Hi Warner, McCoy,
You both raise some good points which has made me realized I
should clarify this topic a bit:
First, yes, some "public domain dedications" or things that are
similar-ish are already on the SPDX License List. As more of such
things are found, there is no reason we couldn't simply keep
adding them with their individual SPDX license ids, just like
usual. See Steve's summary, as this would be what he describes in
#4.
The reason I started with "public domain" is due to Fedora's
category short name used in the package spec files for things that
Fedora package maintainers have identified and then labeled as
such. Because this is a sort of umbrella short name, there is no
way to know what the text actually says. Maybe some of these are
actually licenses in the sense that they contain conditions upon
some grant under copyright. The only way to know is to collect
that text.
Yes, SPDX does not make qualitative assessments of licenses or
statements.
The issue/question here is: if there are many, many variations on
the same kind of statement (I suppose it could purport to be
public domain or maybe even something more akin to a permissive
license) - should SPDX deviate from it's one id = one license text
and come up with a way to capture a number of texts that could
"match" and be represented to the same id?
At this point, I don't think we should answer that question, but I
want to capture enough information (data) about the magnitude of
what's out there in order to then discuss this.
Hope that helps,
Jilayne
On 8/16/22 10:25 AM, McCoy Smith wrote:
toggle quoted message
Show quoted text
I’m
not sure SPDX makes qualitative assessments of licenses or
statements (nor should it, since practically every license
does have some degree of ambiguity).
So
a PD dedication that is unquestionably valid in the US but
not in other countries can still get a SPDX tag, I think.
It’s up to the user to determine if that statement is
effective for them.
I
think CC0 is probably the best attempt to come up with a
truly comprehensive PD dedication, but that requires
including a backstop highly permissive license attached.
Whether that (or things like it) ought to be classified as a
‘license’ or a ‘PD dedication’ is moderately interesting
although I tend to think of it as both. But to me, anything
that recites a permission, or which has obligations –
however mild – and doesn’t say “public domain” is a license.
I was using beerware as an example to
ask the question: what separates it from PD,
especially with the public domain dedications that try
to work around EU law in different ways. Is it the grant
of permission to copy? Is it the lack of any other terms
and condition? So the PD except where can't do that
where you can use any OSI license would fall on the
'needs SPDX id' and is outside of the data Jilayne was
asking for, but a 'do whatever you want' would be in
scope?
On Tue, Aug 16, 2022 at 10:01 AM
McCoy Smith <mccoy@...>
wrote:
There
is an obligation in there (“as long as you
retain this notice”) so it really is a license
not a PD dedication (if something is PD, it
comes with no obligations).
Plus,
beerware is already SPDXed as a license: https://spdx.org/licenses/Beerware.html
On
a related question, there's several licenses
that are close to the public domain. Eg:
"THE
BEER-WARE LICENSE" (Revision 42):
<phk@...>
wrote this file. As long as you retain
this notice you can do whatever you want
with this stuff. If we meet some day, and
you think this stuff is worth it, you can
buy me a beer in return Poul-Henning Kamp
which,
apart from the markup issues being tied to
a specific author, is very close to the
public domain.... unless you desire to but
phk a beer, and he wants one when you
offer... but if he'd dedicated it to the
public domain and I wanted to buy him a
beer the end results would be identical.
Likewise if I didn't want to buy him a
beer in both cases. This is a current
license in the SPDX list, however. And I
think that's proper because the additional
term "retain notice" makes it a license to
use with mild conditions, rather than a
repudiation of ownership.
A
number of posters raise the points about
EU law differing enough from US law that
public domain creates difficulties, which
people have worked around with additional
words in different ways.
So,
what separates those workarounds from the
above beer-ware license, apart from the
lack of the phrase 'public domain'? Is
that the defining characteristic? Or is
there some other touchstone to separate
the vague "sure, whatever" from the "I
disclaim ownership" from the "I disclaim
ownership, but if I can't do that and
still own the damn thing, here's the
deal"? We can assume a large disparity in
the care that these dedications are
drafted, and as such we should expect a
continuum of actual grants when all of
them basically wanted people to do
whatever with it.
Hi SPDX-legal,
I have raised this a couple times in
the past few months or so, but now
that it is more of a "ripe" topic, I
wanted to get some input on
preliminary ideas:
Background:
Fedora has now officially adopted the
use of SPDX ids in packages meta data
(specifically, the license field of
the package spec file). Due to Fedora
historically using "category" short
names for groups of similar licenses,
we suspect there may be a number of
additions to the SPDX License List
needed.
Public domain category:
Specifically, Fedora has used "public
domain" for any public domain
dedication, without capturing the
exact text. For Fedora package
maintainers who are keen to update the
license info for their packages, we
have given this interim advice:
https://docs.fedoraproject.org/en-US/legal/license-field/#_public_domain
and
https://docs.fedoraproject.org/en-US/legal/update-existing-packages/#_callaway_short_name_categories
(see section on "public domain")
SPDX approach:
The SPDX License List has always
operated from the principle that an
SPDX license id represents a specific,
identifiable license/set of text. This
is critical as part of our project
goal of being both human and
machine-readable.
However, if it turns out that there
are a large number of slight
variations of text that mean the same
thing (e.g., a simply one line
statement of public domain
dedication), then perhaps SPDX might
consider a slightly different
approach?
But, in order to even consider this,
we'd need data.
Idea for going forward:
As Fedora package maintainers find
these texts that had been marked
generically as "public domain" - what
if we asked them to copy the actual
text of what they found and maybe a
link to where they found it (or some
other such pointer) in a simply
formatted file in the Fedora
license-list-data repo?
See https://gitlab.com/fedora/legal/fedora-license-data/-/merge_requests/54
This would be at least a beginning of
collecting this data that SPDX-legal
could then review in a more bulk
fashion in order to consider the above
potential approach.
If so, what other info besides the
text itself should be collected and
how can it be most easily formatted to
enable easy consumption later?
For example, it could be something
like this:
===
package = Foo
text = This is released into the
public domain.
source = <url to file or other such
pointer>
===
I wouldn't want to be more than a few
pieces of information. There is also
always the ability to search on the
short name "public domain" or the
interiem SPDX id of
"LicenseRef-Fedora-Public-Domain", but
might as well start collecting info if
package maintainers are looking as
well.
Thoughts? (need input ASAP :)
thanks,
Jilayne
|
