (in Section 4.a). That may mean that it doesn't > address one of the concerns that I think you had (i.e., that there > might be USG patents covering the non-US copyrightable USG work > distributed by the USG). > > The CC licenses are also not on the OSI list (although there has been > some discussion in the past of whether they should be added, IIRC). Any objections to CC-0 also seemed to be patent-related; if the scheme had a patent grant accompanying the CC-0 license, that might solve both of these issues in one go and lead to something very, very good. Gerv ___ License-discuss mailing list License-discuss@opensource.org https://lists.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] Is the OBM License OSD compatible?
On 06/01/17 17:09, Smith, McCoy wrote: > GPLv3 (and the variants, LGPLv3 and AGPLv3) do *not* permit > "Additional Terms" (despite the section header called "Additional > Terms"); they permit "Additional Permissions" which are defined in > the license, Sec 7, as "terms that supplement the terms of this > License *by making exceptions from one or more of its conditions*." The section 7, titled "Additional Terms", permits "Additional Permissions" in the first two paragraphs, but also in the following paras permits 6 categories of other sorts of additional terms which are not necessarily entirely permissive. Section 7 b) through f) are clearly not entirely permissive if you read them. So the section heading is correct, and I believe your interpretation that everything envisaged by that section must be an Additional Permission is wrong. Gerv signature.asc Description: OpenPGP digital signature ___ License-discuss mailing list License-discuss@opensource.org https://lists.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] Is the OBM License OSD compatible?
On 06/01/17 10:55, Rick Moen wrote: > Would that it were so. Lingora characterise their additions near the top as > 'Additional Terms pursuant to Section 7 of said license', and clearly > intend this to refer _not_ to additional permissions, but rather to > this bit slightly further on, in 7b): > > Notwithstanding any other provision of this License, for material you > add to a covered work, you may (if authorized by the copyright holders > of that material) supplement the terms of this License with terms: My understanding was that terms added under a) through f) were also "additional permissions" and so could be removed. But re-reading the license, you are right that it doesn't seem that way :-| This surprises me. Does anyone know why the drafters chose not to make such added terms removable? Is it because they are not all necessarily entirely permissive? Section b) permits specification of the preservation of notices but absolutely does not permit specification of their precise location. So that part is clearly overreach. Gerv signature.asc Description: OpenPGP digital signature ___ License-discuss mailing list License-discuss@opensource.org https://lists.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] Is the OBM License OSD compatible?
On 06/01/17 03:48, Marc Laporte wrote: > The OBM license is AGPL 3 + "Additional Terms": > http://obm.org/content/obm-license That page says: "OBM is an Free and Open Source messaging and collaboration software, distributed under the GNU Affero GPL v3 License terms, with Additional Terms pursuant to Section 7 of said license." Which is good, because nothing other than Section 7 allows them to add additional terms of any sort to the license (see section 10). Section 7 says: "When you convey a copy of a covered work, you may at your option remove any additional permissions from that copy, or from any part of it." So if you are concerned about the OSD-compliance of the additional terms, you can simply remove them when you redistribute it. Problem solved. You do need to obey section 5 about Appropriate Legal Notices. However, Section 0 of the AGPL defines what can be considered an Appropriate Legal Notice; anything which Linagora attempts to define as such which does not meet that definition can be said not to be an Appropriate Legal Notice. Once you have worked out what the Appropriate Legal Notices actually are, you have all the freedoms given you by sections 0 and 5 about how, where and when to actually display them. Gerv signature.asc Description: OpenPGP digital signature ___ License-discuss mailing list License-discuss@opensource.org https://lists.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] [Non-DoD Source] Re: US Army Research Laboratory Open Source License proposal
On 25/07/16 17:33, Karan, Cem F CIV USARMY RDECOM ARL (US) wrote: > OK, I see where you're coming from, I'm just not comfortable with it. I'm > much more comfortable with a single license that covers everything. I also > know that our lawyers would be more comfortable with a single document that > covered everything. But I do see your point! Why can't the Apache license be that document? USG isn't going to try and enforce the copyright-related provisions in the Apache License against anyone - because it has no standing. But the disclaimer would still stand, under the principle that a legal document is reformed just to the extent to make it valid. What would happen that was bad, if you just released the software and said "This is under the Apache license"? What's the scenario you are worried about? Having made that point, I think you need to understand the significant deal that it is to try and get a new open source licence approved. If all that's up against is "Our lawyers would prefer one document rather than two" (and hey, you can put the statements in the same file) then it could be that this is not seen as sufficient justification for approving a new licence as open source. Gerv ___ License-discuss mailing list License-discuss@opensource.org https://lists.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] [Non-DoD Source] Re: US Army Research Laboratory Open Source License proposal
