AW: [PATCH] USB: add SPDX identifiers to all files in drivers/usb/

[Fendt, Oliver]

Hi,

great to see this direction of development.
This will are least clarify all the files which carry nothing expect the Marko
MODUL_LICENSE("GPL");
Because one of the interesting questions is "is this a legally binding 
expression of licensing?"

Ciao
Oliver

-Ursprüngliche Nachricht-
Von: spdx-boun...@lists.spdx.org [mailto:spdx-boun...@lists.spdx.org] Im 
Auftrag von Philippe Ombredanne
Gesendet: Donnerstag, 19. Oktober 2017 20:28
An: SPDX-legal; spdx-t...@lists.spdx.org; SPDX-general
Betreff: Fwd: [PATCH] USB: add SPDX identifiers to all files in drivers/usb/

FYI:
In case you missed it: SPDX identifiers have landed in kernel land...
Read the whole thread at https://patchwork.kernel.org/patch/10016189/
And as a side effect, some new patches elsewhere are coming in with SPDX 
identifiers right in!
--
Cordially
Philippe Ombredanne

-- Forwarded message --
From: Greg Kroah-Hartman 
Date: Thu, Oct 19, 2017 at 10:38 AM
Subject: [PATCH] USB: add SPDX identifiers to all files in drivers/usb/
To: linux-...@vger.kernel.org
Cc: linux-ker...@vger.kernel.org, Thomas Gleixner , Kate 
Stewart , Philippe Ombredanne 


It's good to have SPDX identifiers in all files to make it easier to audit the 
kernel tree for correct licenses.  This patch adds these identifiers to all 
files in drivers/usb/ based on a script and data from Thomas Gleixner, Philippe 
Ombredanne, and Kate Stewart.

Cc: Thomas Gleixner 
Cc: Kate Stewart 
Cc: Philippe Ombredanne 
Signed-off-by: Greg Kroah-Hartman 
---
Unless someone really complains, I'm going to add this to my tree for 4.15-rc1.


diff --git a/drivers/usb/Makefile b/drivers/usb/Makefile index 
9650b351c26c..cb8d902b801d 100644
--- a/drivers/usb/Makefile
+++ b/drivers/usb/Makefile
@@ -1,6 +1,7 @@
 #
 # Makefile for the kernel USB device drivers.
 #
+# SPDX-License-Identifier: GPL-2.0

 # Object files in subdirectories

[] long diff of 600 files removed for brevity...
___
Spdx mailing list
s...@lists.spdx.org
https://lists.spdx.org/mailman/listinfo/spdx
___
Spdx-legal mailing list
Spdx-legal@lists.spdx.org
https://lists.spdx.org/mailman/listinfo/spdx-legal

AW: Request new license list exception: SW-only-exception.

[Fendt, Oliver]

Hi Jilayne,

this "exception" defines in my Opinion the scope of the License as the 
copyright owner sees it. I would handle this "excpetion" in the similar way 
like the " Exception" of Linus Torvalds and of Uboot and of Jailhouse an all 
the others.
Here the Exception of Linus Torvalds

   NOTE! This copyright does *not* cover user programs that use kernel
services by normal system calls - this is merely considered normal use
of the kernel, and does *not* fall under the heading of "derived work".
Also note that the GPL below is copyrighted by the Free Software
Foundation, but the instance of code that it refers to (the linux
kernel) is copyrighted by me and others who actually wrote it.


How are these "Exceptions" handled in SPDX?

Ciao
Oliver
Von: spdx-legal-boun...@lists.spdx.org 
[mailto:spdx-legal-boun...@lists.spdx.org] Im Auftrag von opensou...@jilayne.com
Gesendet: Donnerstag, 3. Dezember 2015 08:47
An: Sam Ellis
Cc: SPDX-legal (spdx-legal@lists.spdx.org)
Betreff: Re: Request new license list exception: SW-only-exception.

Hmmm... I could almost see this being added as a new license altogether or and 
exception (to BSD-3-Clause).  Anyone have strong feelings on whether it should 
be one or the other?

Jilayne


On Nov 25, 2015, at 6:59 PM, Sam Ellis 
> wrote:


Hi,

I'd like to ask for a new license exception to be considered for addition to 
the SPDX license list.

