[License-discuss] CDDL 1.0 vs. 1.1
I note that Glassfish uses CDDL 1.1 <https://glassfish.java.net/public/CDDL+GPL_1_1.html>, but that all references on the OSI website are to CDDL 1.0 <http://opensource.org/licenses/CDDL-1.0>. Does anyone know the reason why there is this version mismatch? Did something fall through the cracks here, or is there some longer story? -- Mike Milinkovich mike.milinkov...@eclipse.org ___ License-discuss mailing list License-discuss@opensource.org https://lists.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] CDDL 1.0 vs. 1.1
On 11/12/2015 10:33 AM, Simon Phipps wrote:
Sun never bothered to request approval for 1.1 as the lawyers involved
regarded the changes as trivial.
Hmmm. Doesn't that put consumers in the awkward position of using
software which is not strictly speaking under an OSI-approved license?
I notice that the license at Glassfish has also been updated to have
Oracle as the license steward. Would anyone object if I ask them to
submit the revision to license-review for approval?
On Fri, Dec 11, 2015 at 3:25 PM, Mike Milinkovich
<mike.milinkov...@eclipse.org <mailto:mike.milinkov...@eclipse.org>>
wrote:
I note that Glassfish uses CDDL 1.1
<https://glassfish.java.net/public/CDDL+GPL_1_1.html>, but that
all references on the OSI website are to CDDL 1.0
<http://opensource.org/licenses/CDDL-1.0>.
Does anyone know the reason why there is this version mismatch?
Did something fall through the cracks here, or is there some
longer story?
--
Mike Milinkovich
mike.milinkov...@eclipse.org
+1.613.220.3223 (mobile)
___
License-discuss mailing list
License-discuss@opensource.org
https://lists.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] Any Free License, an open source license
On 09/11/2015 9:17 PM, Christopher Allan Webber wrote: Feeling reminiscent of the good old days, when the threads of identi.ca flowed freely with obscure licensing periphery, I have decided to try my hand at crafting where so many have dared to try (and fail) in penning an Open Source license worthy of the OSI license list. I decided to author the most open license of all time, for those who just can't decide over license minutiae. Here it is. Simply copy this into your programming headers and you are on the path to maximal freedom. I have a sort of meta-problem with this idea. The OSI approves licenses. IANAL, but to me this is not a license. It does not by itself grant any rights. Therefore I wonder if it is even valid for consideration? -- Mike Milinkovich mike.milinkov...@eclipse.org ___ License-discuss mailing list License-discuss@opensource.org https://lists.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] International Licenses
On 08/06/2015 9:51 AM, Jim Jagielski wrote: I would agree that this effort should be done, but only provided that there is evidence that things are currently broken. I don't think it's quite fair forcing people into busy work to fix something that isn't broken. Broken is a strong word. But we were motivated by concrete requests, not just well-meaning conjecture. None of us have the time to make up unnecessary process enhancements. -- Mike Milinkovich mike.milinkov...@eclipse.org +1.613.220.3223 (mobile) ___ License-discuss mailing list License-discuss@opensource.org http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] International Licenses
On 05/06/2015 12:28 PM, Weston Davis wrote: However, we would add a criteria targeted at preventing code under the class of licenses from being orphaned. (This may, for example, be addressed in candidate licenses by explicitly allowing re-licensing under other well-known licenses.) This seems like a generally good thing regardless of law and venue? I am not sure whether you are referring to preventing code from being orphaned or allow re-licensing under other well-known licenses? -- Mike Milinkovich mike.milinkov...@eclipse.org +1.613.220.3223 (mobile) ___ License-discuss mailing list License-discuss@opensource.org http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss
[License-discuss] International Licenses
At our last face-to-face meeting, the OSI Board discussed the topic of FLOSS licenses targeted at specific languages and jurisdictions. As you can imagine, with the interest in reducing license proliferation, the conversation was quite lively. However, if we want open source to be a truly worldwide movement, it seems unreasonable to insist that English be the only language allowed. As a result, we would like to propose the following: - A new category of open source licenses would be created for those targeting specific languages and jurisdictions. - The normal public license review process would be used to debate the merits of the license. However, we would add a criteria targeted at preventing code under the class of licenses from being orphaned. (This may, for example, be addressed in candidate licenses by explicitly allowing re-licensing under other well-known licenses.) - A certified English translation must accompany the license. We require a certified English language translation of the license in order to conduct the license review process, which uses open discussion between many people who share English as a second language regardless of their first language. Submitters can meet this requirement by accompanying the translation with an affidavit from the translator on which the translator has sworn, in the presence of a commissioner authorized to administer oaths in the place where the affidavit is sworn, that the contents of the translation are a true translation and representation of the contents of the original document. The affidavit must include the date of the translation and the full name and contact details of the translator. - When you offer your license(s) to the review process, you should be aware that change to the license is probable and be prepared to iterate. Certified translations will not be essential for every iteration but the final iteration must be accompanied by a certified translation. We would appreciate your thoughts and comments. ___ License-discuss mailing list License-discuss@opensource.org http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] [FTF-Legal] Proposal: Apache Third Party License Policy
