Re: Linux kernel enforcement statement discussion
I think this is getting closer to the crux, but I also think some terminology and associations of such is getting in the way: there seems to be focus on whether or not the KES is an “exception” or an “additional permission” to the GPL-2.0-only (that is, the license of the kernel) and then that that determination therefore decides whether it should be on the SPDX License List. That is making a jump - please stop.toggle quoted message Show quoted text
I don’t think there is any doubt the the KES is designed to modify the termination terms of the underlying license of the project for only those copyright holders who sign up to it (i.e., add their name to the list). The last part is the crux issue - because it makes the implementation of the KES different from other “exceptions”.
Given the specifics of how the Linux kernel is governed, it had to be done like this, because to try and apply it for all copyright holders and then be able to add it the additional permission across the board would be effectively like changing the license and require all copyright holders permission.
The way it has been implemented, individual copyright holders can sign up to it, or not as they choose and it is not swept in via the DCO sign-off process.
The KES is also a bit of an odd bird due to it living in a separate file, not in the COPYING file, not in a license header, or the other usual places license info lives.
These are essentially the reasons why it wasn’t added in the first place and nothing seems to have changed since then.
In light of strong opposition, my inclination is to keep the status quo - there is way too much energy and fire around this and if I’ve learned anything over the years of leading this project, it’s that when there is that much energy around an issue - caution for any change is warranted. I’ll also add that keeping the status quo, which means not adding the kernel enforcement statement should not be viewed as a “win” or “loss” for any particular person, group, or organization. Period.
As for the GPL-CC: that started with company-specific commitments, then individual commitments - these have an implementation similarity to the KES in the sense of being applicable to specific copyright holders, not living in the license file or notice, but a separate statement of commitment to this principle of enforcement. This is why I thought having the conversation in tangent was a good idea (I now completely regret that…).
More recently, Red Hat drafted the GPL-CC for projects, which is drafted to apply in the more usual way: as part of the license of the project, to apply across the board, to be added to the license information for the project. It can also be used by ANY project. There is still a potential issue with applying it to old projects where previous contributors don’t contribute after the GPL-CC applications, and as such they would not have agree to the amended termination terms the GPL-CC applies.
My point here being that, while we had discussed trying to be neat and tidy and combine the Company, Individual, and Project variants of the GPL-CC - I’m not sure that’s a good idea now. It might make more sense to focus on the Project variant, as it’s the most usable across the board to begin with and provide a note about the distinction. Just a thought.
In any case, we don’t need to make the decisions on all of the above at the same time, so let me take that expectation off the table, since I sort of pushed that.
Let me re-state then where that leaves us:
- KES is off the table for this release. I highly recommend everyone take a deep breath, step away from your keyboard and go enjoy the holidays. A little space always helps…
- GPL-CC - more discussion needed as per above. Maybe we can resolve in the next week, maybe needs to be pushed to 3.5 - TBD