The exception text is:

The license below extends only to copyright in the software and shall
not be construed as granting a license to any other intellectual
property including but not limited to intellectual property relating
to a hardware implementation of the functionality of the software
licensed hereunder.  You may use the software subject to the license
terms below provided that you ensure that this notice is replicated
unmodified and in its entirety in all distributions of the software,
modified or unmodified, in source code or in binary form.

This is usually found prefixed in front of a BSD license. It is found 
extensively in the gem5 open source project, and here is an example of 
use:http://repo.gem5.org/gem5/file/021524c21cbc/src/cpu/exec_context.cc

As for a possible names, how about "SW-only-exception" short form, and 
"Software-Only Exception" full form?
IMPORTANT NOTICE: The contents of this email and any attachments are 
confidential and may also be privileged. If you are not the intended recipient, 
please notify the sender immediately and do not disclose the contents to any 
other person, use it for any purpose, or store or copy the information in any 
medium. Thank you. ___
Spdx-legal mailing list
Spdx-legal@lists.spdx.org
https://lists.spdx.org/mailman/listinfo/spdx-legal

___
Spdx-legal mailing list
Spdx-legal@lists.spdx.org
https://lists.spdx.org/mailman/listinfo/spdx-legal

Additions /Clarifications to GPL and other licenses

[Fendt, Oliver]

Hi Team,

sorry for another question regarding SPDX and its mapping to the world.
From time to time you find additional statements from the copyright holders 
regarding their view about the scope of the GPL. Since these are statements 
from the copyright holders I regard them as relevant license information. I 
want to provide two examples:

1.   Linux Kernel: probably all of you know the statement of Linus Torvalds:

“   NOTE! This copyright does *not* cover user programs that use kernel

services by normal system calls - this is merely considered normal use

of the kernel, and does *not* fall under the heading of derived work.

Also note that the GPL below is copyrighted by the Free Software

Foundation, but the instance of code that it refers to (the Linux

kernel) is copyrighted by me and others who actually wrote it.



Also note that the only valid version of the GPL as far as the kernel

is concerned is _this_ particular version of the license (ie v2, not

v2.2 or v3.x or whatever), unless explicitly otherwise stated.”



Which is  right in the beginning of the COPYING file.





2.   Jailhouse (which is a hypervisor for Linux and it is licensed under 
GPL-2.0 and the following clarification)



This copyright does not cover applications or operating systems that run inside 
hypervisor cells, also if they use hypervisor services by normal hypercalls. 
This is considered normal use of the hypervisor and is not a derived work.

-   
   GNU GENERAL PUBLIC LICENSE
   ….

My questions are how are the Clarifications handled in SPDX? Is the Linux 
Kernel licensed under GPL-2.0 or under GPL-2.0-with-clarification (I know that 
this currently does not exist).
If the Linux Kernel is regarded to be licensed under GPL-2.0 how is the 
clarification to be handled in SPDX? In my opinion it must not be neglected.
The same questions apply to all other such clarifications

Thanks for your patience

Ciao

Oliver

Siemens AG
Corporate Technology
CT BE OP SWI OSS
Otto-Hahn-Ring 6
81739 München, Deutschland
Tel.: +49 89 636-46033
mailto:oliver.fe...@siemens.com
Von: spdx-legal-boun...@lists.spdx.org 
[mailto:spdx-legal-boun...@lists.spdx.org] Im Auftrag von J Lovejoy
Gesendet: Donnerstag, 7. August 2014 03:25
An: SPDX-legal
Betreff: SugarCRM license

Hi All,

In preparing the SPDX License List v1.20 for release, I noticed an oddity with 
the SugarCRM License, v1.1.3 http://spdx.org/licenses/SugarCRM-1.1.3

The license text here, http://www.sugarcrm.com/page/sugarcrm-public-license/en 
(which is where we got the license text from for the SPDX data), is slightly 
different than what we had for the license in the current (v1.19) version of 
the SPDX License List - the version at the url currently does not have the 
definition for “Commercial Use” and it also has some sub-sections out of 
numerical or alphabetical order.  I did not do a complete merge-and-compare of 
the substantive text, as the differences were enough such that it would fail as 
a match with our version.  Since the license version number is the same and 
there is no other signs of a new version or license update, I updated the .txt 
file for v1.20 to match the text contained on the url.  I have no idea why 
there was a mismatch, as this was a license that has been on the SPDX License 
List since early iterations.  If someone wants to do further research on this 
issue (maybe by starting with contacting SugarCRM?), that would be very much 
appreciated.