On 25/07/16 16:12, Karan, Cem F CIV USARMY RDECOM ARL (US) wrote: > Protections from liability from anyone that uses our code, for one thing. I > am not a lawyer, but as I understand it putting stuff in the public domain > does not release you from liability, so without some kind of notice the USG > could be sued because bugs cause a crash at some point, causing harm, etc., > etc., etc. The 'no warranty' clause is something we have to have. In fact, > if you read the CC0 license text > (https://creativecommons.org/publicdomain/zero/1.0/legalcode), even it has a > warranty disclaimer, and it is trying to waive all copyright to the maximum > extent possible. But a "no warranty" clause is a disclaimer, not a license condition. AFAICS (and IANAL) nothing prevents a USG institution sticking some source code on a web page, along with a big fat warranty disclaimer, which would have legal force. You don't have to own the copyright in code to disclaim warranty over it when you give it someone. If I give you some open source code I didn't write, I can still disclaim all warranty in it as I give it to you, and that disclaimation (a word?) should be valid. So even if USG has no copyright on this code in the USA, you can still put a warranty disclaimer up. Everyone else has copyright, and so will be contributing under the Apache license, and so the warranty disclaimer in that will apply to their contributions. So everyone's covered. Gerv ___ License-discuss mailing list License-discuss@opensource.org https://lists.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] [Non-DoD Source] Re: US Army Research Laboratory Open Source License proposal
On 25/07/16 15:12, Karan, Cem F CIV USARMY RDECOM ARL (US) wrote: > Even though it will be headache to do so, we still need to. USG works that > don't have copyright attached must still have a license/contract that offers > the same protections as one would expect from the Apache 2.0 license. Protections from whom? It can't be from the USG, because it has no rights in the code to assert in court. And it can't be from other contributors, because if you get them all to contribute under the Apache 2.0 license, then all users are as protected as in a normal Apache project. It seems to me like the people who wrote the law that the USG does not have a copyright intended that the USG therefore not assert copyright-like control over work created by the USG. Trying to re-create that control via contract seems to me to be working against the spirit of the law. Gerv ___ License-discuss mailing list License-discuss@opensource.org https://lists.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] [Non-DoD Source] Re: US Army Research Laboratory Open Source License proposal
On 25/07/16 13:46, Karan, Cem F CIV USARMY RDECOM ARL (US) wrote: > 1) Put out a notice to the world that the code covered under the license is > 'AS-IS'; the whole 'no warranty' part in the Apache 2.0 license. This needs > to cover not only the USG, but also any contributors. The USG is (in my > opinion) well-funded and capable of defending itself. Persons or entities > that are charitable enough to contribute to our projects may not be; I > personally would consider it to be poor form to leave them unprotected after > they've been kind enough to help with our projects. Notifying anyone that > downloads the code that there is no warranty helps protect against liability. But "Persons or entities that are charitable enough to contribute to our projects" also hold copyright. Therefore, you don't have to solve any "there isn't a copyright" problem for them - you just use the Apache License. It seems to me that the best way to achieve what you want is to stick an Apache License on it and to say "some of this work may have been created by USG employees, and those parts are not under copyright in the USA". If someone wants to dig through and extract those parts only and turn them into something else and put it under their own license, they can - but who would. Saying "all the copyrightable bits are Apache" solves your problem from a licensing perspective. If you want to solve the problem that the USG has no copyright by turning a copyright license into a contract (e.g. to challenge misrepresentation), then that's a massive change, which will be much more of a headache than any other scheme you could come up with. Gerv ___ License-discuss mailing list License-discuss@opensource.org https://lists.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] US Army Research Laboratory Open Source License proposal
On 22/07/16 22:01, Karan, Cem F CIV USARMY RDECOM ARL (US) wrote: > Unfortunately, we cannot directly use the Apache 2 license for all of our > code. Most of our researchers work for the US Federal Government and under US > copyright law any works they produce during the course of their duties do not > have copyright attached, so we have to rely on contract law as a protection > mechanism within the USA. Is there not a large problem here, as you have turned what is currently a license into a contract, and yet it is still titled "license"? Does the OSI approve contracts? And am I about to get various opinionated lawyers telling me that the license/contract distinction is bogus? :-) Also, another question for Cem: what do you mean by "a protection mechanism"? If you are trying to release something under liberal open source terms like Apache, and it turns out that the USG doesn't hold copyright in the thing anyway, isn't that "job done"? What needs "protecting"? Things like misrepresentation are surely already illegal without you needing to say so in an agreed document. Gerv ___ License-discuss mailing list License-discuss@opensource.org https://lists.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] BSD 3-clause and copyright notices
