Date   

Re: Chime instead of Zoom, a modest proposal

James Bottomley
 

On Mon, 2020-04-13 at 20:31 +0000, Mark Atwood via lists.spdx.org
wrote:
Chime has clients for Win, and for Mac, it runs in Browser on Firefox
and on Chrome on all OSes, it has clients for mobile OSes, and also
has local and tollfree telephone dialin in most countries.
So no app for Linux then? As you can appreciate, a lot of us have now
been evaluating a whole range of video conference technologies and one
of the empirical rules I've been seeing is that solutions that don't
provide a Linux client usually can't provide app equivalent
functionality on the web either ... and actually there are several
solutions (cough, bluejeans, cough) that allegedly provide a linux app
but not with the full range of capability and have similar problems on
the web.

One of the things I will give zoom in the pantheon of proprietary crap
for meetings is that they have a full range of supported linux clients,
for almost every distribution you can think of, with functionality
equivalent to windows and mac.

James


Re: Chime instead of Zoom, a modest proposal

Kate Stewart
 

Hi Mark,
     Thanks for the generous offer.  :-)  We're not paying for zoom, however I'm definitely up for doing an experiment during our spdx-tech meeting tomorrow, and if it works for the regular attendees, changing to a system with better security.

Can you send  me the details for the account to use,  and we'll do an experiment during the tech call,  and feedback to the wider group.

Thanks again!
Kate

On Mon, Apr 13, 2020 at 3:31 PM Atwood, Mark <atwoodm@...> wrote:

Hi Kate and other SPDX folk,


We have been using Zoom to provide teleconference for SPDX meetings.  In light of recent events, Zoom has  gotten very popular, and also been failing many security audits, and so many companies and governments have started banning its use.


Amazon has a service very similar to Zoom, called Amazon Chime.  Amazon Chime has 1) it's got much better security, 2) it doesn't give your personal, login, and meeting info to the adtech tracking industry, 3) it is gratis with all professional features to the end of June, and 4) as an Amazonian and this being part of my work, I can provide gratis usage to the SPDX group even after the end of June.


Chime has clients for Win, and for Mac, it runs in Browser on Firefox and on Chrome on all OSes, it has clients for mobile OSes, and also has local and tollfree telephone dialin in most countries.


So, what do you think?  Switch to Chime?  It's especially a win if we are paying for Zoom.


..m


-- 

Mark Atwood <atwoodm@...>

Principal, Open Source, Amazon


Chime instead of Zoom, a modest proposal

Mark Atwood (Amazon.com)
 

Hi Kate and other SPDX folk,


We have been using Zoom to provide teleconference for SPDX meetings.  In light of recent events, Zoom has  gotten very popular, and also been failing many security audits, and so many companies and governments have started banning its use.


Amazon has a service very similar to Zoom, called Amazon Chime.  Amazon Chime has 1) it's got much better security, 2) it doesn't give your personal, login, and meeting info to the adtech tracking industry, 3) it is gratis with all professional features to the end of June, and 4) as an Amazonian and this being part of my work, I can provide gratis usage to the SPDX group even after the end of June.


Chime has clients for Win, and for Mac, it runs in Browser on Firefox and on Chrome on all OSes, it has clients for mobile OSes, and also has local and tollfree telephone dialin in most countries.


So, what do you think?  Switch to Chime?  It's especially a win if we are paying for Zoom.


..m


-- 

Mark Atwood <atwoodm@...>

Principal, Open Source, Amazon


milestones for SPDX License List

J Lovejoy
 

Hi all,

We’ve been doing quarterly releases for new SPDX License List versions on a calendar quarterly basis. We adopted this some time ago (before using Github) to provide some expectation and reliability for when people could see the new version. (Now, due to using Github, anyone can see the latest and greatest by pulling from the master repo).

We proposed on the call today to still do a quarterly official release, but shift by a month to: end of Jan, April, July, and October - to avoid alignment with other end-of-quarter rush and end-of-year holiday time.

Does anyone have any objections to adopting this schedule?

Thanks,
Jilayne
SPDX legal team co-lead


Meeting today, Apr. 9

Steve Winslow
 

Hello all, the next regularly-scheduled SPDX legal team meeting will be today, Thursday, Apr. 9 at 9AM PDT / noon EDT.

The primary agenda item will be to discuss license requests currently tagged for the 3.9 release, viewable at: https://github.com/spdx/license-list-XML/issues?q=is%3Aopen+is%3Aissue+milestone%3A%223.9+release%22

Best,
Steve

= = = = =

Join Zoom Meeting
https://zoom.us/j/611416785

Meeting ID: 611 416 785

One tap mobile
+16465588656,,611416785# US (New York)
+16699006833,,611416785# US (San Jose)

Dial by your location
        +1 646 558 8656 US (New York)
        +1 669 900 6833 US (San Jose)
        877 369 0926 US Toll-free
        855 880 1246 US Toll-free
        +1 647 558 0588 Canada
        855 703 8985 Canada Toll-free
Meeting ID: 611 416 785
Find your local number: https://zoom.us/u/aceZFvRyln


--
Steve Winslow
Director of Strategic Programs
The Linux Foundation


Re: New License/Exception Request: The 0810 Software simple and permissive open source license (rev. 1.0)

Steve Winslow
 

Hello Marnix, thank you for your email. You can submit this as a license for consideration in the SPDX license list repo, at https://github.com/spdx/license-list-XML/issues, for the community to review and evaluate.

However, I'd encourage you to take a close look first at the license inclusion guidelines, at https://github.com/spdx/license-list-XML/blob/master/DOCS/license-inclusion-principles.md. In particular, if this is a brand new license that does not have actual, substantial use in the wild, I expect it is unlikely to be added to the list at this time.

Best regards,
Steve
 

On Thu, Apr 9, 2020 at 5:14 AM Marnix B <programmer.marxin0810@...> wrote:

Hello dear SPDX moderators,

 

I have created an open-source license that I published through my organisation (0810 Software) and I would like it to get indexed on your list.

 

The license is available at our website: https://software0810.wordpress.com/2020/03/27/the-0810-software-simple-and-permissive-open-source-license/

And in attachements in both PDF and Markdown form.

 

I hope I have given enough information and I am sorry if there is any incorrect English, it is not my first language, if you need any more information feel free to mail me.

 

 

Yours Faithfully,

 

Marnix B

 

https://software0810.wordpress.com

 

https://stories0810.wordpress.com

 



--
Steve Winslow
Director of Strategic Programs
The Linux Foundation


New License/Exception Request: The 0810 Software simple and permissive open source license (rev. 1.0)

Marnix B <programmer.marxin0810@...>
 

Hello dear SPDX moderators,

 

I have created an open-source license that I published through my organisation (0810 Software) and I would like it to get indexed on your list.

 

The license is available at our website: https://software0810.wordpress.com/2020/03/27/the-0810-software-simple-and-permissive-open-source-license/

And in attachements in both PDF and Markdown form.

 

I hope I have given enough information and I am sorry if there is any incorrect English, it is not my first language, if you need any more information feel free to mail me.

 

 

Yours Faithfully,

 

Marnix B

 

https://software0810.wordpress.com

 

https://stories0810.wordpress.com

 


Re: MIT License

Steve Winslow
 

Hello,

The SPDX legal team list is used for the development of the SPDX License List at https://spdx.org/licenses. However, this list is not used for providing legal advice about the interpretation of licenses.

You may want to consult resources such as the OSI's license-discuss list (https://opensource.org/lists) or the FSF's comments on various licenses (https://www.gnu.org/licenses/license-list.en.html).

Best,
Steve


On Tue, Apr 7, 2020 at 12:38 PM <ashkardev@...> wrote:
Hi, 
can anyone explain the MIT License point that says to include the license of used code, but can it be included inside the file but not directly with copied code?
 
 
 



--
Steve Winslow
Director of Strategic Programs
The Linux Foundation


MIT License

ashkardev@...
 

Hi, 
can anyone explain the MIT License point that says to include the license of used code, but can it be included inside the file but not directly with copied code?
 
 
 


License list - 3.9 issues

Steve Winslow
 

Hello spdx-legal list,

This is a friendly reminder that the next release of the License List (version 3.9) is targeted for the end of April.

I'd encourage folks to review the list of open issues, available at:

Comments are welcome, or even simple "+1" notes if you are in favor of adding a proposed license under the updated license inclusion guidelines [1]. Community involvement is very welcome even if you don't have time to write up a lengthy thought process  :)

Best,
Steve


--
Steve Winslow
Director of Strategic Programs
The Linux Foundation


Re: CERN-OHL version 2

J Lovejoy
 

Hi Andrew, 

Great!  FYI - this email got moderated because you are not on the mailing list with this address. I have unmoderated you, but would be best if you could join the mailing list or use the email if you are already otherwise on it.

Would you mind submitting each of the 3 variants via the online submission tool? http://13.57.134.254/app/submit_new_license/  - that will create an issue for each one, which is part of our current workflow for tracking.  Also see: https://github.com/spdx/license-list-XML/blob/master/CONTRIBUTING.md

While we are on the subject of open hardware licenses, I believe we still don’t have Solderpad 2.0 on it, as we may have needed some feedback from you - https://github.com/spdx/license-list-XML/issues/945 - I will try to find the thread we had going on that.

We will be doing a release at the end of April - would be great to get all of these on the list for that. Just need a bit of help and it’s do-able!

Thanks,
Jilayne

On Mar 31, 2020, at 4:47 AM, Andrew <andrewjskatz@...> wrote:

Hi All

Now that version 2 of CERN-OHL has been released, we are keen to see the 3 variants allocated an appropriate SPDX licence identifier.

You can find the licences here: 


We propose the following SPDX identifiers for each of the 3 variants:

CERN-OHL-2.0-P
CERN-OHL-2.0-W
CERN-OHL-2.0-S

These seemed to us to most closely match the existing SPDX licence criteria, but we are happy to discuss any other suggestions (or indeed answer any other questions).

All the best



Andrew






CERN-OHL version 2

Andrew <andrewjskatz@...>
 

Hi All

Now that version 2 of CERN-OHL has been released, we are keen to see the 3 variants allocated an appropriate SPDX licence identifier.

You can find the licences here: 


We propose the following SPDX identifiers for each of the 3 variants:

CERN-OHL-2.0-P
CERN-OHL-2.0-W
CERN-OHL-2.0-S

These seemed to us to most closely match the existing SPDX licence criteria, but we are happy to discuss any other suggestions (or indeed answer any other questions).

All the best



Andrew





SPDX License List inclusion principles and 3.9 release

Steve Winslow
 

Hello all,

Following from Jilayne's email earlier this month, the legal team has now finalized and posted the update to the license inclusion principles for the SPDX License List. The updated principles can be found at:


As a result of the update, we will be shifting the date for the next release of the License List (version 3.9) from the end of March to the end of April. This will provide a window for recent submissions -- as well as the backlog of older submissions that relate to this update -- to be considered for inclusion under the new guidelines for the next release.

I would encourage folks to review the open issues that are listed for consideration in 3.9, and to weigh in with comments on whether they should be added under the updated guidelines. You can see the issues tagged for 3.9 at:


Even if you aren't familiar enough with the License List's XML format to create XML files for actually adding licenses, input is welcome on the baseline question of whether or not the submitted licenses are appropriate to add to the list.

Hope everyone is staying safe and healthy. Best,
Steve

--
Steve Winslow
Director of Strategic Programs
The Linux Foundation


SPDX legal team call tomorrow

J Lovejoy
 

Hi all,

The SPDX legal team has its regular bi-weekly call tomorrow, Thursday at noon, Eastern Daylight Savings time (note: The US moved our clocks forward, but I believe the UK and Europe has yet to do that, so time diff may still be an hour different from usual).

As noted in the email below - we will be finalizing the new license inclusion guidelines! https://github.com/spdx/license-list-XML/pull/990

Dial-in info below, in case you don’t have the invite on your calendar.

Thanks,
Jilayne
SPDX legal team co-lead

Join Zoom Meeting: https://zoom.us/j/611416785
Meeting ID: 611 416 785

One tap mobile:
+16465588656,,611416785# US (New York)
+16699006833,,611416785# US (San Jose)

Dial by your location:
+1 646 558 8656 US (New York)
+1 669 900 6833 US (San Jose
877 369 0926 US Toll-free
855 880 1246 US Toll-free
+1 647 558 0588 Canada
855 703 8985 Canada Toll-free

Meeting ID: 611 416 785

Find your local number: https://zoom.us/u/aceZFvRyln

On Mar 12, 2020, at 1:59 PM, J Lovejoy <opensource@...> wrote:

Hi all,

I’m sending this to both the legal and general mailing lists to ensure greatest visibility. The legal team has come up with a final draft of the license inclusion guidelines based on various conversations and feedback over the past 8 months of intermittent discussion.

The pull request representing this draft is located here: https://github.com/spdx/license-list-XML/pull/990

We are looking to provide another two weeks for review and comment and then finalize and publish this. Please do comment either on the PR, the issue below or the legal team mailing list. (including +1 if you think it’s all good!)

The issue where some of the discussion has taken place is here: https://github.com/spdx/license-list-XML/issues/925

Thanks!

Jilayne
SPDX legal team co-lead


Re: [spdx] SPDX License List license inclusion guidelines

J Lovejoy
 

Hi Kyle,

Thanks for having a look.

As to your question: we had a discussion on one of the many calls we discussed this topic and ran the hypothetical of what if there were no “rules” or the rules were very relaxed. One extreme might look like this: anyone can add a license, any time and the SPDX License List becomes bloated and so long that nothing is reliable any more - we’d end up with duplicate licenses (b/c no one was minding the Matching Guidelines), duplicate ids (the horror!) etc. It would certainly lose it’s value.

If there is something we can amend on the current proposal, then there has been plenty of opportunity to say so, and there is still (a little) time. The proposed revision substantially relaxes the previous guidelines - as you well know. there are a number of licenses in the queue that we’ve put on hold knowing that if we changed the guidelines, they would be easy submissions. We also made some obvious things explicit like not adding a license that would match an existing license - we probably all assumed that one, but it wasn’t actually written down!

I’m still unclear as to what the actual issue and suggestion is out of this thread.

Thanks,
Jilayne

On Mar 13, 2020, at 4:25 PM, Kyle Mitchell <kyle@...> wrote:

All,

I am both impressed by the work Jilayne and others have put
into the guidelines, and in strong sympathy with the general
thrust Philippe reports from the conference. I didn't go to
FOSDEM, but judging from Philippe's notes, I wouldn't have
had much else to add.

I keep returning to the _why_ behind rules and proposed
rules. Is the overbearing issue, from the SPDX-side point
of view, still too many license submissions, too fast to
handle?

--
Kyle Mitchell, attorney // Oakland // (510) 712 - 0933


Re: [spdx-tech] Agenda for 3/24 Tech Meeting

Steve Winslow
 

For those who weren't able to attend today, here is a recording of the presentation from William about some of the potential directions for the SPDX 3.0 spec:

Steve

On Mon, Mar 23, 2020 at 8:08 PM Steve Winslow <swinslow@...> wrote:
Hello SPDX legal team,

Tomorrow (Tuesday, March 24) at 1PM EDT, the tech team will be discussing some of the proposed changes to the spec for version 3.0. For those of you who are available, this could be a good chance to hear about (and get involved with!) some of the thinking for updates and improvements to the specification, including licensing profiles and fields.

Best,
Steve

---------- Forwarded message ---------
From: Kate Stewart <kstewart@...>
Date: Mon, Mar 23, 2020 at 7:43 PM
Subject: [spdx-tech] Agenda for 3/24 Tech Meeting
To: <spdx-tech@...>


Hi all,
   As we're get close to being able to release SPDX 2.2,  its time 
to start focusing on some of the top level restructuring changes 
we're looking at for SPDX 3.0.     

Agenda for this week:
- SPDX 3.0 - refactoring into base + profiles. (William Bartholomew)
- SPDX 2.2 - close out of any PRs still open and review of last issues.

Let me know if you have other topics to be added to this week's agenda.

Description:https://zoom.us/j/663426859 Meeting ID: 663 426 859 Tuesdays at 17:00 UTC (and best guess for local time - 10:00AM PDT, 11:00 MDT, 12:00PM CDT, 1:00PM EDT, 18:00 WAT, 19:00 CEST). Australia +61 2 8015 2088 Canada +1 647 558 0588 Germany +49 30 3080 6188 Japan +81 3 4578 1488 US Toll-free 877 369 0926 Find your local number: https://zoom.us/u/ac9KKJWzJT

Thanks, Kate





--
Steve Winslow
Director of Strategic Programs
The Linux Foundation


--
Steve Winslow
Director of Strategic Programs
The Linux Foundation


[spdx-tech] Agenda for 3/24 Tech Meeting

Steve Winslow
 

Hello SPDX legal team,

Tomorrow (Tuesday, March 24) at 1PM EDT, the tech team will be discussing some of the proposed changes to the spec for version 3.0. For those of you who are available, this could be a good chance to hear about (and get involved with!) some of the thinking for updates and improvements to the specification, including licensing profiles and fields.

Best,
Steve

---------- Forwarded message ---------
From: Kate Stewart <kstewart@...>
Date: Mon, Mar 23, 2020 at 7:43 PM
Subject: [spdx-tech] Agenda for 3/24 Tech Meeting
To: <spdx-tech@...>


Hi all,
   As we're get close to being able to release SPDX 2.2,  its time 
to start focusing on some of the top level restructuring changes 
we're looking at for SPDX 3.0.     

Agenda for this week:
- SPDX 3.0 - refactoring into base + profiles. (William Bartholomew)
- SPDX 2.2 - close out of any PRs still open and review of last issues.

Let me know if you have other topics to be added to this week's agenda.

Description:https://zoom.us/j/663426859 Meeting ID: 663 426 859 Tuesdays at 17:00 UTC (and best guess for local time - 10:00AM PDT, 11:00 MDT, 12:00PM CDT, 1:00PM EDT, 18:00 WAT, 19:00 CEST). Australia +61 2 8015 2088 Canada +1 647 558 0588 Germany +49 30 3080 6188 Japan +81 3 4578 1488 US Toll-free 877 369 0926 Find your local number: https://zoom.us/u/ac9KKJWzJT

Thanks, Kate





--
Steve Winslow
Director of Strategic Programs
The Linux Foundation


Re: [spdx] SPDX License List license inclusion guidelines

Kyle Mitchell
 

All,

I am both impressed by the work Jilayne and others have put
into the guidelines, and in strong sympathy with the general
thrust Philippe reports from the conference. I didn't go to
FOSDEM, but judging from Philippe's notes, I wouldn't have
had much else to add.

I keep returning to the _why_ behind rules and proposed
rules. Is the overbearing issue, from the SPDX-side point
of view, still too many license submissions, too fast to
handle?

--
Kyle Mitchell, attorney // Oakland // (510) 712 - 0933


Re: SPDX License List license inclusion guidelines

Kyle Mitchell
 

William,

Sorry to air-drop into this conversation. I've been lurking
fairly reliably, but have been too slammed to keep an active
voice in all the various places where people are typing.

Is there any kind of summary or similarly short,
approachable artifact you could point me to for the current
namespacing proposal? For reasons in line with a few of
Philippe's comments, I'm interested to see what there is in
terms of viability or outreach to the package manager
implementers.

The primary driver for SPDX identification requests in my
nick of the woods has been people trying to put an SPDX
identifier in a package manifest where one is required.
RubyGems for Ruby. npm for JavaScript. Cargo for Rust.
And so on. All of these projects use the license list, and
just the license list, as a kind of "library", divorced from
SPDX as a whole. npm and Cargo have also taken the
expression syntax, or variations of it, but that's it.

If the namespace proposal's too complex or esoteric, or too
tightly coupled to the XML-file use case of SPDX, I'd fear
divergence with the fast-moving packager and utility people,
myself probably included.

--
Kyle Mitchell, attorney // Oakland // (510) 712 - 0933


Re: Deprecate Entessa in favour of Apache-1.1?

Karsten Klein
 

How do we deal with the slightly different obligation?

I would argue that this is not the same.

- Regards,
Karsten




metaeffekt GmbH
Firmensitz: Renettenweg 6/1, 69124 Heidelberg
Registergericht: Amtsgericht Mannheim, HRB 725313
Geschäftsführer: Karsten Klein
USt.-IdNr.: DE307084554

Diese E-Mail kann vertrauliche und/oder rechtlich geschützte Informationen beinhalten. Sollten Sie diese E-Mail irrtümlich erhalten haben, informieren Sie bitte den Absender und löschen Sie diese E-Mail und alle Kopien umgehend. Eine unbefugte Weitergabe der E-Mail oder deren Inhalte und Anhänge ist nicht gestattet.

Möchten Sie als Empfänger keine Informationen dieser Art erhalten, setzen Sie sich bitte unmittelbar mit dem Absender der E-Mail in Verbindung. Die metaeffekt GmbH unterstützt Ihre Datenhoheit und informationelle Selbstbestimmung und übermittelt Informationen ausschließlich auf der Rechtsgrundlage der europäischen Datenschutzgrundverordnung (DSGVO). Weitere Informationen zu den Datenverarbeitungsvorgängen und insbesondere Ihrer Rechte entnehmen Sie der Datenschutzerklärung der metaeffekt GmbH <http://www.metaeffekt.com/files/metaeffekt-data-privacy_v2018-05-29.pdf>.



On 12.03.20, 13:00, "Matija Šuklje" <Spdx-legal@... on behalf of matija@...> wrote:

On sreda, 11. marec 2020 22:47:40 CET, J Lovejoy wrote:

> And SPDX License List endeavored to add any and all licenses
> ever approved by OSI in the early days, so… here we are. We
> didn’t have the matching guidelines established back then, I
> don’t think, but in any case, it has been on the OSI approved
> list for a very long time (as in before SPDX License List birth,
> I believe). OSI considers it a “vanity” license, in so many
> words - which is probably why we don’t have any markup on the
> acknowledgment statement.

I suspected as such, yes. I did check the OSI list when I stumbled upon it.

> Would a Note explaining this suffice?

Ideally I would like to have it deprecated (also on OSI), but note would
work as well.

Thanks for looking into this. I didn’t want to open an issue right away, as
I suspected it was some legacy thing.


cheers,
Matija
--
gsm: tel:+386.41.849.552
www: https://matija.suklje.name
xmpp: matija.suklje@...
sip: matija_suklje@...

501 - 520 of 3279