I’m also attaching the v1.19 .txt file of the license text for reference.

Jilayne
SPDX Legal Team co-lead
opensou...@jilayne.commailto:opensou...@jilayne.com

___
Spdx-legal mailing list
Spdx-legal@lists.spdx.org
https://lists.spdx.org/mailman/listinfo/spdx-legal

AW: question regarding the information to be provided in case of files containing a license text

[Fendt, Oliver]

Hi Jilayne,

sorry for answering so late.
I'll try to be more precise.
I have attached the COPYING file of my tar scenario. The file contains for sure 
the text of the GPL-3.0. But it is _not_ licensed under GPL-3.0, it is licensed 
under Everyone is permitted to copy and distribute verbatim copies of this 
license document, but changing it is not allowed. (as you can see in line 5 
and 6 of the file) Due to this  in my opinion this should result in the 
following information for the file COPYING.txt:

LicenseInfoInFile= GPL-3.0
LicenseInfoInFile: LicenseRef-1

LicenseConcluded: LicenseRef-1


And LicenseRef-1 (since I did not find it in the SPDX License list)
Everyone is permitted to copy and distribute verbatim copies of this license 
document, but changing it is not allowed.

Is it more clear now?

My second example deals with the same problem asking, what kind of information 
do I have to provide if I have a license text in a file and there is not 
information on how the text itself is licensed (like the Boost Software License 
1.0, see my second example and my second attachement)
What has to be provided in SPDX for this file BSL-1.0.txt

LicenseInfoInFile= BSL-1.0

LicenseConcluded: ??

What terms of use for the Boost Software License itself? Is the Boost Software 
License itself licensed under the Boost Software License 1.0 (this could be 
assumed because the text says ...accompanying documentation covered by
this license (the Software)... so one can think that the text of the Boost 
Software License is available under the terms and conditions of the Boost 
Software License. But is this really the case)?

I hope I was more clear and precise

Regards
Oliver
Von: J Lovejoy [mailto:opensou...@jilayne.com]
Gesendet: Dienstag, 29. Juli 2014 17:39
An: Fendt, Oliver
Cc: SPDX-legal
Betreff: Re: question regarding the information to be provided in case of files 
containing a license text

Hi Oliver,

If I understand the scenario you describe below (which I'd agree is quite 
common), which is: you have a COPYING.txt file at the top-level directory that 
contains the full text of a license, in this case, GPL-3.0; and then you have a 
bunch of files in sub-directories that have no actual license info, then the 
SPDX info at the file level (see Section 6 of the spec), would look something 
like this:

For the COPYING.txt file:
6.5 License Information in File = GPL-3.0 - use the short identifier because 
you should have gotten an exact match on GPL-3.0
6.4 Concluded License = GPL-3.0 - for obvious reason!

For the other files in the sub-directory:
6.5 License Information in File = NONE - assuming there is no license 
information in the individual files; no header for GPLv3, nothing.
6.4 Concluded License = GPL-3.0
6.6 Comments on License = The concluded license was taken from the package 
level that the file was included in. This information was found in the 
COPYING.txt file in the xyz directory. - this is actually the exact example in 
the spec itself for this section!

Does that make sense?

I'm not sure why you come up with Distribute_No_Modifications - if the 
license is GPLv3, then you'd identify it in the SPDX file using the short 
identifier, GPL-3.0 as per the instructions in the spec and the SPDX License 
List.

Jilayne

SPDX Legal Team co-lead
opensou...@jilayne.commailto:opensou...@jilayne.com

On Jul 29, 2014, at 8:26 AM, Fendt, Oliver 
oliver.fe...@siemens.commailto:oliver.fe...@siemens.com wrote:


Hi all,

sorry for the cryptic subject, but perhaps you can help me.

When doing package analysis with FOSSology or other tools we often find files 
which contain a license text (e.g. usually the file COPYING contains the text 
of the GPL) my question is what kind of value has to be provided in the  
Concluded License in the file context?
As an example:
In the root directory of the package tar version 1.2.7  you find a file 
COPYING. Content of the file is the text of the GPL-3.0. So the file is 
obviously licensed under  Everyone is permitted to copy and distribute 
verbatim copies of this license document, but changing it is not allowed. 
Which might end up in a name like (Distribute_No_Modifications) (Btw. Is this 
license element of the SPDX license list? I think it would be worth to have it 
since many files are under this license :)).
So the concluded license element for the file COPYING  has the value 
Distribute_No_Modifications in this example and not GPL-3.0, which is quite 
clear.

But what about the following example
In the root directory of the package Boost version 1.55 you find a file 
LICENSE_1_0.txt. Content of the file is the text of the Boost Software License 
- Version 1.0. But no information is available how the file itself is licensed. 
 So my question is what value to provide in the  concluded license element 
for the file? In my opinion it can't be the Boost software license (since there 
is no hint that the text of the Boost Software License is licensed under the 
Boost

question regarding the information to be provided in case of files containing a license text

[Fendt, Oliver]

Hi all,

sorry for the cryptic subject, but perhaps you can help me.

When doing package analysis with FOSSology or other tools we often find files 
which contain a license text (e.g. usually the file COPYING contains the text 
of the GPL) my question is what kind of value has to be provided in the  
Concluded License in the file context?
As an example:
In the root directory of the package tar version 1.2.7  you find a file 
COPYING. Content of the file is the text of the GPL-3.0. So the file is 
obviously licensed under  Everyone is permitted to copy and distribute 
verbatim copies of this license document, but changing it is not allowed. 
Which might end up in a name like (Distribute_No_Modifications) (Btw. Is this 
license element of the SPDX license list? I think it would be worth to have it 
since many files are under this license :)).
So the concluded license element for the file COPYING  has the value 
Distribute_No_Modifications in this example and not GPL-3.0, which is quite 
clear.

But what about the following example
In the root directory of the package Boost version 1.55 you find a file 
LICENSE_1_0.txt. Content of the file is the text of the Boost Software License 
- Version 1.0. But no information is available how the file itself is licensed. 
 So my question is what value to provide in the  concluded license element 
for the file? In my opinion it can't be the Boost software license (since there 
is no hint that the text of the Boost Software License is licensed under the 
Boost Software license). Do you have an idea?

I think it that this is a very common problem and probably was raised already, 
sorry that I missed the solution.

Thanks in advance

Oliver


___
Spdx-legal mailing list
Spdx-legal@lists.spdx.org
https://lists.spdx.org/mailman/listinfo/spdx-legal

question regarding the information porvided in the SPDX license list

[Fendt, Oliver]

Hi Team,

I checked the license list because I was searching for the GNU Free 
Documentation License 1.3 or any later version. I did not find an entry 
GFDL-1.3+, due to that I checked the information provided under 
http://spdx.org/licenses/GFDL-1.3

I found the text of the GFDL-1.3 and below the text of the license there is the 
Standard License Header. The text the standard license header contains is

Permission is granted to copy, distribute and/or modify this document
under the terms of the GNU Free Documentation License, Version 1.3
or any later version published by the Free Software Foundation;
{{with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts.
A copy of the license is included in the section entitled GNU
Free Documentation License.}}

In my opinion this would be the standard license header for GFDL-1.3+ and not 
for GFDL-1.3 (as called in the license list)
In my opinion the Standard License Header for GFDL-1.3 should be:

Permission is granted to copy, distribute and/or modify this document
under the terms of the GNU Free Documentation License, Version 1.3 published by 
the Free Software Foundation;
{{with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts.
A copy of the license is included in the section entitled GNU
Free Documentation License.}}

The same applies to GFDL-1.1, GFDL-1.2.
It would be nice if you can provide me with some hints how to solve this 
issue because in the files in the OSS packages the Standard License Header 
of GFDL-1.3+

I hope I was able to explain the problem :)

regards

Oliver Fendt

Siemens AG
Corporate Technology
CT BE OP SWI OSS
Otto-Hahn-Ring 6
81739 München, Deutschland
Tel: +49 89 636-46033
Fax: +49  89  636-48100
mailto:oliver.fe...@siemens.com

Siemens Aktiengesellschaft: Vorsitzender des Aufsichtsrats: Gerhard Cromme; 
Vorstand: Joe Kaeser, Vorsitzender; Roland Busch, Klaus Helmrich, Hermann 
Requardt, Siegfried Russwurm, Ralf P. Thomas; Sitz der Gesellschaft: Berlin und 
München, Deutschland; Registergericht: Berlin Charlottenburg, HRB 12300, 
München, HRB 6684; WEEE-Reg.-Nr. DE 23691322


___
Spdx-legal mailing list
Spdx-legal@lists.spdx.org
https://lists.spdx.org/mailman/listinfo/spdx-legal

AW: New license request

[Fendt, Oliver]

Hi Jilayne, hi Tom

Thank you for the feedback.
I will try to make it to be in the telco.