On 02/10/15 14:26, Zluty Sysel wrote: > What if we accepted contributions from individuals but only > "acknowledged" their work in a special "THANKS" or "ACKNOWLEDGEMENT" > file without modifying at all the "(c) TheCompany" in the license > itself and therefore not granting any ownership rights to the > contributors? Copyright doesn't work like that. The copyright automatically belongs to the author, and you need a license or transfer or other legal agreement to change that situation. You can't take their copyright simply by virtual of not crediting them or by not labelling the software with their copyright. > If I'm not mistaken the zlib license would fit our requirements since > it does not require attribution, it only encourages it. I might be > wrong though. > Would the zlib license not be usable in the EU? zlib is widely used in the EU. So yes, this license would also be suitable. > If we did that we wouldn't need the waiver anymore I believe, from a > previous response in this thread. Because then we'd be the sole > copyright owners and therefore the only ones authorized to enforce our > copyright, we could simply choose not to do so. Yes. >> * Require contributors to give a limited waiver solely for the >> attribution clause. > > Maybe i have misunderstood the previous option. What would be the > difference between this option and the previous one? Merely the more limited scope of the waiver. > Is it that in the > last one the contributor still owns the rights to his/her code but > waivers the right to be present in notices for binary distributions? > And the previous one makes him or her give the ownership rights > completely? Yes. > In any case would the last 2 options be compatible with BSD and open > source in general? Because that could work for us. They would be legally compatible; however, requiring copyright assignment will reduce the pool of people willing to contribute to your project, either because they object to giving you the exclusive right to make money by proprietarizing their hard work, or because of the additional hassle of doing the paperwork. Gerv ___ License-discuss mailing list License-discuss@opensource.org https://lists.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] BSD 3-clause and copyright notices
On 02/10/15 11:05, David Woolley wrote: > Public domain dedication is impossible in Europe. There is some doubt > as whether it is even possible in the USA. The nearest you would get is > something like CC0, which attempts to disclaim as much IPR as it is > possible to disclaim. That is indeed what I meant. Gerv ___ License-discuss mailing list License-discuss@opensource.org https://lists.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] BSD 3-clause and copyright notices
On 01/10/15 14:27, Zluty Sysel wrote: > distributed) product. Given this, let me rephrase: Can we allow these > customers not to reproduce the BSD license text even if our AUTHORS > file contains names and email addresses of people outside of our > company? Because that's really all we're after here, allowing certain > customers not to have to mention that they are using our libraries. No. If you accept code into your codebase under the BSD licence, then users of that code have to comply with the license, because you are no longer able to offer a waiver for the code to which you do not own the copyright. You have three possible options: * Pick a project license which does not require attribution (that basically means a Public Domain dedication); or * Require copyright assignment or a very broad copyright license to all contributions, so that you can continue to offer the waiver; or * Require contributors to give a limited waiver solely for the attribution clause. Gerv ___ License-discuss mailing list License-discuss@opensource.org https://lists.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] BSD 3-clause and copyright notices
On 02/10/15 15:36, Zluty Sysel wrote: > So just to be sure, if the contributors waiver their ownership rights, > then the 3-clause BSD stands and if users do not acknowledge usage of > the software in their binary distributions it is up to the company to > choose whether to enforce or not that obligation, leaving us the > option of not enforcing it with certain customers. You can't waive ownership rights; you have to assign or license them. But yes. > Do we really need additional paperwork? wouldn't it be enough to have > a license agreement that each contributor has to accept > (electronically, just by pressing "Accept" or something to that > effect). > In our particular case, and given the nature of our software, we > believe a waiver to the to the attribution clause in binary > distributions would be more than acceptable for our potential > contributors, so this could be the solution we're after. If I were you, I'd save the trouble and use the zlib license instead. Gerv ___ License-discuss mailing list License-discuss@opensource.org https://lists.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] Is what's made with Open Source, Open Source?
On 11/06/15 20:53, Gareth Edwards wrote: Over on my Reddit post (http://redd.it/39gpcy) there's a reply that as Rapid is a server platform it doesn't get distributed like a typical desktop application so GPLv3 doesn't apply, and AGPLv3 should be used instead. Well, it depends what you want to accomplish :-) But even if you use GPLv3, if various e.g. Javascript support files which are part of Rapid are needed for the app and are sent along with it, that suggests to me that the app comes under the GPLv3. The Open Office document is a good example: I write an essay in Open Office and is the essay Open Source? Of course not, the words in the text are all my own. However the font is not, and, erm, neither are the other building blocks which Open Office is using to show me my essay. But the font is not part of the file, unless it's embedded (which is not the default). And that's why GPL font licenses have an exception for embedding. Google GPL font exception. If a font was embedded, and was GPLed without the exception, and you gave the file to someone else, that person would have a right to redistribute and modify the file -- i.e. your essay -- under the GPL. And this is where Rapid apps get tricky. The debate (I think) is can a Rapid app exist, like my essay, independently of the Rapid platform used to make it? Well actually, again if you are using the GPL v3, the debate is is a Rapid app a work based on the Program (i.e. Rapid)? If it is, it's GPLed, according to the GPL. Gerv ___ License-discuss mailing list License-discuss@opensource.org http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] Is what's made with Open Source, Open Source?
On 11/06/15 11:44, Cinly Ooi wrote: If you choose GPLv3, then anyone down stream are required to use GPLv3. That's the requirement of the license. However, in general, using open source does not mean your program will have to be open source. That depends on what the program does, as the GPL puts it. If part of the output of the program (the app) contains bits of the program, as seems to be the case here from the description, then yes, the output is also GPLv3. Gerv ___ License-discuss mailing list License-discuss@opensource.org http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] Strong and weak copyleft
On 09/04/15 15:27, Jim Jagielski wrote: Well, the FSF itself uses the concept of weak: For example, when describing WxWidgets: Like the LGPL it is a weak copyleft license, so we recommend it only in special circumstances. So, at least according to https://www.gnu.org/philosophy/license-list.html, the FSF considers LGPL as weak copyleft. One occasionally wonders if the FSF doesn't consider the GPLv2 to be a weak copyleft ;-) The normal definition of weak that I have seen is a copyleft whose scope applies only to the code specifically licensed under it, e.g. the MPLv2. The LGPL rather falls in between this definition of weak, and the strong copyleft of the GPL. Gerv ___ License-discuss mailing list License-discuss@opensource.org http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] 3-clause BSD with additional clause forbidding key disclosure
On 03/02/15 17:21, Zluty Sysel wrote: I have a set of source files that I would like to open source using a standard 3-Clause BSD but my company would not like that a certain set of Private Keys used for authentication be disclosed along with the code. You don't need to write a new license for this. Merely provide the Private Key to your customers under a license other than the BSD license - e.g. an agreement which has a confidentiality clause prohibiting disclosure. Gerv ___ License-discuss mailing list License-discuss@opensource.org http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] BSD license, source distributions and interpretations of retain
On 10/01/15 18:16, Michael Bradley wrote: Now suppose Project B’s source code is derived from Project A’s source code, but the maintainer of Project B wishes to use a different license. What do you mean by use? Do you mean use a different license for project B when distributed as a whole, or do you mean actively prevent bits of project A which are in, and have been modified by, project B from being used under the license of project A (e.g. by reincorporation into the upstream)? In an effort to avoid confusion, Project B has that different license text at the head of each of its source code files, while Project A's original license text has been moved off to a file bundled in Project B's source distributions, e.g. “licenses/ORIGINAL-PROJECTA-LICENSE.txt”. Would that be in compliance with the “retain” language in clause #1 of the 3-Clause BSD license? Clause 1 and Clause 2 are differently worded; clause 2 says in the documentation and/or other materials provided with the distribution, and clause 1 does not. That suggests to me that clause 1 therefore is _not_ satisfied with in the documentation and/or other materials provided with the distribution, if that's not the case already for the source in question, but needs to be left on each file. Is there any case law to that effect or to the contrary? References to legal write-ups on this question (or similar) would be appreciated. I can't help you with actual legal advice, I'm afraid. Gerv ___ License-discuss mailing list License-discuss@opensource.org http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] Public domain license - Public Domain Customized
On 04/12/14 17:57, Joe Kua wrote: I wish to release my software in public domain including giving explicit patent grants. Is Public Domain Customized a good license to choose ? NOTE 1: None of these license texts should be used as a license until further notice! These texts are works in development and are not ready for use by the general public. https://github.com/asaunders/public-domain-customized So I'd say no :-) Gerv ___ License-discuss mailing list License-discuss@opensource.org http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] Why CAVO Recommends GPLv3
On 14/11/14 19:55, Tzeng, Nigel H. wrote: In our case the majority of the software being evaluated for open sourcing is framework and utility functions that we believe would provide value to our community. We wish to insure that this framework remains open source and commonly used but that all entities involved (including us) are free to make proprietary plugins to extend the functionality. Whether GPL V3 with a plugin exception or LGPL or MPL is the right answer remains to be seen. Surely putting proprietary bits onto a voting platform defeats the entire point? You may disagree on strategy with Larry, of course. But if one is convinced that voting software needs to be open source as a fundamental matter of transparency for the voters, then there's no need to choose a license which permits the addition of proprietary bits. In fact, it's an anti-goal. Gerv ___ License-discuss mailing list License-discuss@opensource.org http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] Why CAVO Recommends GPLv3
On 17/11/14 15:02, Tzeng, Nigel H. wrote: As long as the core vote counting and verification bits are open source and can be externally verified then one vendor providing more vote planning aids, analytics, financial tracking and collaboration tools are part of their comprehensive suite as a competitive advantage doesn¹t bother me overly much. They do have to make money somehow and have some kind of positive ROI for developing software systems. It depends how it was designed, but none of that would necessarily fall under GPLv3 just because the software which handled the votes did. That it¹s open source is a false sense of security. Not false. It's a necessary condition for security but not a sufficient one. simply was never met. I would rather see voting software that has passed a rigorous IVV process and formal proof of correctness for key bits. These two things are not mutually exclusive. Gerv ___ License-discuss mailing list License-discuss@opensource.org http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] A simple, no-requirements license.
