Re: call tomorrow, agenda

Home Messages Hashtags Subgroups

#1127

Re: call tomorrow, agenda

Dennis Clark #1127 Hi Legal Team, The topic that Mark Gisi brought up in the extra time we had in our meeting this morning, the use of "AND" in a license expression, made we wish we had more time to pursue it, and I hope that we make it a priority topic for our next legal group meeting. Although my initial reaction to the issue was that we already cover it quite well, the subsequent discussion made it very clear that we have a problem. "AND" should have a reasonably precise definition: 1. AND means that two or more licenses apply to a software object. A typical case is a file with various bits of code from multiple open source origins, where all of them still apply. Another one is an executable that links together code under different licenses. An implication, although not guaranteed, of the use of AND is that the licenses are compatible. 2. AND is sometimes, arguably incorrectly, used to identify an assortment of licenses that can be found in various subcomponents of a package, often referring to software objects that are deployed independently in actual practice. Using AND in this case is misleading, as Mark pointed out, since a package can contain components under different licenses that are actually not compatible, although not really a problem depending on how they are ultimately deployed. We need to upgrade our license expression syntax to address this, and should do it soon, because the current version does not encourage accuracy, and there could be upgrade issues in the future if we decide to correct the situation. Mark mentioned the possibility of using a comma (as currently done by Debian and others) or a semicolon. I'm fine with using a comma, although I am inclined to think that something more explanatory would be better: how about a "CONTAINS" license expression keyword? Example: CONTAINS (GPL-2.0, LGPL-2.1, GFDL-1.2). Whatever the solution, we really need to define a way to express the second case described above. Thanks to everyone for an interesting meeting! Dennis Clark nexB Inc. toggle quoted message Show quoted text On Wed, May 13, 2015 at 7:38 AM, <opensource@...> wrote: Hi all, Just a reminder that we have our bi-weekly SPDX Legal Team call tomorrow, Thursday, 13 May at 18:00 GMT (10:00AM PT, 11:00 MT, 12:00 CT, 1:00PM ET) Call this number: (United States): +1-857-216-2871 User PIN: 38633 International: visit the URL at http://uberconference.com/SPDXTeam We will be discussing the Standard Header field. Please review the following info ahead of the call: - http://wiki.spdx.org/view/Legal_Team/Current_Projects_and_Issues#Standard_Headers - for a description of the issue - http://spdx.org/spdx-license-list/license-list-overview - see F at bottom of page for the description of the Standard Header field - you might also want to download the SPDX License List spreadsheet from Git (http://git.spdx.org/?p=license-list.git;a=tree;hb=64ec66a5460b9da2a836b2c28cac5e31535eedf9 ) as then you can easily see all the licenses that have a Standard Header at one time. There are 54 licenses on the SPDX License List with a Standard Header. There seems to be 3 categories of issues: 1) multiple or variable options (e.g., Apache-2.0 and APL-1.0. GFDL-) 2) variable text w/in header (that is not copyright notice)- do we need to created a template with markup? (see, e.g., CPAL-1.0, OCLC-2.0, RPSL-1.0, MPL-, etc. 3) presence or absence of "or later" in Standard Header making a difference as to license identification (e.g., L/GPL) Thanks, Jilayne & Paul SPDX Legal co-leads _______________________________________________ Spdx-legal mailing list Spdx-legal@... https://lists.spdx.org/mailman/listinfo/spdx-legal
More All Messages By This Member

View All 7 Messages In Topic

#1127

Join {Spdx-legal@lists.spdx.org to automatically receive all group messages.

Home Hashtags Subgroups Terms