This is a very interesting discussion. From a practical point of view  we need 
a standard to provide license and copyright information of 3rd party software. 
Further it would be wonderful if there is one place where one can find a 
complete collection of (OSS) licenses. It would be great if we can use SPDX one 
day in future for the declaration of 3rd party software no matter whether the 
3rd party software is OSS or not. This would really make live a lot easier. Of 
course I understand that this is part of the open compliance program and not 
part of a 3rd party software compliance program. But  I think that the 
standard is powerful enough to serve both OSS (which is a special case of third 
party software) and other 3rd party software .

Thanks
Oliver
Von: Tom Incorvia [mailto:tom.incor...@microfocus.com]
Gesendet: Donnerstag, 6. März 2014 13:39
An: J Lovejoy
Cc: Fendt, Oliver; SPDX-legal
Betreff: RE: New license request

Hi Jilayne,

Thanks for pointing out the possible flexibility in the license list; Oliver, 
thanks again for taking the time to submit this license.  I'll be on the call 
today - great if you could join us in the discussion.

With regards to the contributions need not be in source code form, I was 
referring to section G: Binary Code Files - The software may include certain 
binary code files for which its source code is not included as part of the 
software, or that are packaged without the source code in an installable or 
executable package. As to these binary code files, unless applicable law gives 
you more rights despite this limitation, you must comply with all technical 
limitations in those files that only allow you to use it in certain ways. You 
may not modify, work around any technical limitations in, or reverse engineer, 
decompile or disassemble these binary code files, except and only to the extent 
that applicable law expressly permits, despite this limitation.

Thanks,

Tom

Tom Incorvia; tom.incor...@microfocus.commailto:tom.incor...@microfocus.com; 
O: (512) 340-1336; M: (215) 500 8838; Shoretel (Internal): X27015
From: J Lovejoy [mailto:opensou...@jilayne.com]
Sent: Wednesday, March 05, 2014 8:17 PM
To: Tom Incorvia
Cc: Oliver Fendt; SPDX-legal
Subject: Re: New license request

Hi Oliver, Tom,

Just to clarify on Tom's points - the normal process is to review based on the 
OSD as a starting point, although for a license to be on the SPDX License List, 
it does not need to strictly adhere to the OSD (see more info here, in 
particular, the bit under Candidate License Analysis 
http://spdx.org/spdx-license-list/license-list-overview)

So, thanks to Oliver for his submission and to Tom for beginning the process 
via email (we do need more of that...) and surely the discussion will continue 
on the next legal call, which is tomorrow (hint hint)!

Tom, I'm not entirely clear what you mean by 'contributions need not be in 
source code form - which section are you referring to?

Oliver, I can't remember what time zone you are in, but if you can join the 
call tomorrow, that would be helpful for the discussion, I'm sure.  It's at 1pm 
ET and the dial-in info is:
Call this number: (United States) 1-415-363-0849
Enter this PIN: 336247
Alternative Numbers: http://www.yuuguu.com/audio

Cheers,
Jilayne

SPDX Legal Team co-lead
opensou...@jilayne.commailto:opensou...@jilayne.com

On Mar 5, 2014, at 2:56 PM, Tom Incorvia 
tom.incor...@microfocus.commailto:tom.incor...@microfocus.com wrote:

Hello Fendt,

I have been out of the SPDX mix for a while, but I believe that this license 
would not be considered an open source license based on theOSI 
criteriahttp://opensource.org/osd-annotated - this license is used by 
Microsoft for certain free distributions (for instance, the Microsoft Parallel 
Computing Platform).  However, these distributions have restrictions:

-  Contributions need not be in source code form
-  The license grants are limited to Microsoft platforms
-  Reverse engineering of binary files is prohibited (except where 
local law expressly permits)

I worked with SPDX for several years, and contributions like this are valued.  
If you are interested in contributing as a team member, please communicate with 
Philip Odence 
pode...@blackducksoftware.commailto:pode...@blackducksoftware.com, to 
determine which team would be the best fit - we are always looking for 
individuals who are involved in licensing.

