Re: OpenLDAP license
Dave J Woolley wrote: From: Frank LaMonica [SMTP:[EMAIL PROTECTED]] I agree with you completely. BSD is one of the only software licenses that allows PEOPLE the freedom they need to establish their own business objectives. I would go even further to say that there are only three [DJW:] There are different balances. BSD favours businesses that use the software but means that the original author may not benefit as much. Open source is most likely to happen when both parties gain a benefit. Dave, The original author will never lose the ability to benefit from his or her own work. Under BSD, they may not directly benefit from additive work by other people, but that should not be the point of the initial release. BSD software is released to fulfill a need where something is lacking. The open source software is not intended to generate any revenue directly, but, if it is useful in some commercial setting, then it can be used to generate revenue there. That is a good thing! Keep in mind that if the value of the software that is opened derives from the fact that it IS open, i.e., it fills a void in an otherwise freely available, royalty free pipeline, then it will have given its full benefit to all parties. I contend that the only necessary and sufficient areas of software that derive their value from the fact that they are open source lie in the data formats, API's and OS infrastructure. Other software, that is not a part of those three areas, may have value from being open source, but it is not NECESSARY in order to maintain the most beneficial use of open source technology. On the other hand, anything that closes up any part of those three areas creates an environment that is not SUFFICIENT to maintain the benefits of open source to the industry. Regards, Frank -- --- DISCLAIMER - Any views expressed in this message are those of the individual sender, except where the sender specifically states them to be the views of BTS. -- Frank LaMonica VA Linux Systems Inc. [EMAIL PROTECTED] (512) 378-3003(512) 378-3004 fax begin:vcard n:LaMonica;Frank tel;fax:1 (512) 378-3004 tel;home:1 (512) 378-3003 tel;work:1 (512) 378-3003 x-mozilla-html:FALSE org:VA Linux Systems Inc.;Professional Services adr:;;114 South Prize Oaks Dr.;Cedar Park;TX;78613;USA version:2.1 email;internet:[EMAIL PROTECTED] x-mozilla-cpt:;26656 fn:Frank LaMonica end:vcard
RE: OpenLDAP license
From: Frank LaMonica [SMTP:[EMAIL PROTECTED]] I agree with you completely. BSD is one of the only software licenses that allows PEOPLE the freedom they need to establish their own business objectives. I would go even further to say that there are only three [DJW:] There are different balances. BSD favours businesses that use the software but means that the original author may not benefit as much. Open source is most likely to happen when both parties gain a benefit. -- --- DISCLAIMER - Any views expressed in this message are those of the individual sender, except where the sender specifically states them to be the views of BTS.
Re: OpenLDAP license
From: "David Johnson" [EMAIL PROTECTED] If the OSI decides to focus on licenses, I suggest that it will find the BSD does not encapsulate enough of the OSD to guarantee the rights the OSD seeks to enumerate. ??? But the BSD license *does* encapsulate all of these rights. Let's take the OSD from the top. #1: BSD complies #2: BSD is mute. It does not encapsulate any portion of #2. #3: BSD complies, but is weak because it does not use a copyleft mechanism to require that the right to make derived works to be carried forward to each recipient. In other words, I can take a work using the BSD, add a modification, but restrict the right to make further modifications of my modification. The BSD does not require me to license my modifications using the BSD. [ as a side note, I think this is one of the places where the OSD itself is flawed. The language of #2 should say, in my opinion: "The license must allow modifications and derived works, and must REQUIRE them to be distributed under the same terms as the license of the original software." ] #4: BSD complies #5: BSD complies #6: BSD complies #7: BSD does not comply. (BSD code could be distributed in binary-only form with completely different and more restrictive licensing terms than the BSD). #8: BSD complies #9: BSD complies So would a license that said in effect "zero restrictions, period". Such a license would have some of the same problems the BSD has. Licenses by themselves are absolutely meaningless, in the same way that deeds to property are meaningless without the property. The rights enumerated by the OSD can be secured for the public only by using a copyright license, because the default status of a work fixed in a tangible form in countries signatory to the Berne convention is "restricted by copyright". Because that is the legal default, the license must encapsulate the OSD. Otherwise, the fallback position is into a rights-limited strict copyright hostile to the ethical framework of the OSD. The term "Open Source", applied as an attribute of software, means that the software generally follows the criteria set forth in the OSD. Unfortunately, it does not. The definition of the term is subjective, not definitive. That's why "OSI Certified" is important. And since I use the BSD license myself, I will have to object to any scheme that removes that license from OSI Certification. Why? OSI Certification doesn't determine if your individual distribution is "open source" or not. Only the recipients of your work can make that determination. If you think it's important to the recipients of your work that the OSI certifies your release, then you should use a license which encapsulates the OSD. If the BSD is found not to sufficiently encapsulate the OSD (and in my opinion it does not), then the OSI should not certify it. Otherwise, in my opinion, the certification is essentially meaningless. OSI Certification should mean "the rights granted to you WILL comply with the OSD." Not "MAY" comply with the OSD. Ryan
