Having more of a think on this - It may be more appropriate for Rob to talk to the “Free Public License” folks. Rob - your thoughts?
Cheers, Jilayne > > On Tue, Dec 08, 2015 at 06:56:09AM -0500, Richard Fontana wrote: >> Hi Jilayne, >> >> No but that was my thought as well after reading Rob's response. I >> will check. >> >> Thanks, >> Richard >> >> >> On Tue, Dec 08, 2015 at 08:16:15AM +0000, J Lovejoy wrote: >>> Richard, >>> >>> Has anyone from OSI gone back to the folks who submitted the “Free Public >>> License” and ask if they mind or care if the name that Rob prefers is used >>> instead of the one they suggested? Seems like that could potentially be an >>> easy solution. >>> >>> Jilayne >>> >>> SPDX Legal Team co-lead >>> opensou...@jilayne.com >>> >>> >>>> On Dec 8, 2015, at 6:17 AM, Rob Landley <r...@landley.net> wrote: >>>> >>>> The tl;dr of this whole email is "I humbly ask SPDX to retain both its >>>> original long and short names for zero clause BSD as the only SDPX >>>> approved name for this license". >>>> >>>> On 12/07/2015 01:56 PM, Richard Fontana wrote: >>>>> On Mon, Dec 07, 2015 at 07:30:18PM +0000, J Lovejoy wrote: >>>>> 3) While I have no inherent problem with the name 'Zero Clause BSD >>>>> License', it does bother me that the name has 'BSD' in it but the >>>>> license text is not clearly descended from the BSD license family. >>>> >>>> "I have no problem, and here it is..." >>>> >>>>> In this sense both the name and the identifier are flawed. There is no >>>>> parallelism between the Zero Clause BSD License and the well-known >>>>> 3-clause and 2-clause BSD licenses. I would probably not be objecting >>>>> to the identifier if it were '0ISC' rather than '0BSD' because the >>>>> Zero Clause BSD License is a stripped-down ISC license, not a >>>>> stripped-down BSD license. >>>> >>>> So you still haven't looked back at the SPDX approval process for zero >>>> clause BSD and noticed they raised that objection then, and got an answer? >>>> >>>> http://lists.spdx.org/pipermail/spdx-legal/2015-June/001457.html >>>> >>>> If the association between this license and ISC was important, why >>>> didn't OSI's name for it mention ISC instead of making up a new name? >>>> >>>> This is not the only public domain license derived from BSD licenses in >>>> the wild. Here's one that did it by cutting down (I think, they don't >>>> bother to specify) FreeBSD's license: >>>> >>>> http://openwall.info/wiki/john/licensing >>>> >>>> And that page links to another project using a variant that cut it down >>>> a different way (also removing the virality but keeping the disclaimer). >>>> Lots of people have done this lots of ways over the years. >>>> >>>> And yet despite the many possible starting and ending points to strip >>>> licenses down to public domain variants, OSI approved _exactly_ the same >>>> text I chose. Which wasn't even submitted to OSI until a month after >>>> SPDX published their decision to approve it, a year after Android merged >>>> it, and two and a half years after I'd publicly started using it on a >>>> project that Linux Weekly News has covered multiple times. >>>> >>>> Not noticing _me_ is understandable, although it's not like I was being >>>> quiet about it (unless you consider giving licensing talks ala >>>> https://archive.org/download/OhioLinuxfest2013/24-Rob_Landley-The_Rise_and_Fall_of_Copyleft.mp3 >>>> and http://2014.texaslinuxfest.org/content/rise-and-fall-copyleft.html >>>> and such to be "quiet"). >>>> >>>> I could even understand not noticing what Android was doing, although >>>> the rest of the industry seems to be paying attention. (The android >>>> command line is not a peripheral part of android, I got invited to Linux >>>> Plumber's to talk about this a couple months back, >>>> https://linuxplumbersconf.org/2015/ocw/proposals/2871 and yes I went >>>> over the licensing aspect at length in that talk and oh look, >>>> https://lwn.net/Articles/657139/ not only covers my talk by they linked >>>> to my license page, using my license's name as the link text. September >>>> 14 is 2 weeks after the submission OSI acted upon, so presumably right >>>> during OSI's analysis period?) >>>> >>>> OSI failing to notice any of that doesn't surprise me. But OSI didn't >>>> notice what _SPDX_ was doing, despite claiming to want to use SPDX >>>> identifiers and thus having pretty much a DUTY to keep up there, and is >>>> now asking SPDX to change to accommodate the results. >>>> >>>> That's the part I don't get. >>>> >>>> P.S. The JTR "BSD-like" license above recently came back to my attention >>>> because although it was initially introduced just for new code (in an >>>> otherwise GPLv2 project), a few days ago they started a concerted effort >>>> to clean out their existing codebase so it can all go under this public >>>> domain "BSD" license: >>>> >>>> http://www.openwall.com/lists/john-users/2015/12/04/2 >>>> >>>> I.E. This GPL->PD trend is ongoing, and likely to continue for the >>>> foreseeable future. That's why it's been a big enough issue for me to >>>> keep talking about it at conferences for almost three years now. >>>> >>>> I seem to be unusually careful in how I handle licensing for an open >>>> source developer, but people who _haven't_ been a plaintiff in multiple >>>> GPL enforcement suits and who weren't hired as a consultant by IBM's >>>> lawyers to help defend against the SCO lawsuit and _don't_ respond to >>>> people like Bruce Perens with https://busybox.net/~landley/forensics.txt >>>> are generally doing this stuff in a much more ad-hoc way that >>>> intentionally keeps lawyers as far away as possible. So legal groups may >>>> not be promptly hearing directly about it from them, but the return to >>>> public domain licensing isn't exactly a new issue out in the community. >>>> >>>>> 4) Since I am coming at this from a viewpoint that is biased in favor >>>>> of the name of the license as submitted to the OSI, I can only object >>>>> to the idea that OSI should be expected to apply the identifier '0BSD' >>>>> to a license called the Free Public License 1.0.0. >>>> >>>> By the time this license was submitted to OSI, SPDX had already >>>> published its decision to approve it under the original BSD Zero Clause >>>> name a month and change earlier, Android had merged it the previous >>>> year, and I'd been publicly using it for 2 and 1/2 years in a project >>>> covered on multiple occasions by Linux Weekly news. >>>> >>>> Suggesting that SPDX amend an established decision predating the >>>> _submission_ OSI acted upon (let alone OSI's approval process), entirely >>>> because OSI did not do its homework, is not a comforting precedent. >>>> >>>> Until this all instances of this particular license being cut down in >>>> this particular way that I was aware of traced back to my doing so. >>>> Other people have cut down plenty of other licenses in other ways for >>>> this purpose, there are lots of starting and stopping points for a >>>> "public domain license". I was trying to come up with one that corporate >>>> legal departments could standardize on and that github could offer in >>>> its dropdown, and felt the OpenBSD license text best served my purpose >>>> there. I also emphasized that it was an existing license with half a >>>> sentence removed as part of this sales pitch. >>>> >>>> Perhaps the wording and the timing of OSI's submission, with >>>> approximately the same sales pitch as I gave in my talks and wrote up on >>>> my website, are just coincidences. I don't care about plagiarism or >>>> attribution here. What I am annoyed by is that SPDX's approval of the >>>> license I've been using for years under the name I've been using for >>>> years is now _retroactively_ threatened by OSI's actions. SPDX refusing >>>> to approve it would have been their right. (And given they already have >>>> https://spdx.org/licenses/Unlicense.html and >>>> https://spdx.org/licenses/CC0-1.0.html would even have been >>>> understandable.) >>>> >>>> OSI coming along after the fact and going "oh, we renamed a license that >>>> already exists, didn't even start the process until well after your >>>> decision was published, so clearly YOU should change" is just disturbing. >>>> >>>>> 5) For some time there's been some desire on the part of the OSI to >>>>> make use of the SPDX identifiers, and you can see evidence of this on >>>>> the OSI website. But I think with the Free Public License 1.0.0 and >>>>> also the recently-approved eCos License version 2.0 this policy has >>>>> reached a breaking point. In the case of eCos we can't seriously be >>>>> expected to entertain use of a short identifier that is longer than >>>>> the name of the license. >>>> >>>> Great, eCos already broke your policy, moot point then. You can stop >>>> expecting 100% correspondence on every license now and just use the ones >>>> you find convenient. Glad we could resolve this. >>>> >>>> (You're the one who brought it up...?) >>>> >>>>>> We endeavor not to change the short identifiers unless there is an >>>>>> extremely compelling reason and users of the SPDX License List (of >>>>>> which there are many) rely on us to not make such changes unnecessarily. >>>>>> I’m not sure I see the compelling reason here, especially when, as >>>>>> Rob has now told us, part of the reason he submitted the license >>>>>> to be on the SPDX License List was as per the request of a large >>>> company using the SPDX short identifiers. >>>>> >>>>> I'm not suggesting that the identifier be changed, >>>> >>>> I also would like to avoid the SPDX identifier(s) changing. >>>> >>>>> but rather that two identifiers be adopted, each being considered >>>>> equally official in an SPDX sense. >>>> >>>> Oh please no. >>>> >>>> First, two names for the same thing blunts the marketing pitch. Second, >>>> the venn diagram of "programmers who want something with Free in the >>>> name" and "programmers who want to get as far away from copyleft as >>>> possible" is basically two discrete circles. Attaching part of the Free >>>> Software Foundation's name on this license would be detrimental to what >>>> I'm trying to accomplish (increasing acceptance of public domain >>>> licensing and migrating github users off of "no license specified"). >>>> >>>>> Ultimately, the issue isn't too important, >>>> >>>> If it doesn't affect what SPDX does, I agree. >>>> >>>>> but I simply can't bring >>>>> myself to use "0BSD" on the OSI website in the manner in which other >>>>> SPDX short identifiers have now been used. >>>> >>>> Then... don't use it? >>>> >>>> OSI failed to notice that SPDX had already approved a nearly identical >>>> license a month and change before OSI even received its submission. I >>>> noticed the approval over a month before your license's submission date >>>> by checking SPDX's public spreadsheet of upcoming license approvals. >>>> >>>> That OSI did _not_ do this, despite OSI's desire to use SPDX >>>> identifiers, was a failure on OSI's part. You've brought up eCos to >>>> indicate that this is not a unique failure. >>>> >>>> I don't see how resolving the resulting conflict is SPDX's problem? >>>> >>>>>> We do have some flexibility with the full name, which would be reasonably >>>>>> to change to something like, "BSD Zero Clause / Free Public License >>>> 1.0.0” >>>>>> (clunky, perhaps) and then also add a note as Richard did explaining the >>>>>> similarity-yet-name-variation-possibility. >>>> >>>> Richard Stallman has spent well over a decade attempting to associate >>>> "free software" with copyleft. If you google for "free public software" >>>> the first hit is http://www.gnu.org/philosophy/categories.en.html (and >>>> if you add "license" the first hit is the FSF's GPLv3 page). This is not >>>> a neutral term when discussing licenses. >>>> >>>> I'd really rather ignore OSI entirely than explain that after zero >>>> clause bsd had been in use for years, after it had been merged into >>>> android and tizen, and after SPDX had published a decision to approve >>>> it, OSI randomly accepted the same license under a different and >>>> misleading name because this guy https://github.com/christianbundy said >>>> so and OSI didn't do its homework. (Ok, that photo with the caption >>>> "this guy" would make an entertaining slide, but entertaining damage >>>> control is still damage control.) >>>> >>>> But I doubt it will come up if SPDX leaves the existing names in place. >>>> I was asked to submit this license to SPDX because people care about >>>> that. Nobody ever asked me to submit it to OSI. >>>> >>>> Rob >>> > _______________________________________________ > Spdx-legal mailing list > Spdx-legal@lists.spdx.org > https://lists.spdx.org/mailman/listinfo/spdx-legal SPDX Legal Team co-lead opensou...@jilayne.com _______________________________________________ Spdx-legal mailing list Spdx-legal@lists.spdx.org https://lists.spdx.org/mailman/listinfo/spdx-legal