Thanks,

Tom Incorvia
Tom Incorvia; tom.incor...@microfocus.commailto:tom.incor...@microfocus.com; 
O: (512) 340-1336; M: (215) 500 8838; Shoretel (Internal): X27015
From: 
spdx-legal-boun...@lists.spdx.orgmailto:spdx-legal-boun...@lists.spdx.org 
[mailto:spdx-legal-boun...@lists.spdx.org] On Behalf Of Fendt, Oliver
Sent: Wednesday, March 05, 2014 10:31 AM
To: spdx-legal@lists.spdx.orgmailto:spdx-legal@lists.spdx.org
Subject: New license request

Hi

AW: AW: New license request

[Fendt, Oliver]

Hi Phil,

thank you for the feedback. I understand that you want to focus right now on 
Open Source although the Creative Commons Attribution Non Commercial 1.0 and 
following versions as well as Creative Commons Attribution Non Commercial No 
Derivatives 1.0 and following versions are in the list and which are in my 
opinion _not_ OSD compliant. But I'm not a lawyer.

Regards
Oliver

Von: Philip Odence [mailto:pode...@blackducksoftware.com]
Gesendet: Donnerstag, 6. März 2014 14:39
An: Fendt, Oliver; Tom Incorvia; Jilayne Lovejoy
Cc: spdx-legal@lists.spdx.org
Betreff: Re: AW: New license request

Oliver,
What you say makes conceptual sense and perhaps we might go there some day 
with the license list. At this point in order to do a good job with the 
resources we have we have decided to say focused on open source, although we 
have let that definition go beyond the 67 or so licenses that the OSI has 
approved. So, your request is a reasonable one.
I will point out, just in case you are not aware, that there is a mechanism in 
the spec for handling licenses that are not on the list. Essentially you can 
create an addendum to the license list locally to the particular SPDX doc and 
in that define other licenses (by including the text) and associated short 
names for use in that SPDX doc.
Phil
L. Philip Odence
Vice President of Corporate and Business Development
Black Duck Software, Inc.
8 New England Executive Park, Suite 211, Burlington MA 01803
Phone: 781.810.1819, Mobile: 781.258.9502
Skype: philip.odence
pode...@blackducksoftware.commailto:pode...@blackducksoftware.com
http://www.blackducksoftware.comhttp://www.blackducksoftware.com/
http://twitter.com/podence
http://www.linkedin.com/in/podence
http://www.networkworld.com/community/odence (my blog)



From: Fendt, Oliver 
oliver.fe...@siemens.commailto:oliver.fe...@siemens.com
Date: Thu, 6 Mar 2014 13:17:33 +
To: Tom Incorvia 
tom.incor...@microfocus.commailto:tom.incor...@microfocus.com, Jilayne 
Lovejoy opensou...@jilayne.commailto:opensou...@jilayne.com
Cc: spdx-legal@lists.spdx.orgmailto:spdx-legal@lists.spdx.org 
spdx-legal@lists.spdx.orgmailto:spdx-legal@lists.spdx.org
Subject: AW: New license request

Hi Jilayne, hi Tom

Thank you for the feedback.
I will try to make it to be in the telco.

This is a very interesting discussion. From a practical point of view  we need 
a standard to provide license and copyright information of 3rd party software. 
Further it would be wonderful if there is one place where one can find a 
complete collection of (OSS) licenses. It would be great if we can use SPDX one 
day in future for the declaration of 3rd party software no matter whether the 
3rd party software is OSS or not. This would really make live a lot easier. Of 
course I understand that this is part of the open compliance program and not 
part of a 3rd party software compliance program. But  I think that the 
standard is powerful enough to serve both OSS (which is a special case of third 
party software) and other 3rd party software .

Thanks
Oliver
Von: Tom Incorvia [mailto:tom.incor...@microfocus.com]
Gesendet: Donnerstag, 6. März 2014 13:39
An: J Lovejoy
Cc: Fendt, Oliver; SPDX-legal
Betreff: RE: New license request

Hi Jilayne,

Thanks for pointing out the possible flexibility in the license list; Oliver, 
thanks again for taking the time to submit this license.  I'll be on the call 
today - great if you could join us in the discussion.

With regards to the contributions need not be in source code form, I was 
referring to section G: Binary Code Files - The software may include certain 
binary code files for which its source code is not included as part of the 
software, or that are packaged without the source code in an installable or 
executable package. As to these binary code files, unless applicable law gives 
you more rights despite this limitation, you must comply with all technical 
limitations in those files that only allow you to use it in certain ways. You 
may not modify, work around any technical limitations in, or reverse engineer, 
decompile or disassemble these binary code files, except and only to the extent 
that applicable law expressly permits, despite this limitation.

Thanks,

Tom

Tom Incorvia; tom.incor...@microfocus.commailto:tom.incor...@microfocus.com; 
O: (512) 340-1336; M: (215) 500 8838; Shoretel (Internal): X27015
From: J Lovejoy [mailto:opensou...@jilayne.com]
Sent: Wednesday, March 05, 2014 8:17 PM
To: Tom Incorvia
Cc: Oliver Fendt; SPDX-legal
Subject: Re: New license request

Hi Oliver, Tom,

Just to clarify on Tom's points - the normal process is to review based on the 
OSD as a starting point, although for a license to be on the SPDX License List, 
it does not need to strictly adhere to the OSD (see more info here, in 
particular, the bit under Candidate License Analysis 
http://spdx.org/spdx-license-list/license-list-overview)

So, thanks to Oliver for his submission and to Tom for beginning the process 
via

New license request

[Fendt, Oliver]

Hi all,

We have found a license which is currently not available in the SPDX license 
list and I did not find it in the list licenses under consideration,  due to 
this I want to request that it will be included in the SPDX license list.
Please find below the required information for inclusion. The information 
provided by me is marked with [Oliver]

Thanks in advance. Please contact me if there are questions.

Provide a proposed Full Name for the license.
[Oliver] Microsoft patterns  practices License

Provide a proposed License Short Identifier.
 [Oliver]  MSPPL

Provide a functioning URL reference to the license text, either from the 
license author or a community recognized source for the license text.
[Oliver] http://msdn.microsoft.com/en-us/library/gg405489(v=pandp.40).aspx

Create and attach a text file with the license text from the URL provided in 
#3. Proofread license text file to ensure that:
[Oliver]

Indicate whether the license is OSI-approved [Yes/No]
[Oliver] No

Provide a short explanation regarding the need for this license to be included 
on the License List, including identifying at least one program that uses this 
license or a prior version of this license.
[Oliver] this license is used quite frequently in the context of the 
programming language C#

Please contact me if you need further information.

Regards

Oliver

Microsoft patterns  practices License


This license governs use of the accompanying software. If you use the software, 
you accept this license. If you do not accept the license, do not use the 
software.

1. Definitions

The terms reproduce, reproduction, derivative works, and distribution 
have the same meaning here as under U.S. copyright law.

A contribution is the original software, or any additions or changes to the 
software.

A contributor is any person that distributes its contribution under this 
license.

Licensed patents are a contributor's patent claims that read directly on its 
contribution.

2. Grant of Rights

(A) Code

* Copyright Grant- Subject to the terms of this license, including the license 
conditions and limitations in section 3, each contributor grants you a 
non-exclusive, worldwide, royalty-free copyright license to reproduce its 
contribution, prepare derivative works of any contribution for which source 
code is provided, and distribute its contribution or any permitted derivative 
works that you create.

* Patent Grant- Subject to the terms of this license, including the license 
conditions and limitations in section 3, each contributor grants you a 
non-exclusive, worldwide, royalty-free license under its licensed patents to 
make, have made, use, sell, offer for sale, import, and/or otherwise dispose of 
its contribution in the software or permitted derivative works of the 
contribution in the software.

(B) Documentation

* Documentation is governed by the Creative Commons Attribution License 3.0, a 
copy of which is attached below, and not by the other terms of this Microsoft 
patterns  practices license.

3. Conditions and Limitations

(A) No Trademark License - This license does not grant you rights to use any 
contributors' name, logo, or trademarks.

(B) If you bring a patent claim against any contributor over patents that you 
claim are infringed by the software, your patent license from such contributor 
to the software ends automatically.

(C) If you distribute any portion of the software, you must retain all 
copyright, patent, trademark, and attribution notices that are present in the 
software.

(D) If you distribute any portion of the software in source code form, you may 
do so only under this license by including a complete copy of this license with 
your distribution. If you distribute any portion of the software in compiled or 
object code form, you may only do so under a license that complies with this 
license.

(E) The software is licensed as-is. You bear the risk of using it. The 
contributors give no express warranties, guarantees or conditions. You may have 
additional consumer rights under your local laws which this license cannot 
change. To the extent permitted under your local laws, the contributors exclude 
the implied warranties of merchantability, fitness for a particular purpose and 
non-infringement.

(F) Platform Limitation - The licenses granted in section 2(A) extend only to 
the software or permitted derivative works that you create that run directly on 
a Microsoft Windows operating system product, Microsoft run-time technology 
(such as the .NET Framework or Silverlight), or Microsoft application platform 
(such as Microsoft Office or Microsoft Dynamics).

(G) Binary Code Files - The software may include certain binary code files for 
which its source code is not included as part of the software, or that are 
packaged without the source code in an installable or executable package. As to 
these binary code files, unless applicable law gives you more rights despite 
this limitation, you must 

AW: SPDX meta-tag for implicit license terms

[Fendt, Oliver]

Hi,

As far as I under stood the standard one would express this kind of association 
(file without license information - is assumed to be licensed under the 
conluded license of the package) with the following elements on file level:
LicenseInfoInFile: NONE
License concluded: SPDX Identifier of the concluded license of the package

Would it be possible to transfer the information from the SDPX file to the 
package. Meaning that those files will receive (or better to say: these files 
will be modified with) the Strings:
LicenseInfoInFile: NONE
License concluded: SPDX Identifier of the concluded license of the package

This is just a suggestion

Best Regards 
Oliver Fendt

Siemens AG
Corporate Technology
Corporate Standards  Guidance
CT CSG SWI OSS
Otto-Hahn-Ring 6
81739 München, Deutschland
Tel: +49 89 636-46033
mailto:oliver.fe...@siemens.com


-Ursprüngliche Nachricht-
Von: spdx-tech-boun...@lists.spdx.org [mailto:spdx-tech-boun...@lists.spdx.org] 
Im Auftrag von Wolfgang Denk
Gesendet: Dienstag, 10. Dezember 2013 11:10
An: spdx-t...@lists.spdx.org; spdx-legal@lists.spdx.org
Betreff: SPDX meta-tag for implicit license terms

Hello,

after converting the U-Boot project to use SPDX meta-tags, we now started 
working on another Open Source project; here we face a somewhat different 
situation:  a large number of the individual source files do not contain any 
per-file license header at all.  Instead, they rerely on the fact that they 
inherit the global, project-wide license as defined in the top level README and 
COPYING files.

My understanding is that this is technically and legally clean as is.

However, I see a handling problem here:  the conversion of the project to use 
SPDX meta-tags will probably be an incremental process, and there will be some 
period of time (eventually even a long one) where still files exist that have 
not been converted yet.

I would like to define a way to mark such files where implicit licensing 
applies, so that we do not have to check these again and again.

Of course we could insert a license tag corresponding to the actual 
project-wide license, but such a modification is considered intrusive by some 
of affected people.

I think it would be better (and easier acceptable by the respective copyright 
holders) to have some neutral SPDX meta-tag that reflects the fact that this 
file inherits the project's global license terms.

Would such a meta-tag be acceptable to the SPDX team?

I'm still looking for a good name for such a tag; suggestions we have so far 
include:

SPDX-License-Identifier: implicit

SPDX-License-Identifier: inherit

SPDX-License-Identifier: none

SPDX-License-Identifier: -

Suggestions and comments welcome...

Best regards,

Wolfgang Denk

-- 
DENX Software Engineering GmbH, MD: Wolfgang Denk  Detlev Zundel
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
Phone: (+49)-8142-66989-10 Fax: (+49)-8142-66989-80 Email: w...@denx.de There 
is a time in the tides of men, Which, taken at its flood, leads
on to success. On the other hand, don't count on it.   - T. K. Lawson
___
Spdx-tech mailing list
spdx-t...@lists.spdx.org
https://lists.spdx.org/mailman/listinfo/spdx-tech
___
Spdx-legal mailing list
Spdx-legal@lists.spdx.org
https://lists.spdx.org/mailman/listinfo/spdx-legal