On 23/04/14 16:59, Buck Golemon wrote: and another package's license says modified versions cannot contain additional attribution requirements. I don't know of any licenses which say that. Can you point me at an example? Gerv ___ License-discuss mailing list License-discuss@opensource.org http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] Screenshots of Open Source SW
On 16/03/14 13:31, Sebastian Hoffmann wrote: I think, Wikipedia for instance treats screenshots in the meaning of derived work, which is sometimes covered by OS licenses. As a result the screenshot has a remark (when you click on it), that it has the same license as the originating OS program. Absent fair use, I would say that a screenshot of e.g. the Firefox window is a derivative work of the graphics (e.g. button icons) which are shotted, and so carries their license. Few countries could cover this by fair use, but a lot of countries do not know fair use in their legal system. Are there really countries with no concept of this at all? This is the sort of thing fair use was made for. Without it, I couldn't take a full-screen screenshot of a problem I'm having on a Windows machine and send it to my grandma so she can help me debug it, because it contains the Windows logo. Companies producing commercial software usually have some condidtions published, under which screenshots are granted to be used (i.e. Microsoft). Certainly when people email me about using screenshots of Mozilla software, I say that we consider it fair use, and they should go ahead. And not to bother asking for permission next time :-) Gerv ___ License-discuss mailing list License-discuss@opensource.org http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] Illumina Open Source License
On 13/03/14 10:26, Albert Vilella wrote: markedly opposed opinions around the license. This is, people that think it's OSI-compliant, and people that think it's nothing close to being OSI-compliant: How could anyone think that a license which says use or sale of the Software as part of a SaaS Bundle ... is prohibited could be OSI-compliant? Having to get permission for commercial use is also clearly non-OSI. Gerv ___ License-discuss mailing list License-discuss@opensource.org http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] Is CC BY appropriate for software?
On 24/01/14 08:16, xxl...@web.de wrote: It seems to me as if a Creative Commons BY license is quite much what I need. Does it cover my constraints? It may, but CC recommend against using it for software: http://wiki.creativecommons.org/FAQ#Can_I_use_a_Creative_Commons_license_for_software.3F I would suggest the Apache Public License 2.0 for your use case. Depending on what sort of attribution you want, if that's too complex you may also consider the MIT license. Gerv ___ License-discuss mailing list License-discuss@opensource.org http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] Tweaking the BSD license template
On 08/11/13 09:36, David Woolley wrote: It's very common. Microsoft use a lot of BSD code and I'd be surprised if they hadn't modified it, and therefore become one of the copyright owners. I hadn't noticed Microsoft being shy about branding their products. I'm not sure you understand clause 3. Clause 3, in this case, would say You (a non-Microsoft person) can't use Microsoft's name to promote this product without their prior written permission. Are you saying that Microsoft would often want to give that blanket permission to 3rd parties to use Microsoft's name to promote those 3rd parties' products which used some MS code which was BSDed? That seems unlikely to me. Gerv ___ License-discuss mailing list License-discuss@opensource.org http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] license information improvement project - now with a mockup!
On 06/11/13 21:23, Engel Nyst wrote: Oh, the alternate sample looks much cleaner to me. Sub-sections and simple lists make it readable and it's helpfully organized. I agree. Gerv ___ License-discuss mailing list License-discuss@opensource.org http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss
[License-discuss] Tweaking the BSD license template
I want to have another go at gaining consensus on making tweaks to the OSI's presentation of the 3-clause BSD licence http://opensource.org/licenses/BSD-3-Clause to reduce license proliferation in the long term. Legal advice tells me that two otherwise-identical BSD 3-clause licenses must be treated as different (and therefore both reproduced in documentation and/or other materials) if they have different values for ORGANIZATION in the sentence in clause 3 which begins Neither the name of the ORGANIZATION nor the names of its contributors These kind of license-body-wording tweaks have led to the following unique license type counts for Firefox OS: BSD2Clause: 30 BSD3Clause: 55 BSD4Clause: 12 In an ideal world, each of those numbers would be a 1. I'm sure BSD distributions have a similar problem with many near-identical license blocks. Proposal: replace ORGANIZATION with copyright holder on the OSI's 3-Clause page, and update the surrounding text to explain the situation. That update would be in a similar vein to the existing explanatory sentence: In the original BSD license, both occurrences of the phrase COPYRIGHT HOLDERS AND CONTRIBUTORS in the disclaimer read REGENTS AND CONTRIBUTORS. I would argue that the above sentence also establishes a precedent that it's OK for the OSI copy of a historical license to be genericized in this non-parameterized way. This won't solve the license problem overnight, but if these licenses continue to be used, it might just reduce the problem over time. Clause 3 is a refusal of a blanket endorsement which would very likely be unlawful anyway. That's why we have the 2-clause BSD license - because that clause achieves next to nothing. But in the case of proliferation, it's actively harmful. Let's at least take a step to making it less so. Gerv ___ License-discuss mailing list License-discuss@opensource.org http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] Tweaking the BSD license template
On 07/11/13 16:39, Engel Nyst wrote: In the original BSD license, the occurrence of copyright holder in the 3rd clause read ORGANIZATION, placeholder for University of California. Actually, I believe this text should simply be: In the original BSD license, the occurrence of copyright holder in the 3rd clause read University of California. Otherwise, thank you :-) Gerv ___ License-discuss mailing list License-discuss@opensource.org http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] Endorsement clause?