On 20/05/2015 4:40 PM, Lawrence Rosen wrote: Apache Legal JIRA-218 asked: My question is about whether Eclipse Public License -v 1.0 is compatible with our Apache License 2.0. I couldn't find an answer onhttps://www.apache.org/legal/resolved.html. This was at addressed in the now apparently defunct ASF document entitled Drafted (and out of date) Third-Party Licensing Policy that Cliff Schmidt wrote years ago. You can still find the text of the document at [1]. Unfortunately the version that is linked from the Apache Legal page[2] has somehow been mangled. As far as I know, that document was used for quite a few years as the main guidance for Apache projects on these topics. I am not quite sure why it was deprecated without a replacement. The fact that a reference to the EPL wasn't migrated to [3] just seems kinda weird. In that document, the EPL was included in the list of Category B: Reciprocal Licenses. As I understand it, the guidance to ASF projects was the EPL-licensed binaries could be distributed by Apache projects, but that the source should be only available by reference. It is my understanding that Apache projects do distribute EPL-licensed modules, such as the Eclipse Compiler for Java (ecj). One thing that seems sort of weird is that the release notes[4] for Apache Tomcat 7 contains a notice(*) regarding the use of ecj under the EPL. But the release notes[5] for Tomcat v8.0 does not contain the notice, even though the ecj-4.4.2.jar (Eclipse JDT Java compiler) is listed as a bundled dependency. Hope that helps. [1] https://svn.apache.org/repos/asf/infrastructure/site/trunk/archive/legal/3party.mdtext [2] http://apache.org/legal/ [3] http://apache.org/legal/resolved.html [4] https://tomcat.apache.org/tomcat-7.0-doc/RELEASE-NOTES.txt [5] https://tomcat.apache.org/tomcat-8.0-doc/RELEASE-NOTES.txt (*) In addition, Tomcat 7.0 uses the Eclipse JDT Java compiler for compiling JSP pages. This means you no longer need to have the complete Java Development Kit (JDK) to run Tomcat, but a Java Runtime Environment (JRE) is sufficient. The Eclipse JDT Java compiler is bundled with the binary Tomcat distributions. Tomcat can also be configured to use the compiler from the JDK to compile JSPs, or any other Java compiler supported by Apache Ant. -- Mike Milinkovich mike.milinkov...@eclipse.org +1.613.220.3223 (mobile) ___ License-discuss mailing list License-discuss@opensource.org http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] Idea for time-dependent license, need comments
On 2013-07-19, at 11:31 PM, John Cowan co...@mercury.ccil.org wrote: Ben Reser scripsit: This is an important point. The only way the copyright owner isn't special for an *overall* *work* (emphasis is important) is if there are so many copyright holders that it becomes impossible to get them all to agree to change the license (e.g. Linux Kernel). Especially, when the work is so intertwined the individual contributions are not particular worthwhile independently (the copyright owner is obviously always special for the work they did themselves). In that case, the work is probably a joint work, defined by the U.S. copyright act as a work prepared by two or more authors with the intention that their contributions be merged into inseparable or interdependent parts of a unitary whole. In a joint work, *any* author can change the license under which the work may be exploited, contrary to the folk theory that says *all* authors must agree. However, the proceeds, if any, must be divided equally among all the authors. In this case, of course, there are no proceeds. Well, I think that many would argue that such a work is a collective, rather than a joint work. In fact, it seems to me that most of the large collaborative communities are running under that assumption. ___ License-discuss mailing list License-discuss@opensource.org http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] Idea for time-dependent license, need comments
Well, I think that many would argue that such a work is a collective, rather than a joint work. In fact, it seems to me that most of the large collaborative communities are running under that assumption. A collective work is defined as a work, such as a periodical issue, anthology, or encyclopedia, in which a number of contributions, constituting separate and independent works in themselves, are assembled into a collective whole. Now maybe you could claim that an individual file constitutes a separate and independent work. But a patch? I doubt it. So you are asserting that by getting a single patch accepted into the Linux kernel that I can, under US copyright law, re-license the entire work? As long as I share any proceeds equally with all other copyright holders of course. ___ License-discuss mailing list License-discuss@opensource.org http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] proposal to revise and slightly reorganize the OSI licensing pages
I don't think that the inclusion of MPL 2.0 in any way a bad decision. My assumption is that the Steward of the MPL requested that all significant references to the the MPL be modified to point to the new version. Similarly, the original list included both the CPL and the EPL. When the CPL was deprecated in favour of the EPL, the CPL was deleted from the list. This is just minimalistic, pragmatic, and common sensical list maintenance. [I'll add something now about MPL 2.0: It was submitted for approval in early December of last year and approved within a few months, as it should have been; it is a good license. Yet it appears already on the list of OSI-approved licenses as popular, widely used, or have strong communities. Is it because there are defenders of the MPL 2.0 on the OSI board? Is that honest, fair, unbiased and legitimate?] ___ License-discuss mailing list License-discuss@opensource.org http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] BSD, MIT [was Re: Draft of new OSI licenses landing page; please review.]
