Hello Wolfgang,
>----- Original Message ----- >From: Wolfgang Denk <w...@denx.de> >To: spdx-t...@lists.spdx.org; spdx-legal@lists.spdx.org >Cc: "Meier, Roger" <r.me...@siemens.com> >Sent: Tuesday, December 10, 2013 4:09 AM >Subject: SPDX meta-tag for implicit license terms > >Hello, > >after converting the U-Boot project to use SPDX meta-tags, we now >started working on another Open Source project; here we face a >somewhat different situation: a large number of the individual source >files do not contain any per-file license header at all. Instead, >they rerely on the fact that they inherit the global, project-wide >license as defined in the top level README and COPYING files. > >My understanding is that this is technically and legally clean as is. > >However, I see a handling problem here: the conversion of the project >to use SPDX meta-tags will probably be an incremental process, and >there will be some period of time (eventually even a long one) where >still files exist that have not been converted yet. > >I would like to define a way to mark such files where implicit >licensing applies, so that we do not have to check these again and >again. > >Of course we could insert a license tag corresponding to the actual >project-wide license, but such a modification is considered intrusive >by some of affected people. > >I think it would be better (and easier acceptable by the respective >copyright holders) to have some "neutral" SPDX meta-tag that reflects >the fact that this file inherits the project's global license terms. > >Would such a meta-tag be acceptable to the SPDX team? > >I'm still looking for a good "name" for such a tag; suggestions we >have so far include: > > SPDX-License-Identifier: implicit > > SPDX-License-Identifier: inherit > > SPDX-License-Identifier: none > > SPDX-License-Identifier: - > >Suggestions and comments welcome... I recommend we conform to the existing terms already in the specification to handle this type of ambiguity, in Section 6.5 of version 1.2 which details how the License Information In File is specified. 6.5.1 Purpose: This field contains the license information actually found in the file, if any. Any license information not actually in the file, e.g., “COPYING.txt” file in a top level directory, should not be reflected in this field. This information is most commonly found in the header of the file, although it may be in other areas of the actual file. The options to populate this field are limited to: >(a) the SPDX License List short form identifier, if the license is on the SPDX >License List; >(b) a reference to the license, denoted by LicenseRef-[idString], if the >license is not on the SPDX License List; >(c) NONE, if the actual file contains no license information whatsoever; or >(d) NOASSERTION, if the SPDX file creator has not examined the contents of the >actual file or the SPDX file creator has intentionally provided no information (no meaning should be implied by doing so). >With respect to “a” and “b” above, if license information for more than one >license is contained in the file or if the license information offers the package recipient a choice of licenses, then each of the choices should be listed as a separate entry. Where there is no license present use "NOASSERTION" is probably the best option, when the discussion has not been had with the creator. Using "NONE" when it is known to be a deliberate choice. ie. SPDX-License-Identifier: NOASSERTION or SPDX-License-Identifer: NONE Hope this helps, Kate
_______________________________________________ Spdx-legal mailing list Spdx-legal@lists.spdx.org https://lists.spdx.org/mailman/listinfo/spdx-legal