On 15/08/13 03:44, ldr ldr wrote: What are your thoughts on the existence and wording of an endorsement clause? Here is what I am thinking, if I choose to amend the BSD license: Are you attempting to keep your licence open source/free? If so, your clause 3 fails that test. Gerv ___ License-discuss mailing list License-discuss@opensource.org http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] call for volunteers: getting rid of comments on OSI licenses
On 06/03/13 15:59, Martin Michlmayr wrote: I fixed the From: address and deleted both of your accounts, Gerv. Can you try to sign up again? Thanks. Signed up; job done :-) (Although I wasn't the only contributor.) Gerv ___ License-discuss mailing list License-discuss@opensource.org http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] Changes made by derivative works
On 01/02/13 07:28, Ben Reser wrote: No, the license doesn't matter. If you redistribute a modified file, regardless of how you chose to license your modifications you need to specify that you modified the file. Right. And, as you note, this doesn't apply to Apache as they actually aren't using their own license as inbound. Except where they are, and they ignore this requirement anyway. (Which says something about its value and relevance.) What this does is it privileges (in terms of convenience) one group of modifiers of the software over all others. I think that the official version of a particular codebase (saying nothing about trademarks) should be determined by developer acclaim, not by any licensing speedbumps, however slight, put in the way of anyone-other-than-the-first-people. Gerv ___ License-discuss mailing list License-discuss@opensource.org http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] Changes made by derivative works
On 30/01/13 06:25, Prashant Shah wrote: Is there any better way to handle changes made by any derivative works rather than using the following sentence. You must cause any modified files to carry prominent notices stating that You changed the files What do you mean by handle? If you are writing a license, please don't include a line like this. Depending on how you interpret it, it's either ineffective (because the next person can simply remove your notices as part of their change) or a pain in the behind (as your file fills up with notices which are best maintained in your source code management system anyway). This makes such lines in existing licenses far more honoured in the breach than the observance. The days of tracking code provenance via in-file comments are gone. And they are not missed IMO. Gerv ___ License-discuss mailing list License-discuss@opensource.org http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] Changes made by derivative works
On 31/01/13 10:20, David Woolley wrote: The purpose of such clauses is not to track the provenance, but to maintain the purity of the official version, so that forks cannot be passed off as approved versions. This sort of protection is the domain of trademark law, not copyright law. Attempting to do it via copyright (while keeping the license open source) leads to clunky requirements like this one. One of the key objectives of open source is code re-use. This means that a file must be usable outside the context of the original application, and therefore with a different, or no, source management system. And therefore, increasingly, the official version is determined by community consensus and developer resources, not by the fact that it's maintained by the guy who originally wrote it. You then end up with the position where all the checkins on the version which everyone considers canonical have to have such comments. The meta data also often doesn't contain legal identity of the modifieres, and doesn't distinguish between de mimis changes, and ones where the modify owns copyright. There is absolutely no way you will ever maintain a state where everyone who owns a copyright interest in a file has added a note to the top of it, and everyone who does not own such an interest has not. As someone who did a lot of work with the MPL 1.1, which sort of attempted this kind of copyright tracking, I know. There may be compromises, but the less information you include in a file, the more difficult it is to re-license it, once divorced from the original source management system. Unless you collect copyright assignments, you should assume that re-licensing _anything_ will be difficult in the future, in-file comments or not. Even if you have such comments, you cannot assume they are accurate, and you have to do all the due diligence anyway. (Again, I speak as the guy who did what is probably the largest ever relicensing of an open source codebase with heterogenous copyright.) Gerv ___ License-discuss mailing list License-discuss@opensource.org http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] Changes made by derivative works
On 31/01/13 10:37, David Woolley wrote: In the case of GPL one is it mainly meeting the minimum requirements for establishing the copyright status of the file when used outside of the original application. Such re-use is fundamental to the GPL concept, even if many open source developers only think of their programs as ever being used as a whole. That's just not true. The entire _point_ of open source licenses is that you can use the code without having to care who owns the copyright, because the license under which they have released it gives you all the rights you need. Gerv ___ License-discuss mailing list License-discuss@opensource.org http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] Changes made by derivative works
On 31/01/13 10:42, Prashant Shah wrote: Main objective is to keep track of the copyright owners / authors of modifications that are made in a work that is _redistributed_ in source form. So those who receive this new redistributed work know what and who made the modifications. Why do they _need_ to know that? Gerv ___ License-discuss mailing list License-discuss@opensource.org http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] Changes made by derivative works
