Date   

Linux Collaboration Summit & SPDX Forum Follow Up / Announcements

Philip Odence
 

Collaboration Summit
Our meetings at the Collaboration Summit were very successful, we got some good exposure with the keynote panel I lead (with Scott Lamons, Steve Cropper, Jack Manbeck and Mark Gisi) and with Mark's very engaging presentation in the legal track. There were also 1.5 days of SPDX working meetings which helped us to advance the cause in ways that are simply impossible on the phone. The chairs will report back their respective teams on some of the details of those discussions.

SPDX Forum
After the Collaboration Summit, the SPDX group headed to south for very successful SPDX Forum. Thanks again to Cisco for hosting and WindRiver for sponsoring. 61 people signed up and something like 55 actually showed; well more than half were first timers getting involved, some having heard about SPDX for the first time in aforementioned keynote. Significant numbers of new folks came from Juniper, VMWare and Broadcom. Most of the new participants were lawyers, reflecting, perhaps, that we did a good job publicizing with local legal groups. Some of the participants literally never heard of SPDX before the Collaboration Summit.

Mark Radcliffe kicked off, setting the stage regarding challenges. We then broke up into groups to talk about the supply chain challenges that the new participants face. Kirsten and I took the stage for an introduction to SPDX . Then we broke up into groups again in which current members talked about their vision for use of SPDX. Groups were lead by WindRiver, Cisco, HP and TI (am I forgetting anyone?). We finished with some short discussions about legal topics and a how to get involved session.

On the whole, it was a great success and as a consequence, you'll definitely be hearing some new voices on all the calls.

Announcements
Kim Weins will be leaving SPDX and her position as Chair of the Business Team as she pursues other interests outside of open source and compliance. The Forum success was largely thanks to her efforts, and that's just one example of the energy and passion she's brought to the job. We will greatly miss her contributions and, of course, wish her all the best. The good news is Jack Manbeck from TI and Scott Lamons from HP are taking the reins of the Business Team and are committed to keep the momentum going. Please think about marketing folks from your organizations we could sign up as they could really help with driving adoption.

Less significantly, but good news, SPDX is now a registered trademark in the US, so going forward we will designate it as SPDX(R) or SPDX®. I am in the process of updating the standard slide deck and the web team will be make sure we are good there. If you notice old TM symbols on new content going forward, please let me know.


SPDX Forum - Mark Radcliffe's preso

Kim Weins
 

Hi all

Here is the preso Mark Radcliffe is doing tomorrow.  It's designed to set the stage on OSS compliance.

Kim

From: "Radcliffe, Mark" <Mark.Radcliffe@...>
Date: Thu, 5 Apr 2012 00:18:09 -0700
To: Kim Weins <kim.weins@...>
Subject: Draft PPT

I am enclosing the draft. Please provide any comments.
Please consider the environment before printing this email.

The information contained in this email may be confidential and/or legally privileged. It has been sent for the sole use of the intended recipient(s). If the reader of this message is not an intended recipient, you are hereby notified that any unauthorized review, use, disclosure, dissemination, distribution, or copying of this communication, or any of its contents, is strictly prohibited. If you have received this communication in error, please reply to the sender and destroy all copies of the message. To contact us directly, send to postmaster@.... Thank you.


Re: SPDX- Cancelled General Meeting this week. Collaboration Summit SPDX Agenda

Kevin P. Fleming <kpfleming@...>
 

On 04/04/2012 02:14 PM, Philip Odence wrote:
It is actually a very full day. The afternoon technical sesson which starts at 1:30 (also contrary to the Collab Summit published schedule) will run right up to 5:30 (at which point everyone will deserve a drink). We have a lot to do; that's why we decided to start a little early and to curtail lunch to an hour.
OK, we'll plan on being here at 8:30 tomorrow.


Sent from my iPad

On Apr 4, 2012, at 1:38 PM, "Kevin P. Fleming"<kpfleming@digium.com> wrote:

On 04/02/2012 05:44 AM, Philip Odence wrote:
As many of us will be at the Linux Collaboration Summit, this week's
general meeting is cancelled.

Attached is a summary of the SPDX-related activities going on at the
Summit and an agenda for our group meetings.
This agenda shows activities starting at 8:30 AM tomorrow, but the Collaboration Summit schedule shows the 'SPDX Working Meeting' starting at 9:00AM. Since the agenda sent to the list doesn't fill the entire day, can it be pushed back 30 minutes in order to match the schedule published in the Collab Summit guide?

--
Kevin P. Fleming
Digium, Inc. | Director of Software Technologies
Jabber: kfleming@digium.com | SIP: kpfleming@digium.com | Skype: kpfleming
445 Jan Davis Drive NW - Huntsville, AL 35806 - USA
Check us out at www.digium.com& www.asterisk.org
_______________________________________________
Spdx mailing list
Spdx@lists.spdx.org
https://lists.spdx.org/mailman/listinfo/spdx

--
Kevin P. Fleming
Digium, Inc. | Director of Software Technologies
Jabber: kfleming@digium.com | SIP: kpfleming@digium.com | Skype: kpfleming
445 Jan Davis Drive NW - Huntsville, AL 35806 - USA
Check us out at www.digium.com & www.asterisk.org


Re: SPDX- Cancelled General Meeting this week. Collaboration Summit SPDX Agenda

Philip Odence
 

It is actually a very full day. The afternoon technical sesson which starts at 1:30 (also contrary to the Collab Summit published schedule) will run right up to 5:30 (at which point everyone will deserve a drink). We have a lot to do; that's why we decided to start a little early and to curtail lunch to an hour.

On Apr 4, 2012, at 1:38 PM, "Kevin P. Fleming" <kpfleming@digium.com> wrote:

On 04/02/2012 05:44 AM, Philip Odence wrote:
As many of us will be at the Linux Collaboration Summit, this week's
general meeting is cancelled.

Attached is a summary of the SPDX-related activities going on at the
Summit and an agenda for our group meetings.
This agenda shows activities starting at 8:30 AM tomorrow, but the Collaboration Summit schedule shows the 'SPDX Working Meeting' starting at 9:00AM. Since the agenda sent to the list doesn't fill the entire day, can it be pushed back 30 minutes in order to match the schedule published in the Collab Summit guide?

--
Kevin P. Fleming
Digium, Inc. | Director of Software Technologies
Jabber: kfleming@digium.com | SIP: kpfleming@digium.com | Skype: kpfleming
445 Jan Davis Drive NW - Huntsville, AL 35806 - USA
Check us out at www.digium.com & www.asterisk.org
_______________________________________________
Spdx mailing list
Spdx@lists.spdx.org
https://lists.spdx.org/mailman/listinfo/spdx


Re: SPDX- Cancelled General Meeting this week. Collaboration Summit SPDX Agenda

Kevin P. Fleming <kpfleming@...>
 

On 04/02/2012 05:44 AM, Philip Odence wrote:
As many of us will be at the Linux Collaboration Summit, this week's
general meeting is cancelled.

Attached is a summary of the SPDX-related activities going on at the
Summit and an agenda for our group meetings.
This agenda shows activities starting at 8:30 AM tomorrow, but the Collaboration Summit schedule shows the 'SPDX Working Meeting' starting at 9:00AM. Since the agenda sent to the list doesn't fill the entire day, can it be pushed back 30 minutes in order to match the schedule published in the Collab Summit guide?

--
Kevin P. Fleming
Digium, Inc. | Director of Software Technologies
Jabber: kfleming@digium.com | SIP: kpfleming@digium.com | Skype: kpfleming
445 Jan Davis Drive NW - Huntsville, AL 35806 - USA
Check us out at www.digium.com & www.asterisk.org


Agenda for Thursday meeting (legal issues)

Jilayne Lovejoy <jilayne.lovejoy@...>
 

I just posted the agenda for the legal work stream topics for Thursday's face-to-face meeting at the Linux Foundation Collab Summit.

Please review before coming, so we can use our time efficiently to solve the questions at hand. (link and pasted below in email)

See you then!

Jilayne Lovejoy
OpenLogic, Inc.




1) Different headers for thesame license issue (and header matching guidelines):

How to capture in License List and for license matching guideline purposes

A)    Key examples: MPL v2.0 (Exhibit A or Exhibit A & B); L/GPL licenses ("or later" or "only")

B)    Agreement that this information (e.g. is it GPL v2 only or GPL v2 orlater - effectively creating a disjunctive license scenario) needs to be captured. Question is how to capture/implement?

i)      PROPOSAL 1:  leave as is on license list now: capture as a different "line item" (with distinct license name and identifier) for each header scenario that can change the meaning of the license (e.g. GPL-2.0-only; GPL-2.0+)

a)     if we stay with this route, propose that short identifier says "only" in it.  

(1)   But then, what about when you aren't sure?  Default to "or later."

b)     potential problems - won't match with other lists (e.g. Email from Debian guy)

ii)     PROPOSAL 2: license list is just the licenses themselves.  Headers or alternative exhibits are captured on a separate list that then modifies the license list.  

a)     e.g. On the master license list, GPL v2 would be just that GPL-2.0 (without indicating "or later" or "only"), then the header list would have the headers variations of the "or later" text present or removed.  The short identifier could then be modified by a sub-set of identifier or identifier extension, such as "GPL-2.0" + "or later" or "GPL-v2.0" + "only" - likewise for MPL and its exhibits.  Presumably, each scenario would have it's own extensionmodifier

(1)   potential problems - more to keep track of and more complicated.  Is the net result all the different than Proposal 1?

b)     this could also be extended to include disjunctive licensing scenarios - which can then be broken into two types:

(1)   choose X or Y license OR this is under X license (i.e. default license) with the option to license it under Y or Z; if Y or Z, you have to designate in header

(a)   PROPOSAL: to not get into this level of detail at this point... Already have a way to identify disjunctive license sets in spec, so have a starting point.  

C)    Tangent issue here: GPL exceptions - how to display license text?  Should it be the entire GPL license + exception; or just the header and exception; or just match on the exception text?   

i)      How does this interplay with proposals above? If #1, then as is on list, but still need to answer above questions, if #2, then could treat exceptions as part of modifier/extension list?

ii)     either way, practical matching guidelines for tool-makers is difficult - how can this work practically speaking

 

2) License text itself/matching guidelines:

What is included as the license text itself? Is this what is matched against, i.e. entire or how much of license text in file (currently .txt files)

A)    License name/title - we have our SPDX naming protocol which may or may not track verbatim on the license name, e.g. SPDX's "GNU General Public License v2.0" shows up as "GNU General Public License" in the license itself, with "Version 2, June 1991" on a separate line.

i)      seems like our license files on SPDX website/download should have the SPDX full name - but should it also have whatever the actual license says?

ii)     How does this play out in terms of matching? i.e. don't want a non-match on slight variations in license name/title where rest of actual license text is verbatim match

a)     PROPOSAL: ignore the title line and match on actual text so don't end up with non-matches just because someone titled it differently or left off the title

B)    Extra text issue:  extra text or notice at end of beginning of license or after it says "end of terms" - is this part of the license text for matching purposes?  Put another way, if it was missing, should it not be considered a match?  Should theses bits be part of the license text for our list and for purposes of matching?

i)      e.g. Creative Commons licenses - text at end re: "Creative Commons Notice" at end; notices in GPL, LGPL, Apache on how to apply the license -

a)     PROPOSAL:  matching guidelines say you can ignore this text.  

(1)   If so, then remove from license text in SPDX license text files?  If leave it in files, do we want to indicate where/what can be "ignored" for tool-makers (instead of leaving it up to them to make the call)?

C)    Replaceable text issue:  comes into play with "vanity" BSD and Apache 1.1 licenses

i)      "copyright holder" v. "copyright owner" - can we agree (jurisdictionally) that this is the same meaning?

ii)     where to put the brackets around what can be "ignored" by scanning tools for matching purposes?

iii)   also see Historical Permission Notice license




SPDX- Cancelled General Meeting this week. Collaboration Summit SPDX Agenda

Philip Odence
 

As many of us will be at the Linux Collaboration Summit, this week's general meeting is cancelled.

Attached is a summary of the SPDX-related activities going on at the Summit and an agenda for our group meetings. 


Re: curious about the use of (R) and TM symbols

Esteban Rockett <mgia3940@...>
 

I will discuss with Phil and get back to the the list-serv.


On Thu, Mar 29, 2012 at 4:28 AM, Philip Odence <podence@...> wrote:
Daniel,

Interesting you should ask, I just pinged Esteban for an update on this
earlier in the week. He and Motorola were pursuing on behalf of the Linux
Foundation (the holder of the marks). As of last summer, Software Package
Data Exchange had been registered, but SPDX had not, so it was correct to
use the (R) with the former and (TM) with the latter. I assume I would
have heard if the status had changed, but as I say am in the process of
confirming.

Rockett or I will get back to the list, if/when there is a change.
Otherwise assume status quo.

Phil

L. Philip Odence
Vice President of Business Development
Black Duck Software, Inc.
8 New England Executive Park, Suite 211, Burlington MA 01803
Phone: 781.810.1819, Mobile: 781.258.9502
Skype: philip.odence
podence@...
http://www.blackducksoftware.com <http://www.blackducksoftware.com/>
http://twitter.com/podence
http://www.linkedin.com/in/podence
http://www.networkworld.com/community/odence (my blog)






On 3/29/12 4:17 AM, "D M German" <dmg@...> wrote:

>
>Hi everybody,
>
>I am curious, why if "SPDX" is a registered trademark in the US (I just
>checked--not in canada, by the way) then there is the requirement to
>postfix it with "TM" and not with (R) as is the case with the full name:
>"Software Package Data Exchange (R)"
>
>--dmg
>
>--
>Daniel M. German
>http://turingmachine.org/
>http://silvernegative.com/
>dmg (at) uvic (dot) ca
>replace (at) with @ and (dot) with .
>_______________________________________________
>Spdx mailing list
>Spdx@...
>https://lists.spdx.org/mailman/listinfo/spdx

_______________________________________________
Spdx mailing list
Spdx@...
https://lists.spdx.org/mailman/listinfo/spdx



--
E.A. Rockett
Senior Director 
Software & Services Operations
Motorola Mobility, Inc.
1000 Enterprise Way
Sunnyvale, CA 94089
+1.415.508.7625 (T)
+1.408.541-6900 (F)
rockett@...


Re: Today's SPDX Call

Esteban Rockett <mgia3940@...>
 

Added

4. Discuss use cases 1.x does solve.


On Thu, Mar 29, 2012 at 10:23 AM, Lamons, Scott (Open Source Program Office) <scott.lamons@...> wrote:

Steve,

 

This sounds really good to me.   My only minor comment is that we should mostly focus on the objectives and use cases around 2.x and 3.x and not get too caught up on the timeline just yet.   As someone else appropriately pointed out that will depend on the commitment and resources that can be brought to bear and it might serve to discourage adoption of 1.x where that makes sense for certain organizations.

 

Regards,

Scott

 

 

From: spdx-biz-bounces@... [mailto:spdx-biz-bounces@...] On Behalf Of Steve Cropper (stcroppe)
Sent: Thursday, March 29, 2012 11:09 AM
To: Philip Odence; spdx@...; spdx-tech@...; spdx-legal@...; spdx-biz@...
Subject: RE: Today's SPDX Call

 

Folks:

 

Many thanks to those of you who participated in today’s meeting. I wanted to send out the wrap up next steps that I proposed and get feedback incase I missed, or misstated something.

 

The takeaways from today’s meeting that we all feel the team should address face to face during the Conference  next week are:

 

1.       To discuss roadmap and vision with a view to accelerating adoption and looking at a timeline for 2.x, 3.x and related objectives.

2.       Take time to build on and review the use case thread started by Tech team last Tuesday and seek other pain points/concerns folks have.

3.       Reflect on the Supply Chain Summit Agenda with points 1 and 2 in mind.

 

Looking forward to seeing those of you attending next week in person.

 

Regards

Steve

 

From: spdx-biz-bounces@... [mailto:spdx-biz-bounces@...] On Behalf Of Philip Odence
Sent: Thursday, March 29, 2012 6:08 AM
To: spdx@...; spdx-tech@...; spdx-legal@...; spdx-biz@...
Subject: Today's SPDX Call
Importance: High

 

Sorry for the excessive email of late, but it comes of our prepping for the upcoming Collaboration Summit and SPDX Forum.

 

Attached are a couple of slides to help us frame today's call. 

 

Phil

 

L. Philip Odence

Vice President of Business Development

Black Duck Software, Inc.

8 New England Executive Park, Suite 211, Burlington MA 01803

Phone: 781.810.1819, Mobile: 781.258.9502

Skype: philip.odence

 

 

From: Phil Odence <podence@...>
Date: Fri, 23 Mar 2012 15:03:38 -0500
To: <spdx@...>, <spdx-tech@...>, <spdx-legal@...>, <spdx-biz@...>
Subject: Special SPDX Adoption Meeting on Wednesday - PLEASE READ

 

NOTE WE WILL BE USING A DIFFERENT DIAL IN FOR THIS MEEING

 

Meeting Time: Thurs, March 29, 8am PDT / 10 am CDT / 11am EDT / 15:00 UTC. http://www.timeanddate.com/worldclock/converter.html


Conf call dial-in:
Conference code:  7812589502
Toll-free dial-in number (U.S. and Canada):  (877) 435-0230
International dial-in number: (253) 336-6732
For those dialing in from other regions, a list of toll free numbers can be found: 
https://www.intercallonline.com/portlets/scheduling/viewNumbers/viewNumber.do?ownerNumber=6053870&audioType=RP&viewGa=false&ga=OFF

 

IMPORTANT

 

Kim is out next week, so in the time normally reserved for the Business Team meeting, we will have a dedicated discussion about an important topic that came up in the General Meeting: Adoption of SPDX. I encourage members of all teams to attend, if possible.

 

Before the upcoming public gatherings at which we will be presenting SPDX Collaboration Summit and the Forum, we want to get as much alignment as possible on the way we will talk about adoption and the SPDX roadmap. A couple specifics we discussed in the Thursday call:

  • While we all feel that V1.0 is a great step forward, some companies are feeling like they can not adopt SPDX until the 2.0 release which will add hierarchy and signing capability.
  • There's been a lot of discussion over the last few months in the Business and Tech Teams about backward compatibility. In any development process, this requirement is a constraint on the next release. On the other hand, adopters of software (and specs) want the future comfort of a dedication to backward compatibility. For a variety of reasons, there has been a ton of great work, but little production adoption of 1.0. With 2.0 slated for release in August (fingers crossed), it's reasonable to revisit how strongly we want to emphasize backward compatibility.

Should be a very interesting discussion and an important one to air before the upcoming meetings. An hour is short, so I don't expect detailed resolution, but we can make progress in that direction and get gauge sufficient to help speakers at the events represent the organization.

 

Best to all,

Phil

 

L. Philip Odence

Vice President of Business Development

Black Duck Software, Inc.

8 New England Executive Park, Suite 211, Burlington MA 01803

Phone: 781.810.1819, Mobile: 781.258.9502

Skype: philip.odence


_______________________________________________
Spdx mailing list
Spdx@...
https://lists.spdx.org/mailman/listinfo/spdx




--
E.A. Rockett
Senior Director 
Software & Services Operations
Motorola Mobility, Inc.
1000 Enterprise Way
Sunnyvale, CA 94089
+1.415.508.7625 (T)
+1.408.541-6900 (F)
rockett@...


Re: Today's SPDX Call

Lamons, Scott (Open Source Program Office) <scott.lamons@...>
 

Steve,

 

This sounds really good to me.   My only minor comment is that we should mostly focus on the objectives and use cases around 2.x and 3.x and not get too caught up on the timeline just yet.   As someone else appropriately pointed out that will depend on the commitment and resources that can be brought to bear and it might serve to discourage adoption of 1.x where that makes sense for certain organizations.

 

Regards,

Scott

 

 

From: spdx-biz-bounces@... [mailto:spdx-biz-bounces@...] On Behalf Of Steve Cropper (stcroppe)
Sent: Thursday, March 29, 2012 11:09 AM
To: Philip Odence; spdx@...; spdx-tech@...; spdx-legal@...; spdx-biz@...
Subject: RE: Today's SPDX Call

 

Folks:

 

Many thanks to those of you who participated in today’s meeting. I wanted to send out the wrap up next steps that I proposed and get feedback incase I missed, or misstated something.

 

The takeaways from today’s meeting that we all feel the team should address face to face during the Conference  next week are:

 

1.       To discuss roadmap and vision with a view to accelerating adoption and looking at a timeline for 2.x, 3.x and related objectives.

2.       Take time to build on and review the use case thread started by Tech team last Tuesday and seek other pain points/concerns folks have.

3.       Reflect on the Supply Chain Summit Agenda with points 1 and 2 in mind.

 

Looking forward to seeing those of you attending next week in person.

 

Regards

Steve

 

From: spdx-biz-bounces@... [mailto:spdx-biz-bounces@...] On Behalf Of Philip Odence
Sent: Thursday, March 29, 2012 6:08 AM
To: spdx@...; spdx-tech@...; spdx-legal@...; spdx-biz@...
Subject: Today's SPDX Call
Importance: High

 

Sorry for the excessive email of late, but it comes of our prepping for the upcoming Collaboration Summit and SPDX Forum.

 

Attached are a couple of slides to help us frame today's call. 

 

Phil

 

L. Philip Odence

Vice President of Business Development

Black Duck Software, Inc.

8 New England Executive Park, Suite 211, Burlington MA 01803

Phone: 781.810.1819, Mobile: 781.258.9502

Skype: philip.odence

 

 

From: Phil Odence <podence@...>
Date: Fri, 23 Mar 2012 15:03:38 -0500
To: <spdx@...>, <spdx-tech@...>, <spdx-legal@...>, <spdx-biz@...>
Subject: Special SPDX Adoption Meeting on Wednesday - PLEASE READ

 

NOTE WE WILL BE USING A DIFFERENT DIAL IN FOR THIS MEEING

 

Meeting Time: Thurs, March 29, 8am PDT / 10 am CDT / 11am EDT / 15:00 UTC. http://www.timeanddate.com/worldclock/converter.html


Conf call dial-in:
Conference code:  7812589502
Toll-free dial-in number (U.S. and Canada):  (877) 435-0230
International dial-in number: (253) 336-6732
For those dialing in from other regions, a list of toll free numbers can be found: 
https://www.intercallonline.com/portlets/scheduling/viewNumbers/viewNumber.do?ownerNumber=6053870&audioType=RP&viewGa=false&ga=OFF

 

IMPORTANT

 

Kim is out next week, so in the time normally reserved for the Business Team meeting, we will have a dedicated discussion about an important topic that came up in the General Meeting: Adoption of SPDX. I encourage members of all teams to attend, if possible.

 

Before the upcoming public gatherings at which we will be presenting SPDX Collaboration Summit and the Forum, we want to get as much alignment as possible on the way we will talk about adoption and the SPDX roadmap. A couple specifics we discussed in the Thursday call:

  • While we all feel that V1.0 is a great step forward, some companies are feeling like they can not adopt SPDX until the 2.0 release which will add hierarchy and signing capability.
  • There's been a lot of discussion over the last few months in the Business and Tech Teams about backward compatibility. In any development process, this requirement is a constraint on the next release. On the other hand, adopters of software (and specs) want the future comfort of a dedication to backward compatibility. For a variety of reasons, there has been a ton of great work, but little production adoption of 1.0. With 2.0 slated for release in August (fingers crossed), it's reasonable to revisit how strongly we want to emphasize backward compatibility.

Should be a very interesting discussion and an important one to air before the upcoming meetings. An hour is short, so I don't expect detailed resolution, but we can make progress in that direction and get gauge sufficient to help speakers at the events represent the organization.

 

Best to all,

Phil

 

L. Philip Odence

Vice President of Business Development

Black Duck Software, Inc.

8 New England Executive Park, Suite 211, Burlington MA 01803

Phone: 781.810.1819, Mobile: 781.258.9502

Skype: philip.odence


Re: Today's SPDX Call

Steve Cropper (stcroppe) <stcroppe@...>
 

Folks:

 

Many thanks to those of you who participated in today’s meeting. I wanted to send out the wrap up next steps that I proposed and get feedback incase I missed, or misstated something.

 

The takeaways from today’s meeting that we all feel the team should address face to face during the Conference  next week are:

 

1.       To discuss roadmap and vision with a view to accelerating adoption and looking at a timeline for 2.x, 3.x and related objectives.

2.       Take time to build on and review the use case thread started by Tech team last Tuesday and seek other pain points/concerns folks have.

3.       Reflect on the Supply Chain Summit Agenda with points 1 and 2 in mind.

 

Looking forward to seeing those of you attending next week in person.

 

Regards

Steve

 

From: spdx-biz-bounces@... [mailto:spdx-biz-bounces@...] On Behalf Of Philip Odence
Sent: Thursday, March 29, 2012 6:08 AM
To: spdx@...; spdx-tech@...; spdx-legal@...; spdx-biz@...
Subject: Today's SPDX Call
Importance: High

 

Sorry for the excessive email of late, but it comes of our prepping for the upcoming Collaboration Summit and SPDX Forum.

 

Attached are a couple of slides to help us frame today's call. 

 

Phil

 

L. Philip Odence

Vice President of Business Development

Black Duck Software, Inc.

8 New England Executive Park, Suite 211, Burlington MA 01803

Phone: 781.810.1819, Mobile: 781.258.9502

Skype: philip.odence

 

 

From: Phil Odence <podence@...>
Date: Fri, 23 Mar 2012 15:03:38 -0500
To: <spdx@...>, <spdx-tech@...>, <spdx-legal@...>, <spdx-biz@...>
Subject: Special SPDX Adoption Meeting on Wednesday - PLEASE READ

 

NOTE WE WILL BE USING A DIFFERENT DIAL IN FOR THIS MEEING

 

Meeting Time: Thurs, March 29, 8am PDT / 10 am CDT / 11am EDT / 15:00 UTC. http://www.timeanddate.com/worldclock/converter.html


Conf call dial-in:
Conference code:  7812589502
Toll-free dial-in number (U.S. and Canada):  (877) 435-0230
International dial-in number: (253) 336-6732
For those dialing in from other regions, a list of toll free numbers can be found: 
https://www.intercallonline.com/portlets/scheduling/viewNumbers/viewNumber.do?ownerNumber=6053870&audioType=RP&viewGa=false&ga=OFF

 

IMPORTANT

 

Kim is out next week, so in the time normally reserved for the Business Team meeting, we will have a dedicated discussion about an important topic that came up in the General Meeting: Adoption of SPDX. I encourage members of all teams to attend, if possible.

 

Before the upcoming public gatherings at which we will be presenting SPDX Collaboration Summit and the Forum, we want to get as much alignment as possible on the way we will talk about adoption and the SPDX roadmap. A couple specifics we discussed in the Thursday call:

  • While we all feel that V1.0 is a great step forward, some companies are feeling like they can not adopt SPDX until the 2.0 release which will add hierarchy and signing capability.
  • There's been a lot of discussion over the last few months in the Business and Tech Teams about backward compatibility. In any development process, this requirement is a constraint on the next release. On the other hand, adopters of software (and specs) want the future comfort of a dedication to backward compatibility. For a variety of reasons, there has been a ton of great work, but little production adoption of 1.0. With 2.0 slated for release in August (fingers crossed), it's reasonable to revisit how strongly we want to emphasize backward compatibility.

Should be a very interesting discussion and an important one to air before the upcoming meetings. An hour is short, so I don't expect detailed resolution, but we can make progress in that direction and get gauge sufficient to help speakers at the events represent the organization.

 

Best to all,

Phil

 

L. Philip Odence

Vice President of Business Development

Black Duck Software, Inc.

8 New England Executive Park, Suite 211, Burlington MA 01803

Phone: 781.810.1819, Mobile: 781.258.9502

Skype: philip.odence


Re: Today's SPDX Call

Steve Cropper (stcroppe) <stcroppe@...>
 

Thanks Phil:

 

I have attached a couple of slides for our input to the discussion.

 

Steve

 

From: spdx-biz-bounces@... [mailto:spdx-biz-bounces@...] On Behalf Of Philip Odence
Sent: Thursday, March 29, 2012 6:08 AM
To: spdx@...; spdx-tech@...; spdx-legal@...; spdx-biz@...
Subject: Today's SPDX Call
Importance: High

 

Sorry for the excessive email of late, but it comes of our prepping for the upcoming Collaboration Summit and SPDX Forum.

 

Attached are a couple of slides to help us frame today's call. 

 

Phil

 

L. Philip Odence

Vice President of Business Development

Black Duck Software, Inc.

8 New England Executive Park, Suite 211, Burlington MA 01803

Phone: 781.810.1819, Mobile: 781.258.9502

Skype: philip.odence

 

 

From: Phil Odence <podence@...>
Date: Fri, 23 Mar 2012 15:03:38 -0500
To: <spdx@...>, <spdx-tech@...>, <spdx-legal@...>, <spdx-biz@...>
Subject: Special SPDX Adoption Meeting on Wednesday - PLEASE READ

 

NOTE WE WILL BE USING A DIFFERENT DIAL IN FOR THIS MEEING

 

Meeting Time: Thurs, March 29, 8am PDT / 10 am CDT / 11am EDT / 15:00 UTC. http://www.timeanddate.com/worldclock/converter.html


Conf call dial-in:
Conference code:  7812589502
Toll-free dial-in number (U.S. and Canada):  (877) 435-0230
International dial-in number: (253) 336-6732
For those dialing in from other regions, a list of toll free numbers can be found: 
https://www.intercallonline.com/portlets/scheduling/viewNumbers/viewNumber.do?ownerNumber=6053870&audioType=RP&viewGa=false&ga=OFF

 

IMPORTANT

 

Kim is out next week, so in the time normally reserved for the Business Team meeting, we will have a dedicated discussion about an important topic that came up in the General Meeting: Adoption of SPDX. I encourage members of all teams to attend, if possible.

 

Before the upcoming public gatherings at which we will be presenting SPDX Collaboration Summit and the Forum, we want to get as much alignment as possible on the way we will talk about adoption and the SPDX roadmap. A couple specifics we discussed in the Thursday call:

  • While we all feel that V1.0 is a great step forward, some companies are feeling like they can not adopt SPDX until the 2.0 release which will add hierarchy and signing capability.
  • There's been a lot of discussion over the last few months in the Business and Tech Teams about backward compatibility. In any development process, this requirement is a constraint on the next release. On the other hand, adopters of software (and specs) want the future comfort of a dedication to backward compatibility. For a variety of reasons, there has been a ton of great work, but little production adoption of 1.0. With 2.0 slated for release in August (fingers crossed), it's reasonable to revisit how strongly we want to emphasize backward compatibility.

Should be a very interesting discussion and an important one to air before the upcoming meetings. An hour is short, so I don't expect detailed resolution, but we can make progress in that direction and get gauge sufficient to help speakers at the events represent the organization.

 

Best to all,

Phil

 

L. Philip Odence

Vice President of Business Development

Black Duck Software, Inc.

8 New England Executive Park, Suite 211, Burlington MA 01803

Phone: 781.810.1819, Mobile: 781.258.9502

Skype: philip.odence


Today's SPDX Call

Philip Odence
 

Sorry for the excessive email of late, but it comes of our prepping for the upcoming Collaboration Summit and SPDX Forum.

Attached are a couple of slides to help us frame today's call. 

Phil

L. Philip Odence
Vice President of Business Development
Black Duck Software, Inc.
8 New England Executive Park, Suite 211, Burlington MA 01803
Phone: 781.810.1819, Mobile: 781.258.9502
Skype: philip.odence


From: Phil Odence <podence@...>
Date: Fri, 23 Mar 2012 15:03:38 -0500
To: <spdx@...>, <spdx-tech@...>, <spdx-legal@...>, <spdx-biz@...>
Subject: Special SPDX Adoption Meeting on Wednesday - PLEASE READ

NOTE WE WILL BE USING A DIFFERENT DIAL IN FOR THIS MEEING

Meeting Time: Thurs, March 29, 8am PDT / 10 am CDT / 11am EDT / 15:00 UTC. http://www.timeanddate.com/worldclock/converter.html

Conf call dial-in:
Conference code:  7812589502
Toll-free dial-in number (U.S. and Canada):  (877) 435-0230
International dial-in number: (253) 336-6732
For those dialing in from other regions, a list of toll free numbers can be found: 
https://www.intercallonline.com/portlets/scheduling/viewNumbers/viewNumber.do?ownerNumber=6053870&audioType=RP&viewGa=false&ga=OFF

IMPORTANT

Kim is out next week, so in the time normally reserved for the Business Team meeting, we will have a dedicated discussion about an important topic that came up in the General Meeting: Adoption of SPDX. I encourage members of all teams to attend, if possible.

Before the upcoming public gatherings at which we will be presenting SPDX Collaboration Summit and the Forum, we want to get as much alignment as possible on the way we will talk about adoption and the SPDX roadmap. A couple specifics we discussed in the Thursday call:
  • While we all feel that V1.0 is a great step forward, some companies are feeling like they can not adopt SPDX until the 2.0 release which will add hierarchy and signing capability.
  • There's been a lot of discussion over the last few months in the Business and Tech Teams about backward compatibility. In any development process, this requirement is a constraint on the next release. On the other hand, adopters of software (and specs) want the future comfort of a dedication to backward compatibility. For a variety of reasons, there has been a ton of great work, but little production adoption of 1.0. With 2.0 slated for release in August (fingers crossed), it's reasonable to revisit how strongly we want to emphasize backward compatibility.
Should be a very interesting discussion and an important one to air before the upcoming meetings. An hour is short, so I don't expect detailed resolution, but we can make progress in that direction and get gauge sufficient to help speakers at the events represent the organization.

Best to all,
Phil

L. Philip Odence
Vice President of Business Development
Black Duck Software, Inc.
8 New England Executive Park, Suite 211, Burlington MA 01803
Phone: 781.810.1819, Mobile: 781.258.9502
Skype: philip.odence


Re: curious about the use of (R) and TM symbols

Philip Odence
 

Daniel,

Interesting you should ask, I just pinged Esteban for an update on this
earlier in the week. He and Motorola were pursuing on behalf of the Linux
Foundation (the holder of the marks). As of last summer, Software Package
Data Exchange had been registered, but SPDX had not, so it was correct to
use the (R) with the former and (TM) with the latter. I assume I would
have heard if the status had changed, but as I say am in the process of
confirming.

Rockett or I will get back to the list, if/when there is a change.
Otherwise assume status quo.

Phil

L. Philip Odence
Vice President of Business Development
Black Duck Software, Inc.
8 New England Executive Park, Suite 211, Burlington MA 01803
Phone: 781.810.1819, Mobile: 781.258.9502
Skype: philip.odence
podence@blackducksoftware.com
http://www.blackducksoftware.com <http://www.blackducksoftware.com/>
http://twitter.com/podence
http://www.linkedin.com/in/podence
http://www.networkworld.com/community/odence (my blog)

On 3/29/12 4:17 AM, "D M German" <dmg@uvic.ca> wrote:


Hi everybody,

I am curious, why if "SPDX" is a registered trademark in the US (I just
checked--not in canada, by the way) then there is the requirement to
postfix it with "TM" and not with (R) as is the case with the full name:
"Software Package Data Exchange (R)"

--dmg

--
Daniel M. German
http://turingmachine.org/
http://silvernegative.com/
dmg (at) uvic (dot) ca
replace (at) with @ and (dot) with .
_______________________________________________
Spdx mailing list
Spdx@lists.spdx.org
https://lists.spdx.org/mailman/listinfo/spdx


curious about the use of (R) and TM symbols

dmg
 

Hi everybody,

I am curious, why if "SPDX" is a registered trademark in the US (I just
checked--not in canada, by the way) then there is the requirement to
postfix it with "TM" and not with (R) as is the case with the full name:
"Software Package Data Exchange (R)"

--dmg

--
Daniel M. German
http://turingmachine.org/
http://silvernegative.com/
dmg (at) uvic (dot) ca
replace (at) with @ and (dot) with .


variants of licenses

dmg
 

Hi everybody,

my colleague Yuki Manabe, from the Univ. of Osaka, has been working hard
trying to extract all the licenses in every program of every package in
various Linux distributions (using Ninka).

This has allowed us to create a corpus of "licensing sentences". I think
this data might be useful for the matching of variations of licenses. Is
anybody working on this?

here are two files, representing the last two sentence of the BSD licensees:

http://turingmachine.org/~dmg/temp/bsd-variants-liable.txt
http://turingmachine.org/~dmg/temp/bsd-variants-as-is.txt

Some of the variants are due to copyright owners, but there are some
other interesting cases. The number at the front of each is its
frequency (per file).


--
Daniel M. German
http://turingmachine.org/
http://silvernegative.com/
dmg (at) uvic (dot) ca
replace (at) with @ and (dot) with .


SPDX 2.0 Use Cases

Ed Warnicke <eaw@...>
 

Over in spdx-tech this week, we started making use cases more precise and specific for 
SPDX 2.0:


Some of the 1.0 ones needs to be refreshed, and there may be other ones
available to fill in the details - for instance, auditors.  

A standardize template has been proposed,  and the others need to be
filled out in that manner, so we can have this consistent for analysis.
An example of that template is here:
http://spdx.org/wiki/spdx-20-usecase-upstream-maintainer-providing-spdx-data

A structured framework has been put together - we discussed additonal use
cases to be added to the Wiki.  Some are specific missing use cases were
added and folks signed up to flesh out (ideally with the template).

If the folks from the other teams would kindly:
1)  Help us to fill in any missing use cases
2)  Sign up to flesh out some of the use cases (we've got names in [ ] after use cases).

Ed 


Re: Special SPDX Adoption Meeting on Thursday - PLEASE READ

Manbeck, Jack
 

All,

 

I will be travelling on business this Thursday. I apologize in advance for having to miss this meeting.

 

Regards,

 

Jack Manbeck

 

Texas Instruments

www.ti.com

Main: (301) 407-9569

Cell:   (703) 386-6510


From: spdx-bounces@... [mailto:spdx-bounces@...] On Behalf Of kate.stewart@...
Sent: Friday, March 23, 2012 4:04 PM
To: spdx@...; spdx-tech@...; spdx-legal@...; spdx-biz@...; Philip Odence
Subject: Special SPDX Adoption Meeting on Thursday - PLEASE READ

 

Just talked to Phil and he asked me to to clarify,  meeting is on THURSDAY, not Wednesday as in original title.  Apologies for the confusion.

Kate

--- On Fri, 3/23/12, Philip Odence <podence@...> wrote:


From: Philip Odence <podence@...>
Subject: Special SPDX Adoption Meeting on Wednesday - PLEASE READ
To: "spdx@..." <spdx@...>, "spdx-tech@..." <spdx-tech@...>, "spdx-legal@..." <spdx-legal@...>, "spdx-biz@..." <spdx-biz@...>
Date: Friday, March 23, 2012, 2:03 PM

NOTE WE WILL BE USING A DIFFERENT DIAL IN FOR THIS MEEING

 

Meeting Time: Thurs, March 29, 8am PDT / 10 am CDT / 11am EDT / 15:00 UTC. http://www.timeanddate.com/worldclock/converter.html


Conf call dial-in:
Conference code:  7812589502
Toll-free dial-in number (U.S. and Canada):  (877) 435-0230
International dial-in number: (253) 336-6732
For those dialing in from other regions, a list of toll free numbers can be found: 
https://www.intercallonline.com/portlets/scheduling/viewNumbers/viewNumber.do?ownerNumber=6053870&audioType=RP&viewGa=false&ga=OFF

 

IMPORTANT

 

Kim is out next week, so in the time normally reserved for the Business Team meeting, we will have a dedicated discussion about an important topic that came up in the General Meeting: Adoption of SPDX. I encourage members of all teams to attend, if possible.

 

Before the upcoming public gatherings at which we will be presenting SPDX Collaboration Summit and the Forum, we want to get as much alignment as possible on the way we will talk about adoption and the SPDX roadmap. A couple specifics we discussed in the Thursday call:

  • While we all feel that V1.0 is a great step forward, some companies are feeling like they can not adopt SPDX until the 2.0 release which will add hierarchy and signing capability.
  • There's been a lot of discussion over the last few months in the Business and Tech Teams about backward compatibility. In any development process, this requirement is a constraint on the next release. On the other hand, adopters of software (and specs) want the future comfort of a dedication to backward compatibility. For a variety of reasons, there has been a ton of great work, but little production adoption of 1.0. With 2.0 slated for release in August (fingers crossed), it's reasonable to revisit how strongly we want to emphasize backward compatibility.

Should be a very interesting discussion and an important one to air before the upcoming meetings. An hour is short, so I don't expect detailed resolution, but we can make progress in that direction and get gauge sufficient to help speakers at the events represent the organization.

 

Best to all,

Phil

 

L. Philip Odence

Vice President of Business Development

Black Duck Software, Inc.

8 New England Executive Park, Suite 211, Burlington MA 01803

Phone: 781.810.1819, Mobile: 781.258.9502

Skype: philip.odence


-----Inline Attachment Follows-----

_______________________________________________
Spdx mailing list
Spdx@...
https://lists.spdx.org/mailman/listinfo/spdx

 


Someone to present SPDX at LSM/RMLL in Geneva (July 2012) ?

Olivier Berger <olivier.berger@...>
 

Hi.

I think it could be interesting if someone could present SPDX at the
coming Libre Software Meeting in Geneva in July 2012.

More details at :
http://2012.rmll.info/en/participate/call-for-papers

Anyone interested ?

Best regards,
--
Olivier BERGER
http://www-public.it-sudparis.eu/~berger_o/ - OpenPGP-Id: 2048R/5819D7E8
Ingenieur Recherche - Dept INF
Institut TELECOM, SudParis (http://www.it-sudparis.eu/), Evry (France)


Re: proselytizing the License List

Philip Odence
 

Good one, Jilayne. Not sure everyone caught this one I did last Spring. http://www.spdx.org/content/celebrate-small-victories-and-cheers-open-source-initiative

From: Jilayne Lovejoy <jilayne.lovejoy@...>
Date: Fri, 23 Mar 2012 20:35:58 +0000
To: SPDX-legal <spdx-legal@...>, SPDX-general <spdx@...>
Subject: proselytizing the License List


I was due to post a blog entry, so thought I'd take the opportunity to do a little proselytizing :)



Jilayne Lovejoy |  Corporate Counsel
jlovejoy@...  |  720 240 4545
Follow me on Twitter @jilaynelovejoy

OpenLogic, Inc.
10910 W 120th Ave, Suite 450
Broomfield, Colorado 80021
www.openlogic.com
Follow OpenLogic on Twitter @openlogic
_______________________________________________ Spdx mailing list Spdx@... https://lists.spdx.org/mailman/listinfo/spdx

881 - 900 of 1467