Re: Purpose of licensing info


Jilayne Lovejoy <Jlovejoy@...>
 

It seems like there are three possible scenarios for this field:

"I looked and found ____" = field propagated
"I looked and didn't find anything" = NotSpecified
"I didn't even look" = ? field left blank ?

I think the purpose should include the third scenario as well. "None" is confusing, as it is too similar to "NotSpecified" (not sure if that was the suggestion in any case)

5.3b.1 Purpose: This field contains license information explicitly found in the file. If no license information is found it should be denoted as "NotSpecified". If the file was not investigated, then this field should be left blank. This information could be represented using standard short form names. See Appendix I for standardized license short forms. If the detected license information is not one of the standardized license short forms, this field must contain a reference to the full text of the information found in the file included in this SPDX file in section 4. If more than one piece of license information is detected in the file, then each should be listed.

-----Original Message-----
From: spdx-bounces@... [mailto:spdx-bounces@...] On Behalf Of Peterson, Scott K (HP Legal)
Sent: Friday, January 14, 2011 8:41 AM
To: Peter Williams
Cc: spdx@...
Subject: RE: Purpose of licensing info

None would imply that one looked and none was found.

Absence of the field would not imply whether there was or was not any license information in the file.

For example, if someone wanted to use the SPDX format to represent the information for their project, they might manually create the data. They won't necessarily want to take the trouble to indicate whether there was information in each file or not. The asserted license field would be enough for their purpose. Others might prefer that they added information about what was explicitly in the file. Whether the developer wanted to do that extra work ought to be up to them.

-- Scott

-----Original Message-----
From: spdx-bounces@... [mailto:spdx-bounces@...] On Behalf Of Peter Williams
Sent: Friday, January 14, 2011 10:36 AM
To: spdx@...
Subject: Re: Purpose of licensing info

Given that the field is optional do we need a "none" value? Wouldn't
the absence of this field mean "none".

On Fri, Jan 14, 2011 at 8:15 AM, Peterson, Scott K (HP Legal)
<scott.k.peterson@...> wrote:
I have a revision to my proposal below. The file format should permit uses where no assertion about what licensing information is or is not explicitly present in the file. In those cases the field could be omitted. If one want to represent the fact the file was scanned for license information and none was found, the file could have a value of "NoneSpecified".

Thus the change to what I proposed below:

5.3b.3 Cardinality:  Optional, zero or many.


-----Original Message-----
From: spdx-bounces@... [mailto:spdx-bounces@...] On Behalf Of Peterson, Scott K (HP Legal)
Sent: Friday, January 14, 2011 9:46 AM
To: spdx@...
Subject: RE: Purpose of licensing info

With the intent that I heard on the phone this morning, calling the second license field "Detected License" or "Declared License" will confuse people as to the intended meaning of the information in this field. This field is representing information that may be useful in determining the applicable license terms. The field itself is not necessarily representing a license.

Thus I propose modifying 5.3b as follows:

5.3b Detected License Information

5.3b.1 Purpose: This field contains license information explicitly found in the file. If no license information is found it should be denoted as "NotSpecified". This information could be represented using standard short form names. See Appendix I for standardized license short forms.  If the detected license information is not one of the standardized license short forms, this field must contain a reference to the full text of the information found in the file included in this SPDX file in section 4. If more than one piece of license information is detected in the file, then each should be listed.

5.ba.2 Intent: Here, the intent is to record the information that is explicitly present in the file that might be relevant to determination of the terms under which the file is licensed.

5.3b.3 Cardinality:  Mandatory, one or many.

5.3b.4 Tag: "LicenseInfo:"

5.3b.5 RDF: TBD (not including disjunctive form, if multiple many should be specified )

5.3b.6 Data Format: <short form identifier in Appendix I> | "FullLicense"-N

5.3b.7 Examples:
LicenseInfo: GPL-2.0
LicenseInfo: FullLicense-456
LicenseInfo: FullLicense-457

Where FullLicense-456 is "This file is licensed under the same terms as Perl."
where FullLicense-457 is "For license terms, see the file LICENSE."

-- Scott

-----Original Message-----
From: spdx-bounces@... [mailto:spdx-bounces@...] On Behalf Of kate.stewart@...
Sent: Thursday, January 13, 2011 2:47 PM
To: spdx@...
Subject: Re: Purpose of licensing info

Based on discussions on the SPDX call today, I think we are closing in on the following proposal for the file level to address the concerns raised by Open Logic.

There will be a special call tomorrow at 9am EST to get resolution on this issue.  Please let Esteban Rockett or myself know,  off-list, if you are interested in participating and were not in the legal call yesterday or the coordination call today.

Proposal:  section 5.3 (License(s)) of the spec will become 3 fields:

5.3a Asserted License

5.3a.1 Purpose: This field contains the license governing the file if it can be determined.  If no license information can be determined, the license is denoted as "Unknown".   The licenses should use the standard short form names.   See Appendix I for standardized license short forms.  If a Detected License is not one of the standardized license short forms, this field must contain a reference to the full licenses text included in this SPDX file in section 4.  If more than one license is detected in the file, then each should be listed.  If any of the detected licenses offer the recipient a choice of licenses, then each of the choices will be declared as a "disjunctive" license.

5.3a.2 Intent: Here, the intent is to have a uniform method to refer to the license that is determined to represent the file with specificity to eliminate any license confusion.  For example, the 3 clause BSD would have a different license identifier then the 4 clause BSD.

5.3a.3 Cardinality:  Mandatory, one.

5.3a.4 Tag: "LicenseAsserted:"

5.3a.5 RDF: TBD  (include Disjunctive form here)

5.3a.6 Data Format: <short form identifier in Appendix I> | "FullLicense"-N

5.3a.7 Example:
LicenseAsserted: GPL-2.0


5.3b Detected License(s)

5.3b.1 Purpose: This field contains the license governing the file if it is known.  It will be explicit from the file header or other information found in the file's source code.    If no license information is found it should be denoted as "NotSpecified".  If no license information can be determined, the license is denoted as "Unknown".   The licenses should use the standard short form names.   See Appendix I for standardized license short forms.  If a Detected License is not one of the standardized license short forms, this field must contain a reference to the full licenses text included in this SPDX file in section 4.  If more than one license is detected in the file, then each should be listed.  If any of the detected licenses offer the recipient a choice of licenses, then each of the choices will be declared as a "disjunctive" license.

5.ba.2 Intent: Here, the intent is to have a uniform method to refer to each license with specificity to eliminate any license confusion.  For example, the 3 clause BSD would have a different license identifier then the 4 clause BSD.

5.3b.3 Cardinality:  Mandatory, one or many.

5.3b.4 Tag: "LicenseDetected:"

5.3b.5 RDF: TBD (not including disjunctive form, if multiple many should be specified )

5.3b.6 Data Format: <short form identifier in Appendix I> | "FullLicense"-N

5.3b.7 Example:
LicenseDetected: GPL-2.0
LicenseDetected: FullLicense-2


5.3c License Comments

5.3c.1 Purpose: This field is a detailed description of the analysis and any relevent background references that went in to making the asserted license for a file, if the asserted license does not match the detected license that the person creating the SPDX file wants to share with the reviewers.

5.3c.2 Intent:  Here, the intent is to provide technical readers/reviewers with a detailed technical explanation of how the asserted license was determined if it does not match the detected license.

5.3c.3 Cardinality: Optional, single instance

5.3c.4 Tag: "LicenseComments:"

5.3c.5 RDF: TBD

5.3c.6 Data Format: free form text than can span multiple lines, preceded with <text> and ending with </text>.

5.3c.7 Example: LicenseComments: <text> The asserted license was taken from the package level that the file was included in.  </text>

The above is preliminary at this point, so needs some polishing.  I've entered it in bugzilla (http://bugs.linux-foundation.org/show_bug.cgi?id=625), so after the discussion tomorrow, feel free to subscribe, and make improvements there.

Kate
_______________________________________________
Spdx mailing list
Spdx@...
https://fossbazaar.org/mailman/listinfo/spdx
_______________________________________________
Spdx mailing list
Spdx@...
https://fossbazaar.org/mailman/listinfo/spdx
_______________________________________________
Spdx mailing list
Spdx@...
https://fossbazaar.org/mailman/listinfo/spdx
_______________________________________________
Spdx mailing list
Spdx@...
https://fossbazaar.org/mailman/listinfo/spdx
_______________________________________________
Spdx mailing list
Spdx@...
https://fossbazaar.org/mailman/listinfo/spdx

Join spdx@lists.spdx.org to automatically receive all group messages.