We have never agreed to limit our work to any organization's particular definition of "open source". We agreed from the beginning of SPDX that our goal was to facilitate exchange of license information about software packages with a focus on open source, not a limitation to any definition of open source. And we have always used "open source" in the broader context - the reality is that this is now a general term in the industry.
Perhaps a better way to think about the rules for adding to the License List is to state that the license must be "public" in order to include it. We can surely update the License List documentation to explain the purpose and scope a bit better without losing the point that we are currently focused on licenses that are under the "big tent" definition of "open source". It may make sense to track some specific definitions like "OSI-approved", but we cannot limit the List to rules from any particular org and keep the overall value of SPDX moving forward. Regards, Michael Michael J Herzog Mobile +1 650 380 0680 DejaCode Enterprise at http://www.dejacode.com nexB Inc. at http://www.nexb.com CONFIDENTIALITY NOTICE: This e-mail (including attachments) may contain information that is proprietary or confidential. If you are not the intended recipient or a person responsible for its delivery to the intended recipient, do not copy or distribute it. Please permanently delete the e-mail and any attachments, and notify us immediately at (650) 380-0680. On Thu, Mar 31, 2016 at 8:50 AM, <spdx-legal-requ...@lists.spdx.org> wrote: > Send Spdx-legal mailing list submissions to > spdx-legal@lists.spdx.org > > To subscribe or unsubscribe via the World Wide Web, visit > https://lists.spdx.org/mailman/listinfo/spdx-legal > or, via email, send a message with subject or body 'help' to > spdx-legal-requ...@lists.spdx.org > > You can reach the person managing the list at > spdx-legal-ow...@lists.spdx.org > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of Spdx-legal digest..." > > > Today's Topics: > > 1. RE: New License/Exception Request: BSD-3-Clause-NoNuclear > (Eric Weddington) > 2. Re: New License/Exception Request: BSD-3-Clause-NoNuclear > (Brad Edmondson) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Thu, 31 Mar 2016 15:31:59 +0000 > From: Eric Weddington <eric_wedding...@trimble.com> > To: Tom Vidal <tvi...@agmblaw.com>, "Wheeler, David A" > <dwhee...@ida.org> > Cc: "spdx-legal@lists.spdx.org" <spdx-legal@lists.spdx.org> > Subject: RE: New License/Exception Request: BSD-3-Clause-NoNuclear > Message-ID: > < > 76afcbb19e3e64478543c5586adebf2e1cc06...@usd-mbx-02.trimblecorp.net> > Content-Type: text/plain; charset="us-ascii" > > Where SPDX is at now, is that it says one thing, but does another. > > Yes, the website says that the SPDX License List is a list of "commonly > found open source licenses". But if we're going to talk about restriction > use then it's too late. The list already has these: > > CC-BY-NC-1.0 > CC-BY-NC-2.0 > CC-BY-NC-2.5 > CC-BY-NC-3.0 > CC-BY-NC-4.0 > CC-BY-NC-ND-1.0 > CC-BY-NC-ND-2.0 > CC-BY-NC-ND-2.5 > CC-BY-NC-ND-3.0 > CC-BY-NC-ND-4.0 > CC-BY-NC-SA-1.0 > CC-BY-NC-SA-2.0 > CC-BY-NC-SA-2.5 > CC-BY-NC-SA-3.0 > CC-BY-NC-SA-4.0 > > The Non Commercial clause of the Creative Commons is a clear restriction > of use. > > If SPDX wants to be pedantic about only having open source licenses, then > there is no reason for them to exist. I can just go get the list from OSI, > or whatever the FSF has. > > The value, to me, that SPDX has is that it lists common licenses, that > also happen to include all the Open Source licenses too. They list a > superset. > > The SPDX is not the OSI, or the FSF, and should never aim to be. Change > the website language to read "commonly found licenses, including open > source". > > I very much appreciate the "wider tent" that SPDX is aiming for. > > Eric Weddington > > From: spdx-legal-boun...@lists.spdx.org [mailto: > spdx-legal-boun...@lists.spdx.org] On Behalf Of Tom Vidal > Sent: Thursday, March 31, 2016 8:02 AM > To: Wheeler, David A > Cc: spdx-legal@lists.spdx.org > Subject: Re: New License/Exception Request: BSD-3-Clause-NoNuclear > > <trimmed> > > So, should we add it or not? I can appreciate the arguments on either > side of the question. Both sides make quality points. Because this is so > plainly non-open, I lean on not including it. I acknowledge Tom's point > that our inclusion guidelines do not require strict compliance. But use > restrictions are pretty black and white in my mind. As Daniel pointed out > (point 3 from his earlier email), SPDX has a mechanism to allow anybody to > maintain SDPX info of non-FOSS licenses. > > > At some point in time, maybe SPDX's mission will expand to be able to > enable maintenance of all licenses such that it can be used to create a > comprehensive bill of materials for all licenses in a package--open, > proprietary, and whatever lies in between. But that is not where we are > now. > > > * * * * * * * * * * * * > THV > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: < > http://lists.spdx.org/pipermail/spdx-legal/attachments/20160331/5d0a6280/attachment-0001.html > > > > ------------------------------ > > Message: 2 > Date: Thu, 31 Mar 2016 11:50:06 -0400 > From: Brad Edmondson <brad.edmond...@gmail.com> > To: "spdx-legal@lists.spdx.org" <spdx-legal@lists.spdx.org> > Subject: Re: New License/Exception Request: BSD-3-Clause-NoNuclear > Message-ID: > <CABeA0Yi9= > 78womvakkrs+nkrio5l+pqjpo96boydkfqehrj...@mail.gmail.com> > Content-Type: text/plain; charset="utf-8" > > Hi all, > > Interesting discussion. I agree with Tom Vidal's interpretation of the > sentence as completely precluding licensing in the case of use in nuclear > facilities, over and above disclaiming suitability for use in such > facilities. I also agree that this is a straightforward application of > contract construction and is the same conclusion that virtually all courts > would reach given this sentence. > > Further, it's worth noting that the SPDX license list includes other > licenses that mention "nuclear," but all of them go further than > disclaiming warranty/suitability for use in nuclear facilities: > https://www.google.com/search?q=site:spdx.org%2Flicenses+%22nuclear%22 > > > However, it does appear to be so common on github and in the broader FOSS > community that I think it should still be added to the list. Many in the > FOSS community may have missed that this license, though common, is > technically not compliant with the free software definition or the > open-source software definition, and part of the value of SPDX is that we > can help repository owners surface that fact. I think we can and should > help people match against this license text so that they can clean up their > code to more strictly conform to the FSF or OSI definitions if they wish. > > > To Eric's point, it also seems clear that the description of the aim of the > SPDX list should be updated to explicitly note that it includes non-FOSS > licenses. This seems like a relatively quick change. Could we approve over > email so that a more accurate description is ready for the next release? > > Best, > Brad > > -- > Brad Edmondson, *Esq.* > 512-673-8782 | brad.edmond...@gmail.com > > On Thu, Mar 31, 2016 at 11:31 AM, Eric Weddington < > eric_wedding...@trimble.com> wrote: > > > Where SPDX is at now, is that it says one thing, but does another. > > > > > > > > Yes, the website says that the SPDX License List is a list of ?commonly > > found open source licenses?. But if we?re going to talk about > restriction > > use then it?s too late. The list already has these: > > > > > > > > CC-BY-NC-1.0 > > > > CC-BY-NC-2.0 > > > > CC-BY-NC-2.5 > > > > CC-BY-NC-3.0 > > > > CC-BY-NC-4.0 > > > > CC-BY-NC-ND-1.0 > > > > CC-BY-NC-ND-2.0 > > > > CC-BY-NC-ND-2.5 > > > > CC-BY-NC-ND-3.0 > > > > CC-BY-NC-ND-4.0 > > > > CC-BY-NC-SA-1.0 > > > > CC-BY-NC-SA-2.0 > > > > CC-BY-NC-SA-2.5 > > > > CC-BY-NC-SA-3.0 > > > > CC-BY-NC-SA-4.0 > > > > > > > > The Non Commercial clause of the Creative Commons is a clear restriction > > of use. > > > > > > > > If SPDX wants to be pedantic about only having open source licenses, then > > there is no reason for them to exist. I can just go get the list from > OSI, > > or whatever the FSF has. > > > > > > > > The value, to me, that SPDX has is that it lists common licenses, that > > also happen to include all the Open Source licenses too. They list a > > superset. > > > > > > > > The SPDX is not the OSI, or the FSF, and should never aim to be. Change > > the website language to read ?commonly found licenses, including open > > source?. > > > > > > > > I very much appreciate the ?wider tent? that SPDX is aiming for. > > > > > > > > Eric Weddington > > > > > > > > *From:* spdx-legal-boun...@lists.spdx.org [mailto: > > spdx-legal-boun...@lists.spdx.org] *On Behalf Of *Tom Vidal > > *Sent:* Thursday, March 31, 2016 8:02 AM > > *To:* Wheeler, David A > > *Cc:* spdx-legal@lists.spdx.org > > *Subject:* Re: New License/Exception Request: BSD-3-Clause-NoNuclear > > > > > > > > <trimmed> > > > > So, should we add it or not? I can appreciate the arguments on either > > side of the question. Both sides make quality points. Because this is so > > plainly non-open, I lean on not including it. I acknowledge Tom's point > > that our inclusion guidelines do not require strict compliance. But use > > restrictions are pretty black and white in my mind. As Daniel pointed > out > > (point 3 from his earlier email), SPDX has a mechanism to allow anybody > to > > maintain SDPX info of non-FOSS licenses. > > > > > > > > At some point in time, maybe SPDX's mission will expand to be able to > > enable maintenance of all licenses such that it can be used to create a > > comprehensive bill of materials for all licenses in a package--open, > > proprietary, and whatever lies in between. But that is not where we are > > now. > > > > > > > > * * * * * * * * * * * * > > > > THV > > > > _______________________________________________ > > Spdx-legal mailing list > > Spdx-legal@lists.spdx.org > > https://lists.spdx.org/mailman/listinfo/spdx-legal > > > > > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: < > http://lists.spdx.org/pipermail/spdx-legal/attachments/20160331/e78f3528/attachment.html > > > > ------------------------------ > > _______________________________________________ > Spdx-legal mailing list > Spdx-legal@lists.spdx.org > https://lists.spdx.org/mailman/listinfo/spdx-legal > > > End of Spdx-legal Digest, Vol 63, Issue 23 > ****************************************** >
_______________________________________________ Spdx-legal mailing list Spdx-legal@lists.spdx.org https://lists.spdx.org/mailman/listinfo/spdx-legal