Re: OpenLDAP license
On Fri, 13 Apr 2001, Ryan S. Dancey wrote: [ as a side note, I think this is one of the places where the OSD itself is flawed. The language of #2 should say, in my opinion: "The license must allow modifications and derived works, and must REQUIRE them to be distributed under the same terms as the license of the original software." ] You're welcome to your opinion; however, such an opinion - given the other things you have said - would presuppose that the Free Software community in general held that such a requirement was necessary for Free Software licenses, or that alternatively the Open Source community (insofar as it differs from the Free Software community) held such a view. Or else it suggests that you want to change the definition of Open Source (and possibly Free Software) to something 'better,' which is contrary to the OSI. In short, it apears that either your opinion is founded upon incorrect assumptions, or your opinion is incompatible with anything the OSI does as a representative (not leader) of the Open Source community. This disregards the technical claim that the BSD license is not Open Source. I think that, given the claim of the Free Software Foundation that the BSD license is Free Software, it follows that if the OSD excludes the BSD license, then it is in error. However, it isn't. The source code to BSD licensed software is available from well-publicized sources; it is the DERIVATIVE WORKS - with which I've dealt above - that may or may not be OSI Certified software. -- Matthew Weigel Research Systems Programmer [EMAIL PROTECTED]
Re: OpenLDAP license
on Fri, Apr 13, 2001 at 01:09:53PM +, David Johnson ([EMAIL PROTECTED]) wrote: On Friday April 13 2001 06:14 pm, Ryan S. Dancey wrote: #3: BSD complies, but is weak because it does not use a copyleft mechanism to require that the right to make derived works to be carried forward to each recipient. There's nothing in #3 that requires the the permissions to be carried forward. It doesn't say "must require", only "must allow". [ as a side note, I think this is one of the places where the OSD itself is flawed. The language of #2 should say, in my opinion: "The license must allow modifications and derived works, and must REQUIRE them to be distributed under the same terms as the license of the original software." ] Then you would have to dump out all non-copyleft licenses (as the general community defines copyleft). And you would have to through out most dual-licensed programs as well. Copyleft licenses may be the preferred licenses of the FSF, but they are not the only ones. And this isn't the FSF. There may possibly be a need in some community for a mechanism to determine the copylefted-ness or perpetualness of licenses. But that's not the purpose of the OSI. Ryan's got a view, to which he may or may not be entitled, which is at odds with the general consensus here. The point's you're making have been explained to him. I generally stop arguing when the argument starts iterating. It's iterated about three times now. Ryan *has* uncovered an interesting, and potentially significant, issue regarding the OSD, Frank Hecker's comments in this thread explore further. I'd suggest dropping this particular branch of the thread, however. Cheers. -- Karsten M. Self [EMAIL PROTECTED]http://kmself.home.netcom.com/ What part of "Gestalt" don't you understand? There is no K5 cabal http://gestalt-system.sourceforge.net/ http://www.kuro5hin.org PGP signature
Re: OpenLDAP license
Derek Seabury wrote: The MPL, for example, explicitly allows software executables to be distributed under a license other than the MPL (MPL section 3.6). So it is perfectly possible to contemplate, say, a binary Mozilla distribution being distributed under a license prohibiting redistribution of the binaries. This isn't true. MPL 1.1 section 3.2 states: Ooops. It is true... Thought I read source. So yes, you could prohibit people from distributing the binaries but allow the code to go out. And in turn, anyone who got the code could compile it and distribute the binaries freely... so it doesn't seem to be a 'very bad thing.' -- [EMAIL PROTECTED] (617)428- May 2 is Global Speech Day! Join the First-Of-Its-Kind Web Event about speech recognition technology. Hear industry experts. Access the largest volume of information ever assembled on speech -- its powerful business benefits, its future and more. Information and registration at http://www.globalspeechday.com -- [EMAIL PROTECTED] (617)428- May 2 is Global Speech Day! Join the First-Of-Its-Kind Web Event about speech recognition technology. Hear industry experts. Access the largest volume of information ever assembled on speech -- its powerful business benefits, its future and more. Information and registration at http://www.globalspeechday.com
Re: OpenLDAP license
Yes, that was our thinking. MPL source code must be available under the MPL. Once that is done, binaries can be licensed differently mitchell Derek Seabury wrote: [EMAIL PROTECTED]">Derek Seabury wrote: The MPL, for example, explicitly allows software executables to bedistributed under a license other than the MPL (MPL section 3.6). So it isperfectly possible to contemplate, say, a binary Mozilla distributionbeing distributed under a license prohibiting redistribution of thebinaries.This isn't true. MPL 1.1 section 3.2 states: Ooops. It is true... Thought I read source. So yes, you could prohibitpeople from distributing thebinaries but allow the code to go out. And in turn, anyone who got the codecould compile it anddistribute the binaries freely... so it doesn't seem to be a 'very bad thing.'--[EMAIL PROTECTED](617)428-May 2 is Global Speech Day! Join the First-Of-Its-Kind Web Event aboutspeech recognition technology. Hear industry experts. Access the largestvolume of information ever assembled on speech -- its powerful businessbenefits, its future and more. Information and registration athttp://www.globalspeechday.com--Derek.Seabury@! SpeechWorks.com(617)428-May 2 is Global Speech Day! Join the First-Of-Its-Kind Web Event aboutspeech recognition technology. Hear industry experts. Access the largestvolume of information ever assembled on speech -- its powerful businessbenefits, its future and more. Information and registration athttp://www.globalspeechday.com
Re: OpenLDAP license
On Thursday April 12 2001 10:20 pm, Ryan S. Dancey wrote: The origins of the OSD lie in the DFSG. It was an attempt to define what software was free and what was not, in the FSF meaning of the term. The OSI should continue in this course, by making the OSD an instrument to help determine if the software is Open Source or not. Most non-ideological and non-developer users don't care about the license, only the software. Can they give it to their friends or not? The OSD should be focusing on the software. OSI Certification is only a shortcut for the user to use in determining of the actual software is free and open. IMO. If the OSI decides to focus on licenses, I suggest that it will find the BSD does not encapsulate enough of the OSD to guarantee the rights the OSD seeks to enumerate. ??? But the BSD license *does* encapsulate all of these rights. So would a license that said in effect "zero restrictions, period". What right is missing? Licenses by themselves are absolutely meaningless, in the same way that deeds to property are meaningless without the property. Even the GPL by itself in meaningless outside of being a mini-manifesto of sorts. This is one reason why I don't think that license alone should determine OSD compliance. And if the OSI decides that the BSD license shouldn't be considered "OSI Certified", what would be the real harm? OSI Certified doesn't mean "Open Source", since that term was held to be un-trademarkable. That term might not be trademarkable, but it still means the same thing. The term "Open Source", applied as an attribute of software, means that the software generally follows the criteria set forth in the OSD. True, because their is no trademark, Microsoft could come along and call WinXP "open source". But so what? They already do the same with such un-trademarked terms as "secure" and "robust". And since I use the BSD license myself, I will have to object to any scheme that removes that license from OSI Certification. Since I currently distribute my software only as source code under the BSD license, my creations completely meet every definition of the OSD, and pass with flying colors. If proposed changes to the OSD would involve decertifying any software, then toss that proposal out and think of one that works. -- David Johnson ___ http://www.usermode.org
Re: OpenLDAP license
Derek Seabury wrote:
So yes, you could prohibit people from distributing the binaries but
allow the code to go out. And in turn, anyone who got the code could
compile it and distribute the binaries freely... so it doesn't seem to
be a 'very bad thing.'
And I think this potentially allows some interesting business strategies
that IMO do not necessarily violate the "spirit of open source".
For example, a business might be perfectly happy to develop and
distribute source code for its software under some open source license.
But at the same time they might wish to obtain certification (not OSI
certification) that the binary version of its software has been
verified to meet certain requirements, say that it performs 100% to
specifications under various test suites; this certification testing
might be fairly costly and time-consuming to complete, but (in this
example) there is sufficient market demand for certification that
performing the testing and being able to use the relevant certification
mark would greatly improve the marketability of the software.
By distributing the binary version of its software under a license that
prohibits redistribution, the business could ensure that people who want
this "certified" version have to get it from the business itself (or an
authorized distributor); the business could then charge a reasonable
price for that version, without worrying that others could undercut that
price by simply buying a copy of the certified binary version and then
redistributing it to other users at no charge or at a lower price.
Since the source itself would be available under a suitable open source
license (e.g., the MPL), people could create and freely distribute their
own binary versions of the software. However if they wanted to
distribute those binary versions as being "XYZ certified" then they
would have to go to the same time and trouble as the original business,
and presumably would then reflect that time and trouble in their own
pricing.
You couldn't use the GPL for such a strategy (because presumably the
binary version would be considered a derivative work and would have to
be made available under GPL terms as well), but it seems as if you could
use the MPL or non-copyleft licenses like the MIT or BSD licenses.
Now, to get back to OSI certification: Under the proposed revision to
the OSI certification requirements ("You may use the OSI Certified mark
on any software that is distributed under any license on the OSI
approved list.") the business in the example could not advertise the
binary version of the software as "OSI Certified Open Source Software",
because that binary version would not in fact be distributed "under" an
OSD-compliant license; however the business could advertise the source
version as "OSI Certified", assuming that the license for the source
code version were on the OSI-approved list.
Or at least that's how I read it...
Frank
--
Frank Heckerwork: http://www.collab.net/
[EMAIL PROTECTED]home: http://www.hecker.org/
Re: OpenLDAP license
On Thursday April 12 2001 11:33 pm, Frank Hecker wrote: You couldn't use the GPL for such a strategy (because presumably the binary version would be considered a derivative work and would have to be made available under GPL terms as well), but it seems as if you could use the MPL or non-copyleft licenses like the MIT or BSD licenses. Yes you could do it under the GPL :-) I think you're making it more confusing than it needs be. Simply have two distribution channels. One channel is Open Source and includes only the source code. The other channel is closed source and includes only the binaries. As the original author, you can do whatever you want. You are the licensor, and do not have to follow the rules of the licensee. -- David Johnson ___ http://www.usermode.org
Re: OpenLDAP license
"Ryan S. Dancey" [EMAIL PROTECTED] writes: "free software" is software that is licensed to you using terms that prohibit you from imposing a requirement of the payment of a fee on the right of recipients of the software to make copies or redistribute the software. I don't agree. The term ``free software'' normally refers to the definition used by RMS and the GNU project. They have defined what they mean by that: http://www.gnu.org/philosophy/free-sw.html This essay defines free software in terms of four essential freedoms. It then also says: ``However, certain kinds of rules about the manner of distributing free software are acceptable, when they don't conflict with the central freedoms. For example, copyleft (very simply stated) is the rule that when redistributing the program, you cannot add restrictions to deny other people the central freedoms. This rule does not conflict with the central freedoms; rather it protects them.'' Note that this is not part of the four essential freedoms. It is a way of protecting them. Further: ``In the GNU project, we use ``copyleft'' to protect these freedoms legally for everyone. But non-copylefted free software also exists.'' Ian
Re: OpenLDAP license
"Karsten M. Self" wrote: For the second time today: The program must include source code, and must allow distribution in source code as well as compiled information about form. Again, the initial (OSD-compliant) distribution must include source. The licensing terms must allow for distribution of source. The license need not *compel* distribution of source. Following an OSD-compliant distribution, downstream distributions may either be OSD-compliant or not. Not to stick my nose in the middle of this heated topic :-), but I think I see (at least a bit) what Ryan Dancey is concerned about. In fact, I'm beginning to think that he may have exposed an ambiguity in the way OSI handles certification of software as "OSI Certified Open Source Software". I think the underlying source of confusion is whether the OSD is intended to place requirements on a software license considered in isolation (i.e., as a stand-alone legal document), or rather is intended to place requirements on "distribution terms" considered in the context of a specific program and the exact manner in which it happens to be distributed. This confusion is IMO compounded by the way OSI specifies its requirements for use of the OSI certification mark. The OSD itself says that "Open source doesn't just mean access to the source code. The distribution terms of an open source program must comply with the following criteria: ..." IMO that could be interpreted either as saying that the OSD places requirements simply on the software's license (which specifies the terms under which it may be distributed) _or_ as saying that the OSD places requirements on "distribution terms" considered generally, i.e., on the manner in which a particular program (which is claimed to be "open source") is distributed. This "manner in which a program is distributed" would include the actual license terms associated with the program as distributed, but could also cover additional aspects of distribution as well, such as what is actually included in the distribution. When OSD section 2 then states "The program must include source code, ..." that to me strengthens the conclusion that the OSD is placing requirements on "distribution terms" considered generally as previously discussed, and not simply placing requirements on the software license alone. However, whether this was and is its intention or not, IMO the OSI is seen as primarily certifying _licenses_ as OSD-compliant, not "distribution terms" in this larger sense. Thus, given that the OSI has certified the BSD and MIT licenses (among others) as "approved licenses", Ryan Dancey is apparently looking to those licenses themselves to provide some guarantee that the requirements of OSD section 2 are fulfilled. Since the BSD and MIT licenses in and of themselves do not provide this guarantee, he has apparently concluded that either a) the BSD and MIT licenses are not really "OSD-compliant"; or b) the OSD is flawed in some way. I agree that this is confusing, but I also agree with your (Karsten's) implied argument: Neither (a) or (b) above is true; the seeming contradiction can be resolved by abandoning the idea that a license is "OSD-compliant" in and of itself. By "approving" a license what the OSI means to state (IMO) is that if you distribute a particular piece of software under the approved license _and_ if you take any other actions that are necessary to meet the requirements of the OSD (actions which may not be explicitly referenced by the license itself), then your "distribution terms" as a whole satisfy the OSD, and you have earned the right to call your software (as distributed by you) "open source". Thus, to return to your example, if a software product is licensed under the BSD or MIT licenses and is distributed with source code (or with an indication of how and where source can be obtained), then the "distribution terms" for that software are OSD-compliant, and the software as distributed can be referred to as open source software. On the other hand, if the same software were to be licensed under the same BSD or MIT license, but the software were distributed in binary form only, without source code and without any information on where source could obtained, then the "distribution terms" for that software would not be OSD-compliant, and the software as distributed could not be referred to as open source software. More specifically, since the OSI is not really enforcing use of the term "open source" itself but rather use of its "OSI Certified" mark, if a company were to distribute software in this manner and use the OSI certification mark in promoting the software, then presumably the action of distributing BSD- or MIT-licensed software in binary-only form would be in violation of the terms under which OSI permits people to use its mark. However I note that the opensource.org web site is not at all clear about this. For example, the "Approved Licenses" page says "If you distribute your
Re: OpenLDAP license
On Wednesday April 11 2001 11:46 pm, Frank Hecker wrote: However I note that the opensource.org web site is not at all clear about this. For example, the "Approved Licenses" page says "If you distribute your software under one of these licenses, you are permitted to say that your software is 'OSI Certified Open Source Software.'" It contains no mention of any explicit requirement to include source code. Okay, I see what you're getting at, and thus what Ryan was getting at. Some of our assumptions on "what is Open Source" might not match the actual thing itself. My assumption, at least, was that the OSI Certification Mark was applied to the software, and not the license. Yes, the OSI specifically says that it is certifying the software, but it as a practical matter it only certifies licenses. Interestingly enough, definition number two is the only definition that doesn't use the work "license". I wouldn't change the OSD at all. But I would make it so that the software itself had to comply with the OSD, and not merely its license. How exactly to do this is another matter. One possible solution is to add to the list of requirements for using the Certification Mark. The distribution must either include the source code or include with the notice the sentence " the source code for this product is available for no more than a reasonable reproduction cost". Just a possibility... In fact, just for fun, let's say that if anyone asks me "where's the source code", I reply "Oh, you can get that. All you need to do is to send me $1M and a self-addressed envelope, and I'll send you a copy of the source." Again, were I to do this, on what grounds could OSI prevent me from continuing to use its certification mark to promote my software? And what's wrong with that? If you can somehow demonstrate that the $1M is reasonable, go for it! (If that's what M$ charges, a court could very well agree with you) But the source code has to come with the same terms as the binary. In fact, this is what the FSF does, though not quite so extravagently. Go price out the GNU Source Code CD-ROM set. Source code only. At $280, I don't consider that very reasonable. But that's my opinion. -- David Johnson ___ http://www.usermode.org
Re: OpenLDAP license
On Tuesday April 10 2001 05:05 am, Ryan S. Dancey wrote: It seems axiomatic to me that any license seeking to comply with the OSD must have explicit instructions detailing the responsibility of each party to the license (meaning anyone who distributes the software) to make the source available when they redistribute the code. You are describing copyleft. Not all Open Source software (nor Free Software) is copyleft. Copyleft demands that all instances of the program be free/open by requiring the distribution of source code under certain conditions. But other kinds of free/open software exists. The MIT, BSD, and presumable the OpenLDAP, licenses are what is known as "unrestricted" licenses. These licenses have no requirements that the source code be made available. Because of this, certain derivatives of these program might not be Open Source. But the status of a derivative does not affect the status of the original. The fact that numerous OSI approved licenses do not address this issue seems to me to be a fundamental failing on the part of the OSI certification process and indicates that a top-down review of the process and the standards of certification should be undertaken. The purpose of the OSI is not to certify copyleft licenses, but licenses that grant the recipient certain rights and permissions. Either that, or the OSD should be modified by deleting Item #2 in its entirety. It seems to me to be a binary choice: Either #2 is enforced in the certification process, or it is removed from the definition. Having it in the OSD, but not requiring OSI certified licenses to implement it's terms seems hypocritical. That definition is indeed enforced, make no mistake. I think you are just misinterpreting it. My opinion is that the OSD reflects the ethical position put forward by the champions of Free Software, and that it represents their intent as to what should and should not be considered "Open Source". The FSF argues from an ethical position while the OSI argues from a pragmatic position. That their conclusions are the same is illustrative. If you wish to argue ethical positions, talk to the FSF. But you will quickly find that the FSF, RMS and the entire Free Software Movement (they spell is capitalized) agree that unrestricted licenses like MIT, BSD and Apache are indeed 100% Free Software licenses. You'll find that the FSF does not argue in favor of copyleft on the basis of ethics, but rather on pragmatics. They may consider unrestricted licenses to be suboptimal, misguided, and even silly, but you will never hear them call unrestricted licenses unethical or immoral. Is Microsoft Windows open source? If you're one of Microsoft's 1,000 biggest customers, they'll give you the source code to Windows. Sure, 60 million people don't have the source, but some people do, and that seems sufficient to comply with this interpretation of OSD #2. Windows is not Open Source, because even after you have paid the megabucks to get the source code, you still can distribute or modify it. -- David Johnson ___ http://www.usermode.org
Re: OpenLDAP license
From: "Ian Lance Taylor" [EMAIL PROTECTED] My opinion is that the OSD reflects the ethical position put forward by the champions of Free Software, and that it represents their intent as to what should and should not be considered "Open Source". You probably didn't mean it as such, but that is actually a somewhat politicized statement in the insular politics of the free software and open source communities. You are correct, and I apologize. I did not mean to make a political (or impolitic) statement. Quoting from the OSD page itself, this is what I meant to say: "We think the Open Source Definition captures what the great majority of the software community originally meant, and still mean, by the term "Open Source"." To me, this is the credo of the OSD. If we are to support the OSD, then the OSD should capture what the great majority of the software community means by the term "Open Source", and I suggest that for the great majority of the software community (in addition to many other things) "Open Source" means "binary-only distributions are unacceptable." The two relevant statements are ``The program must include source code'' and ``binary-only redistribution is acceptable.'' Here is what I see. I see a requirement in the OSD that source code MUST be provided with binaries. Then I see a specific exception provided that requires the distributor of the code, if a binary-only distribution is made, to make the source available in a "well publicized manner". If the OSI wants to keep to this concept that licenses which allow binary-only distributions meet the OSD, then I think the OSD should be changed. First, the first sentence of #2 has got to go. Either you must include source, or its optional. If its optional, say so. If it's not optional and the OSI really means you must include the source, then take out the verbiage about not including source and don't certify licenses which permit binary-only distribution. Worst case, change the word "must" to "should". Second, I think that the OSD should require specific language in a certified license that explains what "well publicized means of obtaining the source code" is. I note that many of the current OSI certified licenses (especially the BSD varients) are completely moot on this topic. How can a license that does not discuss how to get the source comply with a requirement that the license ensure that the source be available in a "well publicized" manner? Specifically, I call your attention to the italicized comment in #4: "Accordingly, an open-source license MUST guarantee that the source is readily available..." Care to explain what part of the BSD license guarantees that the source will be readily available? As such, the OSD was written to define what was and was not open source software. I'm not comfortable describing the OSD as an ethical position. I have tremendous respect for you sir, and have found your postings on this list to be uniformly excellent in logic and content. However, I cannot read the italicized comments between the sections of the OSD, which contain phrases like "users have a right to know who is responsible for the software they use", and "Distributors of open-source software have the right to make their own choices about their own software." without drawing the conclusion that the OSD codifies a set of ethical principles. Discussions of rights are inextricably linked to discussions of ethics. I must therefore disagree with your interpretation of the content of the OSD. It is as much an ethical framework as the Declaration of Independence is. And like the Declaration which heavily influenced the contents of the Constitution which resulted from it, the OSD has to acknowledge that the ethical framework it espouses will be encapsulated in the licenses it inspires. Ryan
Re: OpenLDAP license
You are describing copyleft. Not all Open Source software (nor Free Software) is copyleft. A copyleft is a legal mechanism of using a copyright license to require that anyone who distributes a covered work must grant a license to the recipient of that work with the same terms as the original license. It has nothing to do with source code. I have authored a copyright license which uses a copyleft to enable the distribution and modification of roleplaying game rules without any reference to software of any kind. Copyleft is a way of perpetuating copyright license terms forward to all future recipients of the covered work. Combined with a clause restricting modification of the copyright license, it creates an unchanging standard set of rights that one inherits when one receives a copy of the covered work. A "strong" copyleft forbids combining work licensed using the strong copyleft with work that does not to create a derivative work. Using a "strong" copyleft, one is given the choice of either making the whole work compatible with the strong copyleft license, or forgoing the use of those parts which cannot use the strong copyleft license. The GPL is a "strong" copyleft because it has this requirement, not because it requires the free distribution of sourcecode. the entire Free Software Movement (they spell is capitalized) agree that unrestricted licenses like MIT, BSD and Apache are indeed 100% Free Software licenses. "free software" is software that is licensed to you using terms that prohibit you from imposing a requirement of the payment of a fee on the right of recipients of the software to make copies or redistribute the software. The FSF argues that the BSD license is "free software" (free as in beer). It also points out that the license does nothing to guarantee that it is "Free Software" (free as in speach). It is very careful to say that the BSD license is compatible with the GPL (because the BSD license really doesn't do much at all) - which is not the same as saying that the BSD license is interchangeable with the GPL. You cannot take something licensed using the GPL, toss the GPL, and distribute it using just the BSD. It is "compatible" with the GPL because it does not affect any of the rights the GPL seeks to secure. It is a "free software license" because it does not require the payment of a fee for the right to make and distribute copies of the software. The FSF argues that using a non-strong copyleft license is less than optimal because doing so removes the pressure (in the form of the strong-copyleft) on future developers to make their code Free as well. It admits that using software licensed to you as free software, essentially regardless of the terms, is ethical within the framework of the Free Software Foundation because your Freedom has not been abridged - and if you change the terms of the license or release a binary-only version to other people, then you are the problem, not the original license terms. Ryan
Re: OpenLDAP license
From: "David Johnson" [EMAIL PROTECTED] "Accordingly, an open-source license MUST guarantee that the source is readily available..." But it does not say that the source must be made available for every distribution. It says the license MUST guarantee that the source is readily available. Thus, the license MUST have a term which describes this guarantee. Because if the license does not have such a term, then the license does not guarantee anything. Ryan
Re: OpenLDAP license
on Mon, Apr 09, 2001 at 10:38:41PM -0700, Ryan S. Dancey ([EMAIL PROTECTED]) wrote: This is the case of the Berkeley license, for example. The Berkeley license is OSD-compliant. However, anybody who receives a legal copy of code under the Berkeley license may redistribute it themselves under different terms. In particular, the Berkeley license permits binary-only redistribution. So my question remains: Is the OSD as written too specific regarding its requirement that the source code be commonly and easily available to recipients of the software? My opinion is that the OSD reflects the ethical position put forward by the champions of Free Software, and that it represents their intent as to what should and should not be considered "Open Source". I hate to sound like a nag, but I just can't reconcile "The program must include source code" with "a binary-only distribution is acceptable." You're reading and quoting with difficulty. For the second time today: The program must include source code, and must allow distribution in source code as well as compiled information about form. Again, the initial (OSD-compliant) distribution must include source. The licensing terms must allow for distribution of source. The license need not *compel* distribution of source. Following an OSD-compliant distribution, downstream distributions may either be OSD-compliant or not. E.g.: releasing software with sources under the GNU GPL is OSD compliant, and all downstream releases will be complaint. E.g.: releasing software with sources under the MIT license is OSD compliant, however downstream releases may or may not be compliant (the MIT license doesn't compell source availability, however it *permits* this). -- Karsten M. Self [EMAIL PROTECTED]http://kmself.home.netcom.com/ What part of "Gestalt" don't you understand? There is no K5 cabal http://gestalt-system.sourceforge.net/ http://www.kuro5hin.org PGP signature
Re: OpenLDAP license
What does clause #6 mean? What is "due credit"? I could argue that "due credit" is a crisp US$100 bill, mailed to my home address. There's nothing in the license that says the code and derivative works therefrom must be governed exclusively by the license. (All you have to do is provide a copy of the license. You don't necessarily have to follow the license.) The license does not require that the source code be distributed with binaries. (That means it doesn't comply with OSD #2.) Ryan
Re: OpenLDAP license
on Mon, Apr 09, 2001 at 04:22:48PM -0700, Ryan S. Dancey ([EMAIL PROTECTED]) wrote: What does clause #6 mean? What is "due credit"? I could argue that "due credit" is a crisp US$100 bill, mailed to my home address. I agree this clause is vague. However, I would interpret it to mean "acknowledgement". Though whether this would be akin to the old BSD advertising clause is uncertain. Not that this violates OSD. There's nothing in the license that says the code and derivative works therefrom must be governed exclusively by the license. (All you have to do is provide a copy of the license. You don't necessarily have to follow the license.) See also the IBMPSL. Not a requirement for OSI certification. The license does not require that the source code be distributed with binaries. (That means it doesn't comply with OSD #2.) Wrong. OSD #2 requires that the license *allow* source distribution. It doesn't *mandate* source distribution. Ryan -- Karsten M. Self [EMAIL PROTECTED]http://kmself.home.netcom.com/ What part of "Gestalt" don't you understand? There is no K5 cabal http://gestalt-system.sourceforge.net/ http://www.kuro5hin.org PGP signature
Re: OpenLDAP license
OSD #2: "The program must include source code, and must allow distribution in source code as well as compiled form. " And if "due credit" means "money", it violates #1 as well. Ryan
Re: OpenLDAP license
On Monday April 09 2001 11:22 pm, Ryan S. Dancey wrote: The license does not require that the source code be distributed with binaries. (That means it doesn't comply with OSD #2.) Not at all. Neither the MIT nor BSD licenses demand distribution of the sources, but they are still Open Source. The sources only need to be available, either with the distribution, or on a website, etc. Note that the OSD does not require that all incarnations of a package be Open Source forever until the end of time. It only requires that the copy in your hands be Open Source. -- David Johnson ___ http://www.usermode.org
Re: OpenLDAP license
On Tuesday April 10 2001 02:40 am, Ryan S. Dancey wrote: OSD #2: "The program must include source code, and must allow distribution in source code as well as compiled form. " You forget to add: "Where some form of a product is not distributed with source code, there must be a well-publicized means of obtaining the source code for no more than a reasonable reproduction cost-preferably, downloading via the Internet without charge." Since this license appears on the very same site where I can download the source code, it counts. I haven't searched thoroughly, but I suspect that the documentation gives a location where to get the source code if it isn't clear enough. The specific instance of the program must have available source code. But not *all* instances of the program need to have the source code available. Open Source != Copyleft. If OpenLDAP disqualifies as Open Source because of this, then we'll have to throw out about a third of the OSI approved licenses. And if "due credit" means "money", it violates #1 as well. It's pretty clear that "due credit" in this context refers to attribution. Although this isn't on the OSI list of approved licenses yet, I suspect that it will be. There is nothing here that I can see that would disqualify it. -- David Johnson ___ http://www.usermode.org
Re: OpenLDAP license
From: "David Johnson" [EMAIL PROTECTED] Since this license appears on the very same site where I can download the source code, it counts. It seems axiomatic to me that any license seeking to comply with the OSD must have explicit instructions detailing the responsibility of each party to the license (meaning anyone who distributes the software) to make the source available when they redistribute the code. The proposed license could remedy this by adding a sentence to Section 2 stating that the source code must accompany any binary distribution, or instructions must be provided to each recipient of a binary-only distribution on how to request the source code or locate it on the internet. The fact that numerous OSI approved licenses do not address this issue seems to me to be a fundamental failing on the part of the OSI certification process and indicates that a top-down review of the process and the standards of certification should be undertaken. The OSD specifically calls for a "well publicized means of obtaining the source code", and I believe that in order to qualify as an OSI certified license, the license should explicitly state a mechanism for obtaining the source code. Anything else is external to the license and thus beyond the control of the law, and thus beyond the intent of the OSD. Therefore, my opinion is that the OSI certified licenses which do not comply with that need should be de-certified until such time as they do. Either that, or the OSD should be modified by deleting Item #2 in its entirety. It seems to me to be a binary choice: Either #2 is enforced in the certification process, or it is removed from the definition. Having it in the OSD, but not requiring OSI certified licenses to implement it's terms seems hypocritical. Note that the OSD does not concern itself with matters "understood" by others, or "common knowledge". It specifically concerns itself with "The distribution terms of open-source software". Thus, each and every item on the OSD list should be encapsulated by the licenses which seek to implement it, and should be a requirement for OSI certification. To me, this is the single most important aspect of the whole OSI effort. If we are not to champion free and easily accessible source code as a primary mandate of the organization, then we should shut the organization down and go back to explaining the difference between free speech and free beer along with every copy of the software we distribute. Without source, there is no Open Source. And if "due credit" means "money", it violates #1 as well. It's pretty clear that "due credit" in this context refers to attribution. I couldn't tell if you were kidding or not about this item. Clearly, "due credit" is an unacceptably vague term to use in an Open Source software license, which will be subjected (if tested) to the most critical of dissections should the issue ever be litigated. "Due credit" is a vague term that is essentially undefined - meaning that someone downstream could claim that it means whatever the heck they want it to mean. Including "you must pay me $100 dollars per copy for redistributing my code." If the drafter of the license means "All redistributions of the code must include a public acknowledgement that the work is based on materials derived from code created by the OpenLDAP Foundation" then that is what the license should say. Otherwise, the term is at best irrelevant, and at worst a potential OSD #1 conflict. Part of the point of submitting licenses to this list is to get feedback about them and help to improve them based on the shared community experience in dealing with the concept of Open Source and Free Software. I'm frankly surprised at the seemingly hostile tone of the responses I received to my feedback. Ryan
Re: OpenLDAP license
"Ryan S. Dancey" [EMAIL PROTECTED] writes: It seems axiomatic to me that any license seeking to comply with the OSD must have explicit instructions detailing the responsibility of each party to the license (meaning anyone who distributes the software) to make the source available when they redistribute the code. No. A license can comply with the OSD without requiring that redistribution of the code comply with the OSD. This is the case of the Berkeley license, for example. The Berkeley license is OSD-compliant. However, anybody who receives a legal copy of code under the Berkeley license may redistribute it themselves under different terms. In particular, the Berkeley license permits binary-only redistribution. Ian
Re: OpenLDAP license
This is the case of the Berkeley license, for example. The Berkeley license is OSD-compliant. However, anybody who receives a legal copy of code under the Berkeley license may redistribute it themselves under different terms. In particular, the Berkeley license permits binary-only redistribution. So my question remains: Is the OSD as written too specific regarding its requirement that the source code be commonly and easily available to recipients of the software? My opinion is that the OSD reflects the ethical position put forward by the champions of Free Software, and that it represents their intent as to what should and should not be considered "Open Source". I hate to sound like a nag, but I just can't reconcile "The program must include source code" with "a binary-only distribution is acceptable." What is the point of Open Source then? Is Microsoft Windows open source? If you're one of Microsoft's 1,000 biggest customers, they'll give you the source code to Windows. Sure, 60 million people don't have the source, but some people do, and that seems sufficient to comply with this interpretation of OSD #2. Ryan
Re: OpenLDAP license
"Ryan S. Dancey" [EMAIL PROTECTED] writes: So my question remains: Is the OSD as written too specific regarding its requirement that the source code be commonly and easily available to recipients of the software? I'm not sure I entirely understand the question, but I think the answer is no: the OSD is not too specific. Software under an open source license must include source code. But there is no such requirement on redistributors of open source software. The GPL is an example of open source software, but it is not the only example. My opinion is that the OSD reflects the ethical position put forward by the champions of Free Software, and that it represents their intent as to what should and should not be considered "Open Source". You probably didn't mean it as such, but that is actually a somewhat politicized statement in the insular politics of the free software and open source communities. The OSI is an organization formed to convince the business world to use open source software. As such, the OSD was written to define what was and was not open source software. I'm not comfortable describing the OSD as an ethical position. On the other hand, the OSD is closely based on and may be identical to the Debian Free Software Guidelines: http://www.debian.org/social_contract#guidelines These guidelines describe what software the Debian Project considers to be free. I think it would be reasonable to describe the DFSG as an ethical position. Obviously, I'm splitting hairs here. But just such hair-splitting is the cause of significant political disagreements. Now, I'm not sure who you mean by the champions of free software. The OSI is clearly the champion of open source software. Whether open source software is the same as free software is a matter of debate, in the sense that some people consider them to be identical while others consider them to be different. I think it is clear that the GNU project is a champion of free software, though perhaps not the only one. For the GNU project's take on open source software, see: http://www.gnu.org/philosophy/free-software-for-freedom.html For that matter, note that the GNU project considers the Berkeley license to be free software: http://www.gnu.org/philosophy/license-list.html I hate to sound like a nag, but I just can't reconcile "The program must include source code" with "a binary-only distribution is acceptable." You're right, those two statements can not be reconciled. However, nobody is proposing them. The two relevant statements are ``The program must include source code'' and ``binary-only redistribution is acceptable.'' Is Microsoft Windows open source? If you're one of Microsoft's 1,000 biggest customers, they'll give you the source code to Windows. Sure, 60 million people don't have the source, but some people do, and that seems sufficient to comply with this interpretation of OSD #2. No. You are ignoring the conjunctive clause in OSD #2: ``must allow distribution in source code as well as compiled form.'' Note that this says ``allow;'' it does not say ``require.'' Ian