On 31/01/13 12:48, David Woolley wrote: Particularly with the GPL, many people don't really understand what they are doing when they use it. They may not even have the right to grant the licence. One case may be that is is actually work for hire. Another real case is that someone used source code distributed under a no-commercial use condition, for the G.729 codec, and distributed a derivative work claiming that it was under the GPL. I'm not sure how requiring people to put Changed by Fred Bloggs (which is all Apache requires) at the top of files makes a significant difference to any of these problems. Also, a statement of the copyright owner is normally part of the condition for establishing copyright. What do you mean by establishing copyright? Copyright is automatic (Berne Convention). It would certainly be very useful if the terms of the licence had to be enforced. If copyright owners are interested in enforcing their licenses, then of course it is up to them to take whatever action they feel appropriate to record the provenance of code. But that's not the same thing as writing into the license that everyone _else_ has to add Changed by Fred Bloggs. Anyone who receives software for which they cannot establish the copyright owner, should be very careful. Do you use Linux? Can you establish a full list of copyright owners for it? Or Android? Gerv ___ License-discuss mailing list License-discuss@opensource.org http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] Published revised opensource.org/licenses page
On 03/01/13 14:19, Engel Nyst wrote: A little off, another cosmetic point: I cannot find Mozilla Public License 1.1 linked anywhere, except the page with MPL 1.0 text. The canonical URL for any link anyone is creating is: http://www.mozilla.org/MPL/1.1/ Gerv ___ License-discuss mailing list License-discuss@opensource.org http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] objective criteria for license evaluation
On 10/12/12 17:23, Luis Villa wrote: How to define useful objectively? Size is the obvious, plausibly-obtainable proxy here for useful- projects over X LOC or something like that. I suppose if you had a custom crawler that had knowledge of git/svn/cvs/etc., you could do projects over 5 committers or projects with over 100 commits or something along those lines. Richard suggests community size, which would be great but is probably not computable, no matter how many people/how much money you throw at it. Perhaps we could have multiple criteria - either size, or being used in N other projects. If there were some way of detecting that. Some modern SCMs now allow you to explicitly pull in other repos; perhaps that could be detected. This is important; however some licenses such as the HPND have no identified author, but yet are deprecated. Deprecated by *who*? :) (Note that we don't even have a deprecated category right now; we've only gotten as far as redundant with more popular licenses.) Well, http://opensource.org/licenses/HPND says: This License has been voluntarily deprecated by its author. :-P * has/doesn't have an explicit patent grant - I am of the view that even if the OSI finds it impossible politically to recommend specific licenses, it should try and get to a place where it can recommend license features - with an explicit patent grant being in pole position. Any others? Nothing so concrete. One would want the license to have been drafted with international concerns in mind, especially if it did not have choice-of-law. But that's much harder to spot. As Richard points out, it is very hard to imagine how to make this objective, but I'd encourage folks to think creatively about it. Richard's point is a fair one :-) I like the intuition here, but I'd like to push us to think about more objective criteria: what does it mean to play nicely? Presumably compatible, but who determines compatibility? What does it mean? Can that be determined objectively? A good question. What is compatibility? It is a non-transitive relation, such that X is compatible with Y if code from license X can be used in a project with license Y. (If we want to pick a better term than compatible, I wouldn't object.) Who determines compatibility? Aside from the well-known disagreement about Apache 2 and GPL 2, I'm not sure (perhaps I'm naive!) that there is much disagreement about compatibility as defined above, for popular X and Y. Gerv ___ License-discuss mailing list License-discuss@opensource.org http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] Boilerplate license text for permissive licenses?
On 27/11/12 19:28, D M German wrote: Why don't you try the tool we developed. It is a bit hacky, but it will help you do what you are doing automatically. http://github.com/dmgerman/ninka Hi dmg, I did come across ninka in my research, and tried it out, but I couldn't really get it to do the right thing for me. :-| And it left loads of temporary files all over the place. As I mentioned in the previous message, what is the code you are looking at? I can run the tool myself and give you the resulting data. Well, it's the B2G tree, but with some bits excluded because they are test code and because we aren't shipping them. Following these instructions up to just before the point where you actually run a build command (build.sh) will get the code for you. Beware, it's big. https://developer.mozilla.org/en-US/docs/Mozilla/Boot_to_Gecko/Preparing_for_your_first_B2G_build Running your tool over that would give a first approximation. But, AIUI, your tool doesn't do the detecting licenses which are 'the same' and copyright amalgamation bits which my tool now does. Gerv ___ License-discuss mailing list License-discuss@opensource.org http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] Boilerplate license text for permissive licenses?
Hi Larry, On 27/11/12 04:57, Lawrence Rosen wrote: Consider the hapless corporate attorney who is forced to review hundreds of proprietary software licenses when authorizing the distribution or sale/purchase of his company's software products. Each of those proprietary licenses may contain restrictions on transfer; unique indemnity and warranty provisions; attribution requirements or prohibitions; etc. My sympathy for such hapless individuals is real, albeit tempered by the fact that as a reward for taking on such onerous work they probably earn at least triple what I do ;-P But once you've done your variant-gathering, will you recommend that everyone else do the same for their own open source software as Mozilla will do for Firefox OS? That's a lot of work to recommend for others to do. Fortunately, I have a script which can analyse a source tree and produce the necessary output for inclusion with software. That would seem to be a waste of time considering the infinitesimally tiny risk that one of those variant licensors would sue you for breach for taking the easy way out -- such as: This software includes contributions under one or more variants of the official BSD and MIT license versions published at www.opensource.org. Mozilla has chosen not to publish those individual variant licenses along with this distribution, although we are disclosing its source code as those licenses require. That's an interesting recommendation, although one that (as far as I know) has never been taken up by any distributor of aggregated software. I am certainly not competent to judge whether, for example, the addition of an extra word to the disclaimer has legal effect or not, and if by instead referencing a license with slightly different wording we might upset someone who included that word for a reason. Also, these licenses don't require disclosure of source code. software. Those licensors can't sue you anyway unless they register their copyrights, which is unlikely to have happened for such works. Damages in such a lawsuit would be minimal at worst. For a company that can afford to swat away any such nuisance lawsuits, taking this easy way out may be worth the risk, unless your lawyer tells you that no risk is ever worth taking. Mozilla ignores clear provisions of open source licenses; says 'well, we probably won't get sued, so who cares?'. A great headline for Slashdot. Gerv ___ License-discuss mailing list License-discuss@opensource.org http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] Boilerplate license text for permissive licenses?
On 26/11/12 23:44, Luis Villa wrote: I wonder if there is an easy way to visualize the various changes you have in your data set, to see where people agreed/disagreed/edited, outside the obvious changes. Daniel German, cc'd, may have already tackled this, or have other ideas along these lines. I don't have an automated way. I gave myself 10 minutes to do it by hand, and the results are as follows: ORGANIZATION: * the author * the above-listed copyright holder(s) * Yahoo! Inc., followed by nor the names of YUI's contributors * the copyright holder * Google * the Eclipse Foundation, Inc. * the University * Google Inc. * the Xiph.org Foundation nor Pinknoise Productions Ltd * TransGaming Inc., Google Inc., 3DLabs Inc. Ltd., * the David Beazley or Dabeaz LLC (!) * the Jython Developers * KTH * The Android Open Source Project * Rewording: The names of the authors may not be used to endorse... * Rewording: The names of the author may not be used to endorse... * David Young * the project * Cisco Systems, Inc. * the libjpeg-turbo Project * the Motorola, Inc. (!) * Adobe Systems, Network Resonance * Parakey Inc * Apple Computer, Inc. (Apple) * the copyright holders * Network Resonance, Inc. * the company * Redis * Apple Computer, Inc. (Apple) or The Mozilla Foundation (Mozilla) * The NetBSD Foundation * the psutil authors * the Institute * the Eclipse Foundation, Inc. * the Cisco Systems, Inc. (!) * the author(s) * the Xiph.org Foundation ... and several more. Disclaimer section: Much less variation here, the first two being by far the most common: * THE COPYRIGHT HOLDERS AND CONTRIBUTORS * THE AUTHOR * THE REGENTS AND CONTRIBUTORS * Google Inc. * KTH AND ITS CONTRIBUTORS * The Android Open Source Project * THE AUTHOR AND CONTRIBUTORS * DAVID YOUNG * THE PROJECT AND CONTRIBUTORS * APPLE AND ITS CONTRIBUTORS * SUN MICROSYSTEMS, INC. * APPLE, MOZILLA AND THEIR CONTRIBUTORS * THE NETBSD FOUNDATION, INC * THE INSTITUTE AND CONTRIBUTORS As far as I can tell, other than the substitution of names on occasion, the disclaimer is otherwise identical. And there is very little variation in the other text too. Bullets: * None * 1. * a) * - * * * In one case, 1), 2) and nothing! * In another, 1), 2) and -! * In another, nothing, nothing and -! * In another, all the paras are run together Numbers seem to be the most common. Gerv ___ License-discuss mailing list License-discuss@opensource.org http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] proposal to revise and slightly reorganize the OSI licensing pages
On 05/06/12 17:59, Mike Milinkovich wrote: I don't think that the inclusion of MPL 2.0 in any way a bad decision. My assumption is that the Steward of the MPL requested that all significant references to the the MPL be modified to point to the new version. Similarly, the original list included both the CPL and the EPL. When the CPL was deprecated in favour of the EPL, the CPL was deleted from the list. I'd add that, given that the MPL 2 is used by both Mozilla and LibreOffice, two very substantial projects, I'd say it pretty much fits the criteria on its own merits even without support from the large body of MPL 1.1+ software out there. Gerv ___ License-discuss mailing list License-discuss@opensource.org http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss