Date   

Re: Purpose of licensing info

Peterson, Scott K (HP Legal)
 

None would imply that one looked and none was found.

Absence of the field would not imply whether there was or was not any license information in the file.

For example, if someone wanted to use the SPDX format to represent the information for their project, they might manually create the data. They won't necessarily want to take the trouble to indicate whether there was information in each file or not. The asserted license field would be enough for their purpose. Others might prefer that they added information about what was explicitly in the file. Whether the developer wanted to do that extra work ought to be up to them.

-- Scott

-----Original Message-----
From: spdx-bounces@... [mailto:spdx-bounces@...] On Behalf Of Peter Williams
Sent: Friday, January 14, 2011 10:36 AM
To: spdx@...
Subject: Re: Purpose of licensing info

Given that the field is optional do we need a "none" value? Wouldn't
the absence of this field mean "none".

On Fri, Jan 14, 2011 at 8:15 AM, Peterson, Scott K (HP Legal)
<scott.k.peterson@...> wrote:
I have a revision to my proposal below. The file format should permit uses where no assertion about what licensing information is or is not explicitly present in the file. In those cases the field could be omitted. If one want to represent the fact the file was scanned for license information and none was found, the file could have a value of "NoneSpecified".

Thus the change to what I proposed below:

5.3b.3 Cardinality:  Optional, zero or many.


-----Original Message-----
From: spdx-bounces@... [mailto:spdx-bounces@...] On Behalf Of Peterson, Scott K (HP Legal)
Sent: Friday, January 14, 2011 9:46 AM
To: spdx@...
Subject: RE: Purpose of licensing info

With the intent that I heard on the phone this morning, calling the second license field "Detected License" or "Declared License" will confuse people as to the intended meaning of the information in this field. This field is representing information that may be useful in determining the applicable license terms. The field itself is not necessarily representing a license.

Thus I propose modifying 5.3b as follows:

5.3b Detected License Information

5.3b.1 Purpose: This field contains license information explicitly found in the file. If no license information is found it should be denoted as "NotSpecified". This information could be represented using standard short form names. See Appendix I for standardized license short forms.  If the detected license information is not one of the standardized license short forms, this field must contain a reference to the full text of the information found in the file included in this SPDX file in section 4. If more than one piece of license information is detected in the file, then each should be listed.

5.ba.2 Intent: Here, the intent is to record the information that is explicitly present in the file that might be relevant to determination of the terms under which the file is licensed.

5.3b.3 Cardinality:  Mandatory, one or many.

5.3b.4 Tag: "LicenseInfo:"

5.3b.5 RDF: TBD (not including disjunctive form, if multiple many should be specified )

5.3b.6 Data Format: <short form identifier in Appendix I> | "FullLicense"-N

5.3b.7 Examples:
LicenseInfo: GPL-2.0
LicenseInfo: FullLicense-456
LicenseInfo: FullLicense-457

Where FullLicense-456 is "This file is licensed under the same terms as Perl."
where FullLicense-457 is "For license terms, see the file LICENSE."

-- Scott

-----Original Message-----
From: spdx-bounces@... [mailto:spdx-bounces@...] On Behalf Of kate.stewart@...
Sent: Thursday, January 13, 2011 2:47 PM
To: spdx@...
Subject: Re: Purpose of licensing info

Based on discussions on the SPDX call today, I think we are closing in on the following proposal for the file level to address the concerns raised by Open Logic.

There will be a special call tomorrow at 9am EST to get resolution on this issue.  Please let Esteban Rockett or myself know,  off-list, if you are interested in participating and were not in the legal call yesterday or the coordination call today.

Proposal:  section 5.3 (License(s)) of the spec will become 3 fields:

5.3a Asserted License

5.3a.1 Purpose: This field contains the license governing the file if it can be determined.  If no license information can be determined, the license is denoted as "Unknown".   The licenses should use the standard short form names.   See Appendix I for standardized license short forms.  If a Detected License is not one of the standardized license short forms, this field must contain a reference to the full licenses text included in this SPDX file in section 4.  If more than one license is detected in the file, then each should be listed.  If any of the detected licenses offer the recipient a choice of licenses, then each of the choices will be declared as a "disjunctive" license.

5.3a.2 Intent: Here, the intent is to have a uniform method to refer to the license that is determined to represent the file with specificity to eliminate any license confusion.  For example, the 3 clause BSD would have a different license identifier then the 4 clause BSD.

5.3a.3 Cardinality:  Mandatory, one.

5.3a.4 Tag: "LicenseAsserted:"

5.3a.5 RDF: TBD  (include Disjunctive form here)

5.3a.6 Data Format: <short form identifier in Appendix I> | "FullLicense"-N

5.3a.7 Example:
LicenseAsserted: GPL-2.0


5.3b Detected License(s)

5.3b.1 Purpose: This field contains the license governing the file if it is known.  It will be explicit from the file header or other information found in the file's source code.    If no license information is found it should be denoted as "NotSpecified".  If no license information can be determined, the license is denoted as "Unknown".   The licenses should use the standard short form names.   See Appendix I for standardized license short forms.  If a Detected License is not one of the standardized license short forms, this field must contain a reference to the full licenses text included in this SPDX file in section 4.  If more than one license is detected in the file, then each should be listed.  If any of the detected licenses offer the recipient a choice of licenses, then each of the choices will be declared as a "disjunctive" license.

5.ba.2 Intent: Here, the intent is to have a uniform method to refer to each license with specificity to eliminate any license confusion.  For example, the 3 clause BSD would have a different license identifier then the 4 clause BSD.

5.3b.3 Cardinality:  Mandatory, one or many.

5.3b.4 Tag: "LicenseDetected:"

5.3b.5 RDF: TBD (not including disjunctive form, if multiple many should be specified )

5.3b.6 Data Format: <short form identifier in Appendix I> | "FullLicense"-N

5.3b.7 Example:
LicenseDetected: GPL-2.0
LicenseDetected: FullLicense-2


5.3c License Comments

5.3c.1 Purpose: This field is a detailed description of the analysis and any relevent background references that went in to making the asserted license for a file, if the asserted license does not match the detected license that the person creating the SPDX file wants to share with the reviewers.

5.3c.2 Intent:  Here, the intent is to provide technical readers/reviewers with a detailed technical explanation of how the asserted license was determined if it does not match the detected license.

5.3c.3 Cardinality: Optional, single instance

5.3c.4 Tag: "LicenseComments:"

5.3c.5 RDF: TBD

5.3c.6 Data Format: free form text than can span multiple lines, preceded with <text> and ending with </text>.

5.3c.7 Example: LicenseComments: <text> The asserted license was taken from the package level that the file was included in.  </text>

The above is preliminary at this point, so needs some polishing.  I've entered it in bugzilla (http://bugs.linux-foundation.org/show_bug.cgi?id=625), so after the discussion tomorrow, feel free to subscribe, and make improvements there.

Kate
_______________________________________________
Spdx mailing list
Spdx@...
https://fossbazaar.org/mailman/listinfo/spdx
_______________________________________________
Spdx mailing list
Spdx@...
https://fossbazaar.org/mailman/listinfo/spdx
_______________________________________________
Spdx mailing list
Spdx@...
https://fossbazaar.org/mailman/listinfo/spdx
_______________________________________________
Spdx mailing list
Spdx@...
https://fossbazaar.org/mailman/listinfo/spdx


Re: Purpose of licensing info

Philip Odence
 

I assumed we'd want to distinguish between "I didn't look" and "I looked and found no license info."


L. Philip Odence
Vice President of Business Development
Black Duck Software, inc.
265 Winter Street, Waltham, MA 02451
Phone: 781.810.1819, Mobile: 781.258.9502

On Jan 14, 2011, at 10:36 AM, Peter Williams wrote:

Given that the field is optional do we need a "none" value?  Wouldn't
the absence of this field mean "none".

On Fri, Jan 14, 2011 at 8:15 AM, Peterson, Scott K (HP Legal)
<scott.k.peterson@...> wrote:
I have a revision to my proposal below. The file format should permit uses where no assertion about what licensing information is or is not explicitly present in the file. In those cases the field could be omitted. If one want to represent the fact the file was scanned for license information and none was found, the file could have a value of "NoneSpecified".

Thus the change to what I proposed below:

5.3b.3 Cardinality:  Optional, zero or many.


-----Original Message-----
From: spdx-bounces@... [mailto:spdx-bounces@...] On Behalf Of Peterson, Scott K (HP Legal)
Sent: Friday, January 14, 2011 9:46 AM
To: spdx@...
Subject: RE: Purpose of licensing info

With the intent that I heard on the phone this morning, calling the second license field "Detected License" or "Declared License" will confuse people as to the intended meaning of the information in this field. This field is representing information that may be useful in determining the applicable license terms. The field itself is not necessarily representing a license.

Thus I propose modifying 5.3b as follows:

5.3b Detected License Information

5.3b.1 Purpose: This field contains license information explicitly found in the file. If no license information is found it should be denoted as “NotSpecified”. This information could be represented using standard short form names. See Appendix I for standardized license short forms.  If the detected license information is not one of the standardized license short forms, this field must contain a reference to the full text of the information found in the file included in this SPDX file in section 4. If more than one piece of license information is detected in the file, then each should be listed.

5.ba.2 Intent: Here, the intent is to record the information that is explicitly present in the file that might be relevant to determination of the terms under which the file is licensed.

5.3b.3 Cardinality:  Mandatory, one or many.

5.3b.4 Tag: "LicenseInfo:"

5.3b.5 RDF: TBD (not including disjunctive form, if multiple many should be specified )

5.3b.6 Data Format: <short form identifier in Appendix I> | "FullLicense"-N

5.3b.7 Examples:
LicenseInfo: GPL-2.0
LicenseInfo: FullLicense-456
LicenseInfo: FullLicense-457

Where FullLicense-456 is "This file is licensed under the same terms as Perl."
where FullLicense-457 is "For license terms, see the file LICENSE."

-- Scott

-----Original Message-----
From: spdx-bounces@... [mailto:spdx-bounces@...] On Behalf Of kate.stewart@...
Sent: Thursday, January 13, 2011 2:47 PM
To: spdx@...
Subject: Re: Purpose of licensing info

Based on discussions on the SPDX call today, I think we are closing in on the following proposal for the file level to address the concerns raised by Open Logic.

There will be a special call tomorrow at 9am EST to get resolution on this issue.  Please let Esteban Rockett or myself know,  off-list, if you are interested in participating and were not in the legal call yesterday or the coordination call today.

Proposal:  section 5.3 (License(s)) of the spec will become 3 fields:

5.3a Asserted License

5.3a.1 Purpose: This field contains the license governing the file if it can be determined.  If no license information can be determined, the license is denoted as “Unknown”.   The licenses should use the standard short form names.   See Appendix I for standardized license short forms.  If a Detected License is not one of the standardized license short forms, this field must contain a reference to the full licenses text included in this SPDX file in section 4.  If more than one license is detected in the file, then each should be listed.  If any of the detected licenses offer the recipient a choice of licenses, then each of the choices will be declared as a “disjunctive” license.

5.3a.2 Intent: Here, the intent is to have a uniform method to refer to the license that is determined to represent the file with specificity to eliminate any license confusion.  For example, the 3 clause BSD would have a different license identifier then the 4 clause BSD.

5.3a.3 Cardinality:  Mandatory, one.

5.3a.4 Tag: "LicenseAsserted:"

5.3a.5 RDF: TBD  (include Disjunctive form here)

5.3a.6 Data Format: <short form identifier in Appendix I> | "FullLicense"-N

5.3a.7 Example:
LicenseAsserted: GPL-2.0


5.3b Detected License(s)

5.3b.1 Purpose: This field contains the license governing the file if it is known.  It will be explicit from the file header or other information found in the file’s source code.    If no license information is found it should be denoted as “NotSpecified”.  If no license information can be determined, the license is denoted as “Unknown”.   The licenses should use the standard short form names.   See Appendix I for standardized license short forms.  If a Detected License is not one of the standardized license short forms, this field must contain a reference to the full licenses text included in this SPDX file in section 4.  If more than one license is detected in the file, then each should be listed.  If any of the detected licenses offer the recipient a choice of licenses, then each of the choices will be declared as a “disjunctive” license.

5.ba.2 Intent: Here, the intent is to have a uniform method to refer to each license with specificity to eliminate any license confusion.  For example, the 3 clause BSD would have a different license identifier then the 4 clause BSD.

5.3b.3 Cardinality:  Mandatory, one or many.

5.3b.4 Tag: "LicenseDetected:"

5.3b.5 RDF: TBD (not including disjunctive form, if multiple many should be specified )

5.3b.6 Data Format: <short form identifier in Appendix I> | "FullLicense"-N

5.3b.7 Example:
LicenseDetected: GPL-2.0
LicenseDetected: FullLicense-2


5.3c License Comments

5.3c.1 Purpose: This field is a detailed description of the analysis and any relevent background references that went in to making the asserted license for a file, if the asserted license does not match the detected license that the person creating the SPDX file wants to share with the reviewers.

5.3c.2 Intent:  Here, the intent is to provide technical readers/reviewers with a detailed technical explanation of how the asserted license was determined if it does not match the detected license.

5.3c.3 Cardinality: Optional, single instance

5.3c.4 Tag: “LicenseComments:”

5.3c.5 RDF: TBD

5.3c.6 Data Format: free form text than can span multiple lines, preceded with <text> and ending with </text>.

5.3c.7 Example: LicenseComments: <text> The asserted license was taken from the package level that the file was included in.  </text>

The above is preliminary at this point, so needs some polishing.  I've entered it in bugzilla (http://bugs.linux-foundation.org/show_bug.cgi?id=625), so after the discussion tomorrow, feel free to subscribe, and make improvements there.

Kate
_______________________________________________
Spdx mailing list
Spdx@...
https://fossbazaar.org/mailman/listinfo/spdx
_______________________________________________
Spdx mailing list
Spdx@...
https://fossbazaar.org/mailman/listinfo/spdx
_______________________________________________
Spdx mailing list
Spdx@...
https://fossbazaar.org/mailman/listinfo/spdx

_______________________________________________
Spdx mailing list
Spdx@...
https://fossbazaar.org/mailman/listinfo/spdx


Re: Purpose of licensing info

Peter Williams <peter.williams@...>
 

Given that the field is optional do we need a "none" value? Wouldn't
the absence of this field mean "none".

On Fri, Jan 14, 2011 at 8:15 AM, Peterson, Scott K (HP Legal)
<scott.k.peterson@...> wrote:
I have a revision to my proposal below. The file format should permit uses where no assertion about what licensing information is or is not explicitly present in the file. In those cases the field could be omitted. If one want to represent the fact the file was scanned for license information and none was found, the file could have a value of "NoneSpecified".

Thus the change to what I proposed below:

5.3b.3 Cardinality:  Optional, zero or many.


-----Original Message-----
From: spdx-bounces@... [mailto:spdx-bounces@...] On Behalf Of Peterson, Scott K (HP Legal)
Sent: Friday, January 14, 2011 9:46 AM
To: spdx@...
Subject: RE: Purpose of licensing info

With the intent that I heard on the phone this morning, calling the second license field "Detected License" or "Declared License" will confuse people as to the intended meaning of the information in this field. This field is representing information that may be useful in determining the applicable license terms. The field itself is not necessarily representing a license.

Thus I propose modifying 5.3b as follows:

5.3b Detected License Information

5.3b.1 Purpose: This field contains license information explicitly found in the file. If no license information is found it should be denoted as “NotSpecified”. This information could be represented using standard short form names. See Appendix I for standardized license short forms.  If the detected license information is not one of the standardized license short forms, this field must contain a reference to the full text of the information found in the file included in this SPDX file in section 4. If more than one piece of license information is detected in the file, then each should be listed.

5.ba.2 Intent: Here, the intent is to record the information that is explicitly present in the file that might be relevant to determination of the terms under which the file is licensed.

5.3b.3 Cardinality:  Mandatory, one or many.

5.3b.4 Tag: "LicenseInfo:"

5.3b.5 RDF: TBD (not including disjunctive form, if multiple many should be specified )

5.3b.6 Data Format: <short form identifier in Appendix I> | "FullLicense"-N

5.3b.7 Examples:
LicenseInfo: GPL-2.0
LicenseInfo: FullLicense-456
LicenseInfo: FullLicense-457

Where FullLicense-456 is "This file is licensed under the same terms as Perl."
where FullLicense-457 is "For license terms, see the file LICENSE."

-- Scott

-----Original Message-----
From: spdx-bounces@... [mailto:spdx-bounces@...] On Behalf Of kate.stewart@...
Sent: Thursday, January 13, 2011 2:47 PM
To: spdx@...
Subject: Re: Purpose of licensing info

Based on discussions on the SPDX call today, I think we are closing in on the following proposal for the file level to address the concerns raised by Open Logic.

There will be a special call tomorrow at 9am EST to get resolution on this issue.  Please let Esteban Rockett or myself know,  off-list, if you are interested in participating and were not in the legal call yesterday or the coordination call today.

Proposal:  section 5.3 (License(s)) of the spec will become 3 fields:

5.3a Asserted License

5.3a.1 Purpose: This field contains the license governing the file if it can be determined.  If no license information can be determined, the license is denoted as “Unknown”.   The licenses should use the standard short form names.   See Appendix I for standardized license short forms.  If a Detected License is not one of the standardized license short forms, this field must contain a reference to the full licenses text included in this SPDX file in section 4.  If more than one license is detected in the file, then each should be listed.  If any of the detected licenses offer the recipient a choice of licenses, then each of the choices will be declared as a “disjunctive” license.

5.3a.2 Intent: Here, the intent is to have a uniform method to refer to the license that is determined to represent the file with specificity to eliminate any license confusion.  For example, the 3 clause BSD would have a different license identifier then the 4 clause BSD.

5.3a.3 Cardinality:  Mandatory, one.

5.3a.4 Tag: "LicenseAsserted:"

5.3a.5 RDF: TBD  (include Disjunctive form here)

5.3a.6 Data Format: <short form identifier in Appendix I> | "FullLicense"-N

5.3a.7 Example:
LicenseAsserted: GPL-2.0


5.3b Detected License(s)

5.3b.1 Purpose: This field contains the license governing the file if it is known.  It will be explicit from the file header or other information found in the file’s source code.    If no license information is found it should be denoted as “NotSpecified”.  If no license information can be determined, the license is denoted as “Unknown”.   The licenses should use the standard short form names.   See Appendix I for standardized license short forms.  If a Detected License is not one of the standardized license short forms, this field must contain a reference to the full licenses text included in this SPDX file in section 4.  If more than one license is detected in the file, then each should be listed.  If any of the detected licenses offer the recipient a choice of licenses, then each of the choices will be declared as a “disjunctive” license.

5.ba.2 Intent: Here, the intent is to have a uniform method to refer to each license with specificity to eliminate any license confusion.  For example, the 3 clause BSD would have a different license identifier then the 4 clause BSD.

5.3b.3 Cardinality:  Mandatory, one or many.

5.3b.4 Tag: "LicenseDetected:"

5.3b.5 RDF: TBD (not including disjunctive form, if multiple many should be specified )

5.3b.6 Data Format: <short form identifier in Appendix I> | "FullLicense"-N

5.3b.7 Example:
LicenseDetected: GPL-2.0
LicenseDetected: FullLicense-2


5.3c License Comments

5.3c.1 Purpose: This field is a detailed description of the analysis and any relevent background references that went in to making the asserted license for a file, if the asserted license does not match the detected license that the person creating the SPDX file wants to share with the reviewers.

5.3c.2 Intent:  Here, the intent is to provide technical readers/reviewers with a detailed technical explanation of how the asserted license was determined if it does not match the detected license.

5.3c.3 Cardinality: Optional, single instance

5.3c.4 Tag: “LicenseComments:”

5.3c.5 RDF: TBD

5.3c.6 Data Format: free form text than can span multiple lines, preceded with <text> and ending with </text>.

5.3c.7 Example: LicenseComments: <text> The asserted license was taken from the package level that the file was included in.  </text>

The above is preliminary at this point, so needs some polishing.  I've entered it in bugzilla (http://bugs.linux-foundation.org/show_bug.cgi?id=625), so after the discussion tomorrow, feel free to subscribe, and make improvements there.

Kate
_______________________________________________
Spdx mailing list
Spdx@...
https://fossbazaar.org/mailman/listinfo/spdx
_______________________________________________
Spdx mailing list
Spdx@...
https://fossbazaar.org/mailman/listinfo/spdx
_______________________________________________
Spdx mailing list
Spdx@...
https://fossbazaar.org/mailman/listinfo/spdx


Re: Purpose of licensing info

Philip Odence
 

This all looks very good Scott. I think naming is really important. I suggest being even more explicit with the name of the field to avoid confusion all together and call it: "License Information in File"


L. Philip Odence
Vice President of Business Development
Black Duck Software, inc.
265 Winter Street, Waltham, MA 02451
Phone: 781.810.1819, Mobile: 781.258.9502

On Jan 14, 2011, at 9:45 AM, Peterson, Scott K (HP Legal) wrote:

With the intent that I heard on the phone this morning, calling the second license field "Detected License" or "Declared License" will confuse people as to the intended meaning of the information in this field. This field is representing information that may be useful in determining the applicable license terms. The field itself is not necessarily representing a license.

Thus I propose modifying 5.3b as follows:

5.3b Detected License Information

5.3b.1 Purpose: This field contains license information explicitly found in the file. If no license information is found it should be denoted as “NotSpecified”. This information could be represented using standard short form names. See Appendix I for standardized license short forms.  If the detected license information is not one of the standardized license short forms, this field must contain a reference to the full text of the information found in the file included in this SPDX file in section 4. If more than one piece of license information is detected in the file, then each should be listed.

5.ba.2 Intent: Here, the intent is to record the information that is explicitly present in the file that might be relevant to determination of the terms under which the file is licensed.

5.3b.3 Cardinality:  Mandatory, one or many.

5.3b.4 Tag: "LicenseInfo:"

5.3b.5 RDF: TBD (not including disjunctive form, if multiple many should be specified )

5.3b.6 Data Format: <short form identifier in Appendix I> | "FullLicense"-N

5.3b.7 Examples:
LicenseInfo: GPL-2.0
LicenseInfo: FullLicense-456
LicenseInfo: FullLicense-457

Where FullLicense-456 is "This file is licensed under the same terms as Perl."
where FullLicense-457 is "For license terms, see the file LICENSE."

-- Scott

-----Original Message-----
From: spdx-bounces@... [mailto:spdx-bounces@...] On Behalf Of kate.stewart@...
Sent: Thursday, January 13, 2011 2:47 PM
To: spdx@...
Subject: Re: Purpose of licensing info

Based on discussions on the SPDX call today, I think we are closing in on the following proposal for the file level to address the concerns raised by Open Logic.

There will be a special call tomorrow at 9am EST to get resolution on this issue.  Please let Esteban Rockett or myself know,  off-list, if you are interested in participating and were not in the legal call yesterday or the coordination call today.

Proposal:  section 5.3 (License(s)) of the spec will become 3 fields:

5.3a Asserted License

5.3a.1 Purpose: This field contains the license governing the file if it can be determined.  If no license information can be determined, the license is denoted as “Unknown”.   The licenses should use the standard short form names.   See Appendix I for standardized license short forms.  If a Detected License is not one of the standardized license short forms, this field must contain a reference to the full licenses text included in this SPDX file in section 4.  If more than one license is detected in the file, then each should be listed.  If any of the detected licenses offer the recipient a choice of licenses, then each of the choices will be declared as a “disjunctive” license.

5.3a.2 Intent: Here, the intent is to have a uniform method to refer to the license that is determined to represent the file with specificity to eliminate any license confusion.  For example, the 3 clause BSD would have a different license identifier then the 4 clause BSD.

5.3a.3 Cardinality:  Mandatory, one.

5.3a.4 Tag: "LicenseAsserted:"  

5.3a.5 RDF: TBD  (include Disjunctive form here)

5.3a.6 Data Format: <short form identifier in Appendix I> | "FullLicense"-N

5.3a.7 Example:
LicenseAsserted: GPL-2.0


5.3b Detected License(s)

5.3b.1 Purpose: This field contains the license governing the file if it is known.  It will be explicit from the file header or other information found in the file’s source code.    If no license information is found it should be denoted as “NotSpecified”.  If no license information can be determined, the license is denoted as “Unknown”.   The licenses should use the standard short form names.   See Appendix I for standardized license short forms.  If a Detected License is not one of the standardized license short forms, this field must contain a reference to the full licenses text included in this SPDX file in section 4.  If more than one license is detected in the file, then each should be listed.  If any of the detected licenses offer the recipient a choice of licenses, then each of the choices will be declared as a “disjunctive” license.

5.ba.2 Intent: Here, the intent is to have a uniform method to refer to each license with specificity to eliminate any license confusion.  For example, the 3 clause BSD would have a different license identifier then the 4 clause BSD.

5.3b.3 Cardinality:  Mandatory, one or many.

5.3b.4 Tag: "LicenseDetected:"  

5.3b.5 RDF: TBD (not including disjunctive form, if multiple many should be specified )

5.3b.6 Data Format: <short form identifier in Appendix I> | "FullLicense"-N

5.3b.7 Example:
LicenseDetected: GPL-2.0
LicenseDetected: FullLicense-2


5.3c License Comments

5.3c.1 Purpose: This field is a detailed description of the analysis and any relevent background references that went in to making the asserted license for a file, if the asserted license does not match the detected license that the person creating the SPDX file wants to share with the reviewers.   

5.3c.2 Intent:  Here, the intent is to provide technical readers/reviewers with a detailed technical explanation of how the asserted license was determined if it does not match the detected license.  

5.3c.3 Cardinality: Optional, single instance

5.3c.4 Tag: “LicenseComments:”

5.3c.5 RDF: TBD

5.3c.6 Data Format: free form text than can span multiple lines, preceded with <text> and ending with </text>.

5.3c.7 Example: LicenseComments: <text> The asserted license was taken from the package level that the file was included in.  </text>

The above is preliminary at this point, so needs some polishing.  I've entered it in bugzilla (http://bugs.linux-foundation.org/show_bug.cgi?id=625), so after the discussion tomorrow, feel free to subscribe, and make improvements there.   

Kate
_______________________________________________
Spdx mailing list
Spdx@...
https://fossbazaar.org/mailman/listinfo/spdx
_______________________________________________
Spdx mailing list
Spdx@...
https://fossbazaar.org/mailman/listinfo/spdx


Re: Purpose of licensing info

Peterson, Scott K (HP Legal)
 

I have a revision to my proposal below. The file format should permit uses where no assertion about what licensing information is or is not explicitly present in the file. In those cases the field could be omitted. If one want to represent the fact the file was scanned for license information and none was found, the file could have a value of "NoneSpecified".

Thus the change to what I proposed below:

5.3b.3 Cardinality: Optional, zero or many.

-----Original Message-----
From: spdx-bounces@... [mailto:spdx-bounces@...] On Behalf Of Peterson, Scott K (HP Legal)
Sent: Friday, January 14, 2011 9:46 AM
To: spdx@...
Subject: RE: Purpose of licensing info

With the intent that I heard on the phone this morning, calling the second license field "Detected License" or "Declared License" will confuse people as to the intended meaning of the information in this field. This field is representing information that may be useful in determining the applicable license terms. The field itself is not necessarily representing a license.

Thus I propose modifying 5.3b as follows:

5.3b Detected License Information

5.3b.1 Purpose: This field contains license information explicitly found in the file. If no license information is found it should be denoted as “NotSpecified”. This information could be represented using standard short form names. See Appendix I for standardized license short forms. If the detected license information is not one of the standardized license short forms, this field must contain a reference to the full text of the information found in the file included in this SPDX file in section 4. If more than one piece of license information is detected in the file, then each should be listed.

5.ba.2 Intent: Here, the intent is to record the information that is explicitly present in the file that might be relevant to determination of the terms under which the file is licensed.

5.3b.3 Cardinality: Mandatory, one or many.

5.3b.4 Tag: "LicenseInfo:"

5.3b.5 RDF: TBD (not including disjunctive form, if multiple many should be specified )

5.3b.6 Data Format: <short form identifier in Appendix I> | "FullLicense"-N

5.3b.7 Examples:
LicenseInfo: GPL-2.0
LicenseInfo: FullLicense-456
LicenseInfo: FullLicense-457

Where FullLicense-456 is "This file is licensed under the same terms as Perl."
where FullLicense-457 is "For license terms, see the file LICENSE."

-- Scott

-----Original Message-----
From: spdx-bounces@... [mailto:spdx-bounces@...] On Behalf Of kate.stewart@...
Sent: Thursday, January 13, 2011 2:47 PM
To: spdx@...
Subject: Re: Purpose of licensing info

Based on discussions on the SPDX call today, I think we are closing in on the following proposal for the file level to address the concerns raised by Open Logic.

There will be a special call tomorrow at 9am EST to get resolution on this issue. Please let Esteban Rockett or myself know, off-list, if you are interested in participating and were not in the legal call yesterday or the coordination call today.

Proposal: section 5.3 (License(s)) of the spec will become 3 fields:

5.3a Asserted License

5.3a.1 Purpose: This field contains the license governing the file if it can be determined. If no license information can be determined, the license is denoted as “Unknown”. The licenses should use the standard short form names. See Appendix I for standardized license short forms. If a Detected License is not one of the standardized license short forms, this field must contain a reference to the full licenses text included in this SPDX file in section 4. If more than one license is detected in the file, then each should be listed. If any of the detected licenses offer the recipient a choice of licenses, then each of the choices will be declared as a “disjunctive” license.

5.3a.2 Intent: Here, the intent is to have a uniform method to refer to the license that is determined to represent the file with specificity to eliminate any license confusion. For example, the 3 clause BSD would have a different license identifier then the 4 clause BSD.

5.3a.3 Cardinality: Mandatory, one.

5.3a.4 Tag: "LicenseAsserted:"

5.3a.5 RDF: TBD (include Disjunctive form here)

5.3a.6 Data Format: <short form identifier in Appendix I> | "FullLicense"-N

5.3a.7 Example:
LicenseAsserted: GPL-2.0


5.3b Detected License(s)

5.3b.1 Purpose: This field contains the license governing the file if it is known. It will be explicit from the file header or other information found in the file’s source code. If no license information is found it should be denoted as “NotSpecified”. If no license information can be determined, the license is denoted as “Unknown”. The licenses should use the standard short form names. See Appendix I for standardized license short forms. If a Detected License is not one of the standardized license short forms, this field must contain a reference to the full licenses text included in this SPDX file in section 4. If more than one license is detected in the file, then each should be listed. If any of the detected licenses offer the recipient a choice of licenses, then each of the choices will be declared as a “disjunctive” license.

5.ba.2 Intent: Here, the intent is to have a uniform method to refer to each license with specificity to eliminate any license confusion. For example, the 3 clause BSD would have a different license identifier then the 4 clause BSD.

5.3b.3 Cardinality: Mandatory, one or many.

5.3b.4 Tag: "LicenseDetected:"

5.3b.5 RDF: TBD (not including disjunctive form, if multiple many should be specified )

5.3b.6 Data Format: <short form identifier in Appendix I> | "FullLicense"-N

5.3b.7 Example:
LicenseDetected: GPL-2.0
LicenseDetected: FullLicense-2


5.3c License Comments

5.3c.1 Purpose: This field is a detailed description of the analysis and any relevent background references that went in to making the asserted license for a file, if the asserted license does not match the detected license that the person creating the SPDX file wants to share with the reviewers.

5.3c.2 Intent: Here, the intent is to provide technical readers/reviewers with a detailed technical explanation of how the asserted license was determined if it does not match the detected license.

5.3c.3 Cardinality: Optional, single instance

5.3c.4 Tag: “LicenseComments:”

5.3c.5 RDF: TBD

5.3c.6 Data Format: free form text than can span multiple lines, preceded with <text> and ending with </text>.

5.3c.7 Example: LicenseComments: <text> The asserted license was taken from the package level that the file was included in. </text>

The above is preliminary at this point, so needs some polishing. I've entered it in bugzilla (http://bugs.linux-foundation.org/show_bug.cgi?id=625), so after the discussion tomorrow, feel free to subscribe, and make improvements there.

Kate
_______________________________________________
Spdx mailing list
Spdx@...
https://fossbazaar.org/mailman/listinfo/spdx
_______________________________________________
Spdx mailing list
Spdx@...
https://fossbazaar.org/mailman/listinfo/spdx


Re: Purpose of licensing info

Peterson, Scott K (HP Legal)
 

With the intent that I heard on the phone this morning, calling the second license field "Detected License" or "Declared License" will confuse people as to the intended meaning of the information in this field. This field is representing information that may be useful in determining the applicable license terms. The field itself is not necessarily representing a license.

Thus I propose modifying 5.3b as follows:

5.3b Detected License Information

5.3b.1 Purpose: This field contains license information explicitly found in the file. If no license information is found it should be denoted as “NotSpecified”. This information could be represented using standard short form names. See Appendix I for standardized license short forms. If the detected license information is not one of the standardized license short forms, this field must contain a reference to the full text of the information found in the file included in this SPDX file in section 4. If more than one piece of license information is detected in the file, then each should be listed.

5.ba.2 Intent: Here, the intent is to record the information that is explicitly present in the file that might be relevant to determination of the terms under which the file is licensed.

5.3b.3 Cardinality: Mandatory, one or many.

5.3b.4 Tag: "LicenseInfo:"

5.3b.5 RDF: TBD (not including disjunctive form, if multiple many should be specified )

5.3b.6 Data Format: <short form identifier in Appendix I> | "FullLicense"-N

5.3b.7 Examples:
LicenseInfo: GPL-2.0
LicenseInfo: FullLicense-456
LicenseInfo: FullLicense-457

Where FullLicense-456 is "This file is licensed under the same terms as Perl."
where FullLicense-457 is "For license terms, see the file LICENSE."

-- Scott

-----Original Message-----
From: spdx-bounces@... [mailto:spdx-bounces@...] On Behalf Of kate.stewart@...
Sent: Thursday, January 13, 2011 2:47 PM
To: spdx@...
Subject: Re: Purpose of licensing info

Based on discussions on the SPDX call today, I think we are closing in on the following proposal for the file level to address the concerns raised by Open Logic.

There will be a special call tomorrow at 9am EST to get resolution on this issue. Please let Esteban Rockett or myself know, off-list, if you are interested in participating and were not in the legal call yesterday or the coordination call today.

Proposal: section 5.3 (License(s)) of the spec will become 3 fields:

5.3a Asserted License

5.3a.1 Purpose: This field contains the license governing the file if it can be determined. If no license information can be determined, the license is denoted as “Unknown”. The licenses should use the standard short form names. See Appendix I for standardized license short forms. If a Detected License is not one of the standardized license short forms, this field must contain a reference to the full licenses text included in this SPDX file in section 4. If more than one license is detected in the file, then each should be listed. If any of the detected licenses offer the recipient a choice of licenses, then each of the choices will be declared as a “disjunctive” license.

5.3a.2 Intent: Here, the intent is to have a uniform method to refer to the license that is determined to represent the file with specificity to eliminate any license confusion. For example, the 3 clause BSD would have a different license identifier then the 4 clause BSD.

5.3a.3 Cardinality: Mandatory, one.

5.3a.4 Tag: "LicenseAsserted:"

5.3a.5 RDF: TBD (include Disjunctive form here)

5.3a.6 Data Format: <short form identifier in Appendix I> | "FullLicense"-N

5.3a.7 Example:
LicenseAsserted: GPL-2.0


5.3b Detected License(s)

5.3b.1 Purpose: This field contains the license governing the file if it is known. It will be explicit from the file header or other information found in the file’s source code. If no license information is found it should be denoted as “NotSpecified”. If no license information can be determined, the license is denoted as “Unknown”. The licenses should use the standard short form names. See Appendix I for standardized license short forms. If a Detected License is not one of the standardized license short forms, this field must contain a reference to the full licenses text included in this SPDX file in section 4. If more than one license is detected in the file, then each should be listed. If any of the detected licenses offer the recipient a choice of licenses, then each of the choices will be declared as a “disjunctive” license.

5.ba.2 Intent: Here, the intent is to have a uniform method to refer to each license with specificity to eliminate any license confusion. For example, the 3 clause BSD would have a different license identifier then the 4 clause BSD.

5.3b.3 Cardinality: Mandatory, one or many.

5.3b.4 Tag: "LicenseDetected:"

5.3b.5 RDF: TBD (not including disjunctive form, if multiple many should be specified )

5.3b.6 Data Format: <short form identifier in Appendix I> | "FullLicense"-N

5.3b.7 Example:
LicenseDetected: GPL-2.0
LicenseDetected: FullLicense-2


5.3c License Comments

5.3c.1 Purpose: This field is a detailed description of the analysis and any relevent background references that went in to making the asserted license for a file, if the asserted license does not match the detected license that the person creating the SPDX file wants to share with the reviewers.

5.3c.2 Intent: Here, the intent is to provide technical readers/reviewers with a detailed technical explanation of how the asserted license was determined if it does not match the detected license.

5.3c.3 Cardinality: Optional, single instance

5.3c.4 Tag: “LicenseComments:”

5.3c.5 RDF: TBD

5.3c.6 Data Format: free form text than can span multiple lines, preceded with <text> and ending with </text>.

5.3c.7 Example: LicenseComments: <text> The asserted license was taken from the package level that the file was included in. </text>

The above is preliminary at this point, so needs some polishing. I've entered it in bugzilla (http://bugs.linux-foundation.org/show_bug.cgi?id=625), so after the discussion tomorrow, feel free to subscribe, and make improvements there.

Kate
_______________________________________________
Spdx mailing list
Spdx@...
https://fossbazaar.org/mailman/listinfo/spdx


Re: Purpose of licensing info

Peter Williams <peter.williams@...>
 

On Thu, Jan 13, 2011 at 9:31 PM, <kate.stewart@...> wrote:

Hi Scott,
  The meaning of the declared and detected at the package is
different than what we've been discussing at the file level, and
separation of the two different cases (package level vs. file level)
is important and significant.
How are these different? In both cases it is the set of licenses the
author(s) have declared/stated they believe (or want you to believe)
cover the entity in question. Seems pretty much the same to me except
that the entity is file in one case and a package in the other (which
is most likely just a file).

Peter
openlogic.com


Minutes from Jan 13 SPDX General Meeting

Philip Odence
 

I've posted the minutes.

The Tech Team has put in place an instance of Bugzilla. We'll be using it to track all kinds of SPDX issues including licenses, documentation and website issues. So, you may want an account even if you are not involved in the details of drafting the spec. The product is "spdx" and under that are projects: spec, licenses, documentation, pretty printer, website. The signup process is typical and quick.

Next General Meeting is Jan 27.


L. Philip Odence
Vice President of Business Development
Black Duck Software, inc.
265 Winter Street, Waltham, MA 02451
Phone: 781.810.1819, Mobile: 781.258.9502


Re: Purpose of licensing info

Philip Odence
 

Soeren,
First, you inferred the issue correctly.
I was in the conversation and had exactly the same idea as you. I ended up never putting it out on the table because several of the participants in the discussion (who were from real end user companies) took the position that it was absolutely mandatory for them to know the license data contained in the file, even if it was thought or known to be erroneous. So, I concluded that two license fields were required.
There could still be an argument for adding your suggested field as a fourth; it would essentially be a standardized comment field. However I still think we'd need to free form comment field to capture unanticipated cases or other information deemed important by the author.
Phil


L. Philip Odence
Vice President of Business Development
Black Duck Software, inc.
265 Winter Street, Waltham, MA 02451
Phone: 781.810.1819, Mobile: 781.258.9502

On Jan 13, 2011, at 11:00 PM, <Soeren_Rabenstein@...> <Soeren_Rabenstein@...> wrote:

I am trying to understand the meaning and value of "detected" and/or
"declared" as distinguished from "your best guess", i.e., "asserted".
I don't know about this one.  Would this statement be representable in
a declared license file?  It requires multiple facts and deduction
[...]

I haven't been in the spdx-team from the beginning on, so I do not
exactly know what the original purpose of these two license declarations
is. But judging from daily experience I assume it is to cover the
situation where there is neither a license file nor any licensing
comments in the source code, however it is known from other sources
(e.g. community website) that the software is licensed under particular
terms.

In fact there might be multiple facts and deductions involved.

In order to avoid conflicting license tags in one spdx file, wouldn't it
be more viable to have only one license tag, but an additional tag
determining the source of that license information (maybe in categories
like "license file", "documentation". "website[URL]", etc)  ?

Cheers
Soeren



=====================================================================================================================================
This email and any attachments to it contain confidential information and are intended solely for the use of the individual to whom it
is addressed.If you are not the intended recipient or receive it accidentally, please immediately notify the sender by e-mail and delete
the message and any attachments from your computer system, and destroy all hard copies. If any, please be advised that any unauthorized
disclosure, copying, distribution or any action taken or omitted in reliance on this, is illegal and prohibited. Furthermore, any views
or opinions expressed are solely those of the author and do not represent those of ASUSTeK. Thank you for your cooperation.
=====================================================================================================================================

_______________________________________________
Spdx mailing list
Spdx@...
https://fossbazaar.org/mailman/listinfo/spdx


Re: Purpose of licensing info

kate.stewart@...
 

Hi Scott,
The meaning of the declared and detected at the package is different than what we've been discussing at the file level, and separation of the two different cases (package level vs. file level) is important and significant.

At the package level the intention of declared license, is to reflect the contents of what the package author believes the license is for the package (based on something like the LICENSE, COPYING file, etc.). The detected license field can create multiple instances, and is meant to simply records ALL the licenses (either detected directly or asserted at the file level).

If declared license is different from detected license(s) listed at the package level, its a signal to consider going down to the file level to understand the details - because there may be some areas that require legal judgement.

In terms of the example that you give at the file level, given the our current license list, and given the syntax proposed below, I'd recommend they be encoded as

"This file is licensed under the same terms as Perl."
LicenseAsserted: Fulllicense-1
LicenseDetected: Fulllicense-1
since LicenseAsserted matches LicenseDetected, a LicenseComment is not required.
Fulllicense-1 has the verbatim text above.
It is recorded as a non-standard license, since none of our short form templates or headers match this.

"For license terms, see the file LICENSE."
LicenseAsserted: ?? (see what is in the file LICENSE if it exists and either use a short form or full license, else Unknown)
LicenseDetected: Unknown
LicenseComment: <text> For license terms, see the file LICENSE </text>

Hope this clarifies things a bit.

Kate

--- On Thu, 1/13/11, Peterson, Scott K (HP Legal) <scott.k.peterson@...> wrote:

From: Peterson, Scott K (HP Legal) <scott.k.peterson@...>
Subject: RE: Purpose of licensing info
To: "Peter Williams" <peter.williams@...>, "kate.stewart@..." <kate.stewart@...>
Cc: "spdx@..." <spdx@...>
Date: Thursday, January 13, 2011, 4:46 PM
Kate and Peter --

I am trying to understand the meaning and value of
"detected" and/or "declared" as distinguished from "your
best guess", i.e., "asserted".

What would be the value of the detected or declared field
for the two cases where the file included one of these
strings:

"This file is licensed under the same terms as Perl."

"For license terms, see the file LICENSE."

-- Scott

-----Original Message-----
From: spdx-bounces@...
[mailto:spdx-bounces@...]
On Behalf Of Peter Williams
Sent: Thursday, January 13, 2011 3:52 PM
To: spdx@...
Subject: Re: Purpose of licensing info

What about naming the field that represents the actual
license of a
file/package "License".  In the current spec File
already has such a
property so all that would have to be done is adjust the
verbiage
slightly and make it apply to packages too.

"LicenseDetected" is a little ambiguous for what this field
actually
represents.  "DeclaredLicenses" would be
clearer.  "DeclaredLicenses"
also has the advantage already being defined on package and
it means
the same thing there.   We could just make
that property apply to
files too.

Peter
openlogic.com

On Thu, Jan 13, 2011 at 12:46 PM,  <kate.stewart@...>
wrote:
Based on discussions on the SPDX call today, I think
we are closing in on the following proposal for the file
level to address the concerns raised by Open Logic.

There will be a special call tomorrow at 9am EST to
get resolution on this issue.  Please let Esteban Rockett
or myself know,  off-list, if you are interested in
participating and were not in the legal call yesterday or
the coordination call today.

Proposal:  section 5.3 (License(s)) of the spec will
become 3 fields:

5.3a Asserted License

5.3a.1 Purpose: This field contains the license
governing the file if it can be determined.  If no license
information can be determined, the license is denoted as
"Unknown".   The licenses should use the standard short
form names.   See Appendix I for standardized license short
forms.  If a Detected License is not one of the
standardized license short forms, this field must contain a
reference to the full licenses text included in this SPDX
file in section 4.  If more than one license is detected in
the file, then each should be listed.  If any of the
detected licenses offer the recipient a choice of licenses,
then each of the choices will be declared as a "disjunctive"
license.

5.3a.2 Intent: Here, the intent is to have a uniform
method to refer to the license that is determined to
represent the file with specificity to eliminate any license
confusion.  For example, the 3 clause BSD would have a
different license identifier then the 4 clause BSD.

5.3a.3 Cardinality:  Mandatory, one.

5.3a.4 Tag: "LicenseAsserted:"

5.3a.5 RDF: TBD  (include Disjunctive form here)

5.3a.6 Data Format: <short form identifier in
Appendix I> | "FullLicense"-N

5.3a.7 Example:
LicenseAsserted: GPL-2.0


5.3b Detected License(s)

5.3b.1 Purpose: This field contains the license
governing the file if it is known.  It will be explicit
from the file header or other information found in the
file's source code.    If no license information is found
it should be denoted as "NotSpecified".  If no license
information can be determined, the license is denoted as
"Unknown".   The licenses should use the standard short
form names.   See Appendix I for standardized license short
forms.  If a Detected License is not one of the
standardized license short forms, this field must contain a
reference to the full licenses text included in this SPDX
file in section 4.  If more than one license is detected in
the file, then each should be listed.  If any of the
detected licenses offer the recipient a choice of licenses,
then each of the choices will be declared as a "disjunctive"
license.

5.ba.2 Intent: Here, the intent is to have a uniform
method to refer to each license with specificity to
eliminate any license confusion.  For example, the 3 clause
BSD would have a different license identifier then the 4
clause BSD.

5.3b.3 Cardinality:  Mandatory, one or many.

5.3b.4 Tag: "LicenseDetected:"

5.3b.5 RDF: TBD (not including disjunctive form, if
multiple many should be specified )

5.3b.6 Data Format: <short form identifier in
Appendix I> | "FullLicense"-N

5.3b.7 Example:
LicenseDetected: GPL-2.0
LicenseDetected: FullLicense-2


5.3c License Comments

5.3c.1 Purpose: This field is a detailed description
of the analysis and any relevent background references that
went in to making the asserted license for a file, if the
asserted license does not match the detected license that
the person creating the SPDX file wants to share with the
reviewers.

5.3c.2 Intent:  Here, the intent is to provide
technical readers/reviewers with a detailed technical
explanation of how the asserted license was determined if it
does not match the detected license.

5.3c.3 Cardinality: Optional, single instance

5.3c.4 Tag: "LicenseComments:"

5.3c.5 RDF: TBD

5.3c.6 Data Format: free form text than can span
multiple lines, preceded with <text> and ending with
</text>.

5.3c.7 Example: LicenseComments: <text> The
asserted license was taken from the package level that the
file was included in.  </text>

The above is preliminary at this point, so needs some
polishing.  I've entered it in bugzilla (http://bugs.linux-foundation.org/show_bug.cgi?id=625),
so after the discussion tomorrow, feel free to subscribe,
and make improvements there.

Kate
_______________________________________________
Spdx mailing list
Spdx@...
https://fossbazaar.org/mailman/listinfo/spdx
_______________________________________________
Spdx mailing list
Spdx@...
https://fossbazaar.org/mailman/listinfo/spdx


Re: Purpose of licensing info

Soeren_Rabenstein@...
 

I am trying to understand the meaning and value of "detected" and/or
"declared" as distinguished from "your best guess", i.e., "asserted".
I don't know about this one. Would this statement be representable in
a declared license file? It requires multiple facts and deduction
[...]

I haven't been in the spdx-team from the beginning on, so I do not
exactly know what the original purpose of these two license declarations
is. But judging from daily experience I assume it is to cover the
situation where there is neither a license file nor any licensing
comments in the source code, however it is known from other sources
(e.g. community website) that the software is licensed under particular
terms.

In fact there might be multiple facts and deductions involved.

In order to avoid conflicting license tags in one spdx file, wouldn't it
be more viable to have only one license tag, but an additional tag
determining the source of that license information (maybe in categories
like "license file", "documentation". "website[URL]", etc) ?

Cheers
Soeren



=====================================================================================================================================
This email and any attachments to it contain confidential information and are intended solely for the use of the individual to whom it
is addressed.If you are not the intended recipient or receive it accidentally, please immediately notify the sender by e-mail and delete
the message and any attachments from your computer system, and destroy all hard copies. If any, please be advised that any unauthorized
disclosure, copying, distribution or any action taken or omitted in reliance on this, is illegal and prohibited. Furthermore, any views
or opinions expressed are solely those of the author and do not represent those of ASUSTeK. Thank you for your cooperation.
=====================================================================================================================================


Re: Licence abbreviations?

dmg
 

On Fri, Jan 14, 2011 at 11:31 AM, Jilayne Lovejoy
<Jlovejoy@...> wrote:
What kind of example did you have in mind? Do you mean an example of a particular software package that uses a particular license?
A file that contains it. For example, this is the usage of the
GPL-2.0+ (excerpted from a Bison file):

usage is very different from the text of the license itself.

--dmg

---------------------------------------------------------------------------------------------
/* A Bison parser, made by GNU Bison 1.875. */

/* Skeleton parser for Yacc-like parsing with Bison,
Copyright (C) 1984, 1989, 1990, 2000, 2001, 2002 Free Software
Foundation, Inc.

This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2, or (at your option)
any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place - Suite 330,
Boston, MA 02111-1307, USA. */


--
--dmg

---
Daniel M. German
http://turingmachine.org


Re: Licence abbreviations?

Jilayne Lovejoy <Jlovejoy@...>
 

What kind of example did you have in mind? Do you mean an example of a particular software package that uses a particular license?

Sent from J's iPhone

On Jan 13, 2011, at 7:22 PM, "dmg" <dmg@...> wrote:

Thanks Jylayne,

one thing that would be useful (for those of us wanting to identify
the license of a file) is to have examples of the use of each license
(not the license itself,
but how it is used). Many of these licenses, I haven't seen them in the wild.

---dmg

On Fri, Jan 14, 2011 at 11:13 AM, Jilayne Lovejoy
<Jlovejoy@...> wrote:
Daniel,

The license list spreadsheet is located here:
http://spdx.org/wiki/working-version-license-list

The most recent version is 1.4 and will have a column with the short
names therein. The associated word doc just has some explanations
regarding the fields, etc.

Jilayne

-----Original Message-----
From: spdx-bounces@... [mailto:spdx-bounces@...]
On Behalf Of D M German
Sent: Thursday, January 13, 2011 6:43 PM
To: spdx@...
Subject: Licence abbreviations?


Hi Everybody,

is there a place where the abbreviations (as to be used in the SPDX
document) are listed? This page only lists the full names.

http://www.spdx.org/licenses/


--
--
Daniel M. German
http://turingmachine.org/
http://silvernegative.com/
dmg (at) uvic (dot) ca
replace (at) with @ and (dot) with .
_______________________________________________
Spdx mailing list
Spdx@...
https://fossbazaar.org/mailman/listinfo/spdx



--
--dmg

---
Daniel M. German
http://turingmachine.org


Re: Licence abbreviations?

dmg
 

Thanks Jylayne,

one thing that would be useful (for those of us wanting to identify
the license of a file) is to have examples of the use of each license
(not the license itself,
but how it is used). Many of these licenses, I haven't seen them in the wild.

---dmg

On Fri, Jan 14, 2011 at 11:13 AM, Jilayne Lovejoy
<Jlovejoy@...> wrote:
Daniel,

The license list spreadsheet is located here:
http://spdx.org/wiki/working-version-license-list

The most recent version is 1.4 and will have a column with the short
names therein.  The associated word doc just has some explanations
regarding the fields, etc.

Jilayne

-----Original Message-----
From: spdx-bounces@... [mailto:spdx-bounces@...]
On Behalf Of D M German
Sent: Thursday, January 13, 2011 6:43 PM
To: spdx@...
Subject: Licence abbreviations?


Hi Everybody,

is there a place where the abbreviations (as to be used in the SPDX
document) are listed? This page only lists the full names.

http://www.spdx.org/licenses/


--
--
Daniel M. German
http://turingmachine.org/
http://silvernegative.com/
dmg (at) uvic (dot) ca
replace (at) with @ and (dot) with .
_______________________________________________
Spdx mailing list
Spdx@...
https://fossbazaar.org/mailman/listinfo/spdx



--
--dmg

---
Daniel M. German
http://turingmachine.org


Re: Licence abbreviations?

Jilayne Lovejoy <Jlovejoy@...>
 

Daniel,

The license list spreadsheet is located here:
http://spdx.org/wiki/working-version-license-list

The most recent version is 1.4 and will have a column with the short
names therein. The associated word doc just has some explanations
regarding the fields, etc.

Jilayne

-----Original Message-----
From: spdx-bounces@... [mailto:spdx-bounces@...]
On Behalf Of D M German
Sent: Thursday, January 13, 2011 6:43 PM
To: spdx@...
Subject: Licence abbreviations?


Hi Everybody,

is there a place where the abbreviations (as to be used in the SPDX
document) are listed? This page only lists the full names.

http://www.spdx.org/licenses/


--
--
Daniel M. German
http://turingmachine.org/
http://silvernegative.com/
dmg (at) uvic (dot) ca
replace (at) with @ and (dot) with .
_______________________________________________
Spdx mailing list
Spdx@...
https://fossbazaar.org/mailman/listinfo/spdx


Licence abbreviations?

dmg
 

Hi Everybody,

is there a place where the abbreviations (as to be used in the SPDX
document) are listed? This page only lists the full names.

http://www.spdx.org/licenses/


--
--
Daniel M. German
http://turingmachine.org/
http://silvernegative.com/
dmg (at) uvic (dot) ca
replace (at) with @ and (dot) with .


Re: Purpose of licensing info

Peter Williams <peter.williams@...>
 

On Thu, Jan 13, 2011 at 3:46 PM, Peterson, Scott K (HP Legal)
<scott.k.peterson@...> wrote:
Kate and Peter --

I am trying to understand the meaning and value of "detected" and/or "declared" as distinguished from "your best guess", i.e., "asserted".

What would be the value of the detected or declared field for the two cases where the file included one of these strings:

"This file is licensed under the same terms as Perl."
I don't know about this one. Would this statement be representable in
a declared license file? It requires multiple facts and deduction
based on those facts to determine what licenses are actually being
referenced. It that sort of inference is allowed i can think of
several options for rendering it into the spdx model. It would either
be a simple list of the licenses or a composite licensing info
structure if we want to preserve the junctive relationships in the
declaration.

"For license terms, see the file LICENSE."
In this case the value of the declared licenses field would be the
identifier for LICENSE. Either a short form license id from the
standard list or the locally unique embedded license id for that
license.

Peter
openlogic.com


Re: Purpose of licensing info

Peterson, Scott K (HP Legal)
 

Kate and Peter --

I am trying to understand the meaning and value of "detected" and/or "declared" as distinguished from "your best guess", i.e., "asserted".

What would be the value of the detected or declared field for the two cases where the file included one of these strings:

"This file is licensed under the same terms as Perl."

"For license terms, see the file LICENSE."

-- Scott

-----Original Message-----
From: spdx-bounces@... [mailto:spdx-bounces@...] On Behalf Of Peter Williams
Sent: Thursday, January 13, 2011 3:52 PM
To: spdx@...
Subject: Re: Purpose of licensing info

What about naming the field that represents the actual license of a
file/package "License". In the current spec File already has such a
property so all that would have to be done is adjust the verbiage
slightly and make it apply to packages too.

"LicenseDetected" is a little ambiguous for what this field actually
represents. "DeclaredLicenses" would be clearer. "DeclaredLicenses"
also has the advantage already being defined on package and it means
the same thing there. We could just make that property apply to
files too.

Peter
openlogic.com

On Thu, Jan 13, 2011 at 12:46 PM, <kate.stewart@...> wrote:
Based on discussions on the SPDX call today, I think we are closing in on the following proposal for the file level to address the concerns raised by Open Logic.

There will be a special call tomorrow at 9am EST to get resolution on this issue.  Please let Esteban Rockett or myself know,  off-list, if you are interested in participating and were not in the legal call yesterday or the coordination call today.

Proposal:  section 5.3 (License(s)) of the spec will become 3 fields:

5.3a Asserted License

5.3a.1 Purpose: This field contains the license governing the file if it can be determined.  If no license information can be determined, the license is denoted as "Unknown".   The licenses should use the standard short form names.   See Appendix I for standardized license short forms.  If a Detected License is not one of the standardized license short forms, this field must contain a reference to the full licenses text included in this SPDX file in section 4.  If more than one license is detected in the file, then each should be listed.  If any of the detected licenses offer the recipient a choice of licenses, then each of the choices will be declared as a "disjunctive" license.

5.3a.2 Intent: Here, the intent is to have a uniform method to refer to the license that is determined to represent the file with specificity to eliminate any license confusion.  For example, the 3 clause BSD would have a different license identifier then the 4 clause BSD.

5.3a.3 Cardinality:  Mandatory, one.

5.3a.4 Tag: "LicenseAsserted:"

5.3a.5 RDF: TBD  (include Disjunctive form here)

5.3a.6 Data Format: <short form identifier in Appendix I> | "FullLicense"-N

5.3a.7 Example:
LicenseAsserted: GPL-2.0


5.3b Detected License(s)

5.3b.1 Purpose: This field contains the license governing the file if it is known.  It will be explicit from the file header or other information found in the file's source code.    If no license information is found it should be denoted as "NotSpecified".  If no license information can be determined, the license is denoted as "Unknown".   The licenses should use the standard short form names.   See Appendix I for standardized license short forms.  If a Detected License is not one of the standardized license short forms, this field must contain a reference to the full licenses text included in this SPDX file in section 4.  If more than one license is detected in the file, then each should be listed.  If any of the detected licenses offer the recipient a choice of licenses, then each of the choices will be declared as a "disjunctive" license.

5.ba.2 Intent: Here, the intent is to have a uniform method to refer to each license with specificity to eliminate any license confusion.  For example, the 3 clause BSD would have a different license identifier then the 4 clause BSD.

5.3b.3 Cardinality:  Mandatory, one or many.

5.3b.4 Tag: "LicenseDetected:"

5.3b.5 RDF: TBD (not including disjunctive form, if multiple many should be specified )

5.3b.6 Data Format: <short form identifier in Appendix I> | "FullLicense"-N

5.3b.7 Example:
LicenseDetected: GPL-2.0
LicenseDetected: FullLicense-2


5.3c License Comments

5.3c.1 Purpose: This field is a detailed description of the analysis and any relevent background references that went in to making the asserted license for a file, if the asserted license does not match the detected license that the person creating the SPDX file wants to share with the reviewers.

5.3c.2 Intent:  Here, the intent is to provide technical readers/reviewers with a detailed technical explanation of how the asserted license was determined if it does not match the detected license.

5.3c.3 Cardinality: Optional, single instance

5.3c.4 Tag: "LicenseComments:"

5.3c.5 RDF: TBD

5.3c.6 Data Format: free form text than can span multiple lines, preceded with <text> and ending with </text>.

5.3c.7 Example: LicenseComments: <text> The asserted license was taken from the package level that the file was included in.  </text>

The above is preliminary at this point, so needs some polishing.  I've entered it in bugzilla (http://bugs.linux-foundation.org/show_bug.cgi?id=625), so after the discussion tomorrow, feel free to subscribe, and make improvements there.

Kate
_______________________________________________
Spdx mailing list
Spdx@...
https://fossbazaar.org/mailman/listinfo/spdx
_______________________________________________
Spdx mailing list
Spdx@...
https://fossbazaar.org/mailman/listinfo/spdx


Re: Purpose of licensing info

Philip Odence
 

I think the concept is sound and, as Rockett says, consistent.

Minor stuff: 
- I agree with Peter that we may want to tweak the names and the descriptions. 
- Description under Asserted still says "detected" in a few places.

Great progress on a thorny issues.

Phil



On Jan 13, 2011, at 4:16 PM, Esteban Rockett wrote:

Kate:

Thank you for sending.  Agree 100%.

All:

This issue has been a continually thought of all founders since the origins of SPDX.

The below is consistent with the original intent of SPDX, and direction of the SPDX Core Team, SPDX Legal Workstream, and Linux Foundation Member Counsel.

I look forward to finalizing in the meeting tomorrow.

Many thanks,

Rockett





Many thanks,

Rockett


On 2011-01-13, at 11:46 AM, <kate.stewart@...> wrote:

Based on discussions on the SPDX call today, I think we are closing in on the following proposal for the file level to address the concerns raised by Open Logic.

There will be a special call tomorrow at 9am EST to get resolution on this issue.  Please let Esteban Rockett or myself know,  off-list, if you are interested in participating and were not in the legal call yesterday or the coordination call today.

Proposal:  section 5.3 (License(s)) of the spec will become 3 fields:

5.3a Asserted License

5.3a.1 Purpose: This field contains the license governing the file if it can be determined.  If no license information can be determined, the license is denoted as “Unknown”.   The licenses should use the standard short form names.   See Appendix I for standardized license short forms.  If a Detected License is not one of the standardized license short forms, this field must contain a reference to the full licenses text included in this SPDX file in section 4.  If more than one license is detected in the file, then each should be listed.  If any of the detected licenses offer the recipient a choice of licenses, then each of the choices will be declared as a “disjunctive” license.

5.3a.2 Intent: Here, the intent is to have a uniform method to refer to the license that is determined to represent the file with specificity to eliminate any license confusion.  For example, the 3 clause BSD would have a different license identifier then the 4 clause BSD.

5.3a.3 Cardinality:  Mandatory, one.

5.3a.4 Tag: "LicenseAsserted:"  

5.3a.5 RDF: TBD  (include Disjunctive form here)

5.3a.6 Data Format: <short form identifier in Appendix I> | "FullLicense"-N

5.3a.7 Example:
LicenseAsserted: GPL-2.0


5.3b Detected License(s)

5.3b.1 Purpose: This field contains the license governing the file if it is known.  It will be explicit from the file header or other information found in the file’s source code.    If no license information is found it should be denoted as “NotSpecified”.  If no license information can be determined, the license is denoted as “Unknown”.   The licenses should use the standard short form names.   See Appendix I for standardized license short forms.  If a Detected License is not one of the standardized license short forms, this field must contain a reference to the full licenses text included in this SPDX file in section 4.  If more than one license is detected in the file, then each should be listed.  If any of the detected licenses offer the recipient a choice of licenses, then each of the choices will be declared as a “disjunctive” license.

5.ba.2 Intent: Here, the intent is to have a uniform method to refer to each license with specificity to eliminate any license confusion.  For example, the 3 clause BSD would have a different license identifier then the 4 clause BSD.

5.3b.3 Cardinality:  Mandatory, one or many.

5.3b.4 Tag: "LicenseDetected:"  

5.3b.5 RDF: TBD (not including disjunctive form, if multiple many should be specified )

5.3b.6 Data Format: <short form identifier in Appendix I> | "FullLicense"-N

5.3b.7 Example:
LicenseDetected: GPL-2.0
LicenseDetected: FullLicense-2


5.3c License Comments

5.3c.1 Purpose: This field is a detailed description of the analysis and any relevent background references that went in to making the asserted license for a file, if the asserted license does not match the detected license that the person creating the SPDX file wants to share with the reviewers.   

5.3c.2 Intent:  Here, the intent is to provide technical readers/reviewers with a detailed technical explanation of how the asserted license was determined if it does not match the detected license.  

5.3c.3 Cardinality: Optional, single instance

5.3c.4 Tag: “LicenseComments:”

5.3c.5 RDF: TBD

5.3c.6 Data Format: free form text than can span multiple lines, preceded with <text> and ending with </text>.

5.3c.7 Example: LicenseComments: <text> The asserted license was taken from the package level that the file was included in.  </text>

The above is preliminary at this point, so needs some polishing.  I've entered it in bugzilla (http://bugs.linux-foundation.org/show_bug.cgi?id=625), so after the discussion tomorrow, feel free to subscribe, and make improvements there.   

Kate
_______________________________________________
Spdx mailing list
Spdx@...
https://fossbazaar.org/mailman/listinfo/spdx

_______________________________________________
Spdx mailing list
Spdx@...
https://fossbazaar.org/mailman/listinfo/spdx


Re: Purpose of licensing info

Esteban Rockett <mgia3940@...>
 

Kate:

Thank you for sending. Agree 100%.

All:

This issue has been a continually thought of all founders since the origins of SPDX.

The below is consistent with the original intent of SPDX, and direction of the SPDX Core Team, SPDX Legal Workstream, and Linux Foundation Member Counsel.

I look forward to finalizing in the meeting tomorrow.

Many thanks,

Rockett





Many thanks,

Rockett

On 2011-01-13, at 11:46 AM, <kate.stewart@...> wrote:

Based on discussions on the SPDX call today, I think we are closing in on the following proposal for the file level to address the concerns raised by Open Logic.

There will be a special call tomorrow at 9am EST to get resolution on this issue. Please let Esteban Rockett or myself know, off-list, if you are interested in participating and were not in the legal call yesterday or the coordination call today.

Proposal: section 5.3 (License(s)) of the spec will become 3 fields:

5.3a Asserted License

5.3a.1 Purpose: This field contains the license governing the file if it can be determined. If no license information can be determined, the license is denoted as “Unknown”. The licenses should use the standard short form names. See Appendix I for standardized license short forms. If a Detected License is not one of the standardized license short forms, this field must contain a reference to the full licenses text included in this SPDX file in section 4. If more than one license is detected in the file, then each should be listed. If any of the detected licenses offer the recipient a choice of licenses, then each of the choices will be declared as a “disjunctive” license.

5.3a.2 Intent: Here, the intent is to have a uniform method to refer to the license that is determined to represent the file with specificity to eliminate any license confusion. For example, the 3 clause BSD would have a different license identifier then the 4 clause BSD.

5.3a.3 Cardinality: Mandatory, one.

5.3a.4 Tag: "LicenseAsserted:"

5.3a.5 RDF: TBD (include Disjunctive form here)

5.3a.6 Data Format: <short form identifier in Appendix I> | "FullLicense"-N

5.3a.7 Example:
LicenseAsserted: GPL-2.0


5.3b Detected License(s)

5.3b.1 Purpose: This field contains the license governing the file if it is known. It will be explicit from the file header or other information found in the file’s source code. If no license information is found it should be denoted as “NotSpecified”. If no license information can be determined, the license is denoted as “Unknown”. The licenses should use the standard short form names. See Appendix I for standardized license short forms. If a Detected License is not one of the standardized license short forms, this field must contain a reference to the full licenses text included in this SPDX file in section 4. If more than one license is detected in the file, then each should be listed. If any of the detected licenses offer the recipient a choice of licenses, then each of the choices will be declared as a “disjunctive” license.

5.ba.2 Intent: Here, the intent is to have a uniform method to refer to each license with specificity to eliminate any license confusion. For example, the 3 clause BSD would have a different license identifier then the 4 clause BSD.

5.3b.3 Cardinality: Mandatory, one or many.

5.3b.4 Tag: "LicenseDetected:"

5.3b.5 RDF: TBD (not including disjunctive form, if multiple many should be specified )

5.3b.6 Data Format: <short form identifier in Appendix I> | "FullLicense"-N

5.3b.7 Example:
LicenseDetected: GPL-2.0
LicenseDetected: FullLicense-2


5.3c License Comments

5.3c.1 Purpose: This field is a detailed description of the analysis and any relevent background references that went in to making the asserted license for a file, if the asserted license does not match the detected license that the person creating the SPDX file wants to share with the reviewers.

5.3c.2 Intent: Here, the intent is to provide technical readers/reviewers with a detailed technical explanation of how the asserted license was determined if it does not match the detected license.

5.3c.3 Cardinality: Optional, single instance

5.3c.4 Tag: “LicenseComments:”

5.3c.5 RDF: TBD

5.3c.6 Data Format: free form text than can span multiple lines, preceded with <text> and ending with </text>.

5.3c.7 Example: LicenseComments: <text> The asserted license was taken from the package level that the file was included in. </text>

The above is preliminary at this point, so needs some polishing. I've entered it in bugzilla (http://bugs.linux-foundation.org/show_bug.cgi?id=625), so after the discussion tomorrow, feel free to subscribe, and make improvements there.

Kate
_______________________________________________
Spdx mailing list
Spdx@...
https://fossbazaar.org/mailman/listinfo/spdx

1321 - 1340 of 1591