-Original Message- From: license-discuss-boun...@opensource.org [mailto:license-discuss- boun...@opensource.org] On Behalf Of Luis Villa [1] The very short version of my objection to removal of MPL is that it addresses a clear need (predictable, compatible copyleft) that is not otherwise addressed. Ditto for the EPL. ___ License-discuss mailing list License-discuss@opensource.org http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] Draft of new OSI licenses landing page; please review.
Karl, So this is basically re-opening up the whole can of worms that the license proliferation committee struggled with some years back that led them to create the category License that are popular and widely used or with strong communities. Notably missing from your list are the weak copyleft licenses that are backed by large communities such as Mozilla and Eclipse. I am certainly not happy with the idea that the only license of that category which would be implicitly recommended by the OSI is the LGPL. The LGPL is not a desirable license for many (primarily commercial) adopters of open source, and in fact neither the Eclipse or Apache communities will allow it for dependencies. -Original Message- From: license-discuss-boun...@opensource.org [mailto:license-discuss- boun...@opensource.org] On Behalf Of John Cowan Sent: April-04-12 3:13 PM To: Karl Fogel; license-discuss@opensource.org Subject: Re: [License-discuss] Draft of new OSI licenses landing page; please review. Karl Fogel scripsit: So I've drafted this page: http://opensource.org/licenses-draft I think this is an excellent idea and a good first cut. I think the list of top licenses is the correct list. However, I would reorder it to GPL, Apache, BSD, MIT, LGPL rather than the current historical order. Apache is a more modern and comprehensive permissive license than BSD or MIT, even if it's not as widely used yet due to the immense number of older projects. Also, add a note about LGPL 2.1 still being in widespread use. I note that the list claims to be complete, but omits the superseded and retired licenses. I'd put those two categories, plus the non-reusable licenses, into a third list at the bottom labeled Licenses not recommended for further use. -- John Cowan http://ccil.org/~cowanco...@ccil.org Monday we watch-a Firefly's house, but he no come out. He wasn't home. Tuesday we go to the ball game, but he fool us. He no show up. Wednesday he go to the ball game, and we fool him. We no show up. Thursday was a double-header. Nobody show up. Friday it rained all day. There was no ball game, so we stayed home and we listened to it on-a the radio. --Chicolini ___ License-discuss mailing list License-discuss@opensource.org http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss ___ License-discuss mailing list License-discuss@opensource.org http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] Draft of new OSI licenses landing page; please review.
-Original Message- Apache won't allow LGPL for deps? http://www.apache.org/legal/resolved.html#category-x ___ License-discuss mailing list License-discuss@opensource.org http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] license committee
I would point out that one tangible result from the report was the deprecation of the Common Public License, in favour of the Eclipse Public License. Mike Milinkovich mike.milinkov...@eclipse.org +1.613.220.3223 -Original Message- From: Smith, McCoy mccoy.sm...@intel.com Sender: license-discuss-boun...@opensource.org Date: Fri, 9 Mar 2012 11:37:06 To: license-discuss@opensource.orglicense-discuss@opensource.org Reply-To: license-discuss@opensource.org Subject: Re: [License-discuss] license committee ___ License-discuss mailing list License-discuss@opensource.org http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss ___ License-discuss mailing list License-discuss@opensource.org http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] [License-review] CC withdrawl of CC0 from OSI process
-Original Message- A truly independent open source software developer probably has nothing to fear other than personal embarrassment. It is the larger companies, including acquirers or consolidators of open source software and the corporate users of that software, who need to undertake due diligence. For them, reading and understanding open source licenses isn't rocket science; it is merely a cost of doing software business. These companies already pay for lawyers to advise them, as they should. :-) Larry, I don't disagree with this, but I feel obliged to point out that truly independent open source softare developers sometimes make available combinations of code which violate license terms. And their work is then included in the work of others. Given the ease with which open source code can be transmitted and re-combined in today's world, the failure of one is quickly amplified by many. This leaves consumers - whether they be corporations or downstream OSS organizations - in the position of identifying and addressing their errors. I am not suggesting that there is a solution to this. I just wanted to make it clear that it is a big problem, not a small one. Unfortunately, I've never seen an attempt to collectively share the results of due diligence work, so the effort is wastefully replicated by each and every consumer. ___ License-discuss mailing list License-discuss@opensource.org http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] [License-review] CC withdrawl of CC0 from OSI process
-Original Message- I agree with you about the problem. I have repeatedly suggested that Apache do code scans on its distributed software so that every downstream customer doesn't have to do it. But we have neither the interest nor the money to deal with hypothetical problems in a volunteer environment. We exercise diligence, but it is rather ad hoc. How does Eclipse help solve the problem for its software? Larry, The Eclipse Foundation has a dedicated staff which does scans on every line of incoming code, including all third-party dependencies no matter how deeply nested. Our IP diligence process is as good as the best practices by large ISVs. You can see a high-level overview at [1] [1] http://www.eclipse.org/legal/EclipseLegalProcessPoster.pdf ___ License-discuss mailing list License-discuss@opensource.org http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] GPL and non-GPL binaries in one distribution
Mike, The answer, as always, is it depends. Have you read [1] and [2]? They capture the basic positions of both the FSF and the Eclipse Foundation. However, they do focus primarily on the plug-in scenario. [1] http://mmilinkov.wordpress.com/2010/04/06/epl-gpl-commentary/ [2] http://www.fsf.org/blogs/licensing/using-the-gpl-for-eclipse-plug-ins From: license-discuss-boun...@opensource.org [mailto:license-discuss-boun...@opensource.org] On Behalf Of Mike Steglich Sent: January-12-12 10:59 AM To: license-discuss@opensource.org Subject: [License-discuss] GPL and non-GPL binaries in one distribution Hi, Is it permitted to have a program licensed under GPLv3 and an EPL software in one binary distribution? There is no share of source code ore use of a library. The GPL binary executes the EPL binary as an external process (as a command line tool). I interpret that as an aggregate: A compilation of a covered work with other separate and independent works, which are not by their nature extensions of the covered work, and which are not combined with it such as to form a larger program, in or on a volume of a storage or distribution medium, is called an aggregate if the compilation and its resulting copyright are not used to limit the access or legal rights of the compilation's users beyond what the individual works permit. Inclusion of a covered work in an aggregate does not cause this License to apply to the other parts of the aggregate. Am I right or not? Thanks Mike ___ License-discuss mailing list License-discuss@opensource.org http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] GPL and non-GPL binaries in one distribution
I just wanted to point out that this thread has now gone quite off topic. The original question concerned bundling GPL with EPL, not GPL with proprietary code. Mike Milinkovich mike.milinkov...@eclipse.org +1.613.220.3223 -Original Message- From: David Woolley for...@david-woolley.me.uk Sender: license-discuss-boun...@opensource.org Date: Thu, 12 Jan 2012 22:58:51 To: henrik.i...@avoinelama.fi; license-discuss@opensource.org Reply-To: license-discuss@opensource.org Subject: Re: [License-discuss] GPL and non-GPL binaries in one distribution Henrik Ingo wrote: Yes. However, when referring to the GPL FAQ, I actually believe it represents the common understanding of a rather large portion of the FOSS community, not just the understanding of Stallman or perhaps Moglen. (Granted, for many it is just that they accept whatever the Whilst Rick takes the view that the law doesn't allow the FSF to achieve its objectives, and there is a bias amongst people enquiring here towards people who want to leverage GPLed code without revealing their proprietary code. My impression is that most people who use the GPL to protect their own intellectual creations actually tend to believe that the GPL protects against commercial exploitation even more than the FSF states, or would want it to do so. FSF says, for others it might be they don't want to argue with the FSF, but even so, their acceptance then contributes to the common understanding.) Hence I find it a useful though not legally authoritative document. -- David Woolley Emails are not formal business letters, whatever businesses may want. RFC1855 says there should be an address here, but, in a world of spam, that is no longer good advice, as archive address hiding may not work. ___ License-discuss mailing list License-discuss@opensource.org http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss ___ License-discuss mailing list License-discuss@opensource.org http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss
