Dear all, > Thanks for the quick feedback and I'm glad to see that we basically > all seem to agree that,*yes, the SPDX License List should have enough > coverage of licenses that a free/open operating system (or the kernel > itself) could rely on use of SPDX license identifiers. *Yeah!
In full agreement, Jilayne! :) I feel as if the major software distributions are particularly important to SPDX, as they will be in the best position to produce full SBOMs as part of their release engineering processes. Naturally, we'd need to support that by making sure that the SPDX License List and specification itself facilitates all the edge cases, platform-specific patches and other work that the distributions do in addition to packaging. > If there turns out to be an onslaught of new license submissions due > to such an end-goal, then the SPDX legal team will have to figure out > how to best and most efficiently deal with that. But one real > advantage of that process, which seems to be glossed over, is that by > way of that review multiple lawyers are looking at the text; > determining any non-substantive, replaceable or omitable text for > matching purposes; and adhering to a set of established guidelines. I > don't know of any list "curation" that applies such attention > involving the collaboration of legal experts in this field. :) One of the things that has come up in previous Legal Team meetings is that writing the initial review for new submissions can be quite time consuming. I hope you'll excuse my taking the initiative for this: I've drafted a reply template that formats our License Inclusion Principles in a simple markdown file. Each question can be answered 'yes' or 'no'. It would be great if we could have some time during today's meeting to talk about this :) https://cryptpad.fr/code/#/3/code/edit/bdd135b8edc3e08432c48ce1d32b91ba/ > As a side note that I got thinking about related to all of this: we > have seen massive adoption of SPDX license ids in a variety of ways > over the years. This is great. > ... > The effort that FreeBSD is undertaking started with Warner joining the > SPDX community to reach out for advice and contribute to the very > thing his project is now using. Three cheers for Warner ;) It was awfully nice of him to advertise the SPDX License Identifiers right at the start of the big FreeBSD Core Panel back in June - thank you, Warner, for the extra publicity! Looking forward to the meeting today :) Best wishes, Sebastian -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#2994): https://lists.spdx.org/g/Spdx-legal/message/2994 Mute This Topic: https://lists.spdx.org/mt/84928724/21656 Group Owner: spdx-legal+ow...@lists.spdx.org Unsubscribe: https://lists.spdx.org/g/Spdx-legal/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
