Date   

Minutes from Business Call

Kim Weins
 

Hi All

Minutes are now available.

http://www.spdx.org/wiki/business-team-meeting-agendaminutes-20110106

We spent most of the call talking about the Beta program.  We are targeting Feb 3rd to have an introductory call with all of the potential beta sites (5 to date) to go over details of the program, what we are asking them to do, what we will be providing them, etc.

Our next business team call is in 2 weeks — Jan 20th

Kim


SPDX Web Site Linkes Appear to be broken

Tom Incorvia
 

Hi SPDX Team,

 

Most of the links on the SPDSX site are not working – I was trying to get to the license list. 

 

 

Tom

 

 

Tom Incorvia

tom.incorvia@...

Direct:  (512) 340-1336

Mobile: (408) 499 6850



This message has been scanned for viruses by MailController.


Re: SPDX Web Site Linkes Appear to be broken

Martin Michlmayr
 

This was caused by a Drupal upgrade I did earlier today. The issue
has not been fixed yet (<http://drupal.org/node/1019788>) so I
downgraded to the previous version.

* Tom Incorvia <tom.incorvia@...> [2011-01-09 16:07]:

Hi SPDX Team,

Most of the links on the SPDSX site are not working – I was trying to get to the license list.


Tom

[cid:image001.jpg@...]

Tom Incorvia
tom.incorvia@...<mailto:tom.incorvia@...>
Direct: (512) 340-1336
Mobile: (408) 499 6850



This message has been scanned for viruses by MailController<http://www.MailController.altohiway.com/>.


_______________________________________________
Spdx mailing list
Spdx@...
https://fossbazaar.org/mailman/listinfo/spdx
--
Martin Michlmayr
Open Source Program Office, Hewlett-Packard


Invitation: SPDX Legal Workstream (Rollout) Call 11ET/10CT/8PT @ Every 2 weeks from 8am to 9am on Wednesday from Wed Jan 12 to Wed Dec 14 (spdx@fossbazaar.org)

Esteban Rockett <mgia3940@...>
 

SPDX Legal Workstream (Rollout) Call 11ET/10CT/8PT

Happy New Year to all.

This calendar appointment is for our regular bi-weekly SPDX Legal Workstream call.

Many thanks,

Rockett

Motorola Inc.
E.A. Rockett
Senior Counsel
Software, Applications &
Digital Content Licensing
(408)541-6703 (O)
(408)541-6900 (F)
(415)508-7625 (M)
rockett@...

When
Every 2 weeks from 8am to 9am on Wednesday from Wed Jan 12 to Wed Dec 14 Pacific Time
Where
Conference Bridge 1.877.825.8522 PIN:0376146 (map)
Calendar
spdx@...
Who
Esteban Rockett - organizer
amanda.brock@...
sadams@...
tony.gomes@...
feb.cabrasawan@...
rfontana@...
jmcbroom@...
Alexandra.Siegel@...
linda.shih@...
mpierovi@...
kathleen.mullins@...
rtiller@...
JOHN ELLIS
alastern@...
Mikko.Amper@...
adcohn@...
paul.madick@...
ilardi@...
areid@...
owen.james.boyle@...
smortin@...
Mansour Ghomeshi
scott.k.peterson@...
Guy.Colpitts@...
bgieseman@...
pmcbride@...
tcarlson@...
spaek@...
andrew.wilson@...
barbara.reilly@...
jwacha@...
bkahin@...
mrc@...
andrew.updegrove@...
mccoy.smith@...
ssemel@...
gsjones@...
kcopenhaver@...
spdx@...
spdx-legal-request@...

Going?   All events in this series:   Yes - Maybe - No    more options »

Invitation from Google Calendar

You are receiving this courtesy email at the account spdx@... because you are an attendee of this event.

To stop receiving future notifications for this event, decline this event. Alternatively you can sign up for a Google account at https://www.google.com/calendar/ and control your notification settings for your entire calendar.


Updated Invitation: SPDX Legal Workstream Bi-Weekly Call 11ET/10CT/8PT @ Every 2 weeks from 8am to 9am on Wednesday from Wed Jan 12 to Wed Dec 14 (spdx@fossbazaar.org)

Esteban Rockett <mgia3940@...>
 

This event has been changed.

Changed: SPDX Legal Workstream Bi-Weekly Call 11ET/10CT/8PT

Happy New Year to all.

This calendar appointment is for our regular bi-weekly SPDX Legal Workstream call.

Many thanks,

Rockett

Motorola Inc.
E.A. Rockett
Senior Counsel
Software, Applications &
Digital Content Licensing
(408)541-6703 (O)
(408)541-6900 (F)
(415)508-7625 (M)
rockett@...

When
Every 2 weeks from 8am to 9am on Wednesday from Wed Jan 12 to Wed Dec 14 Pacific Time
Where
Conference Bridge 1.877.825.8522 PIN:0376146 (map)
Calendar
spdx@...
Who
Esteban Rockett - organizer
amanda.brock@...
sadams@...
tony.gomes@...
feb.cabrasawan@...
rfontana@...
jmcbroom@...
Alexandra.Siegel@...
linda.shih@...
mpierovi@...
kathleen.mullins@...
rtiller@...
JOHN ELLIS
alastern@...
Mikko.Amper@...
adcohn@...
paul.madick@...
ilardi@...
areid@...
owen.james.boyle@...
smortin@...
Mansour Ghomeshi
scott.k.peterson@...
Guy.Colpitts@...
bgieseman@...
pmcbride@...
tcarlson@...
spaek@...
andrew.wilson@...
barbara.reilly@...
jwacha@...
bkahin@...
mrc@...
andrew.updegrove@...
mccoy.smith@...
ssemel@...
gsjones@...
kcopenhaver@...
spdx@...
spdx-legal-request@...

Going?   All events in this series:   Yes - Maybe - No    more options »

Invitation from Google Calendar

You are receiving this courtesy email at the account spdx@... because you are an attendee of this event.

To stop receiving future notifications for this event, decline this event. Alternatively you can sign up for a Google account at https://www.google.com/calendar/ and control your notification settings for your entire calendar.


Updated Invitation: SPDX Legal Workstream Bi-Weekly Call 11ET/10CT/8PT @ Wed Jan 12 8am - 9am (spdx@fossbazaar.org)

Esteban Rockett <mgia3940@...>
 

This event has been changed.

SPDX Legal Workstream Bi-Weekly Call 11ET/10CT/8PT

Changed: All:

- Please note, proposed minutes from our last meeting are posted on the SPDX Wiki under the Legal Workstream section. Sorry for the delay. We will allow an additional week for approval of these minutes.

- Adding (1) Agenda for today's 2-Jan-2011 meeting, (2) International Dial-in Numbers, and (3) Proposed Minutes from Last Meeting:


(1) -- 12-Jan-2011 -- Proposed Agenda

(A) Last Meeting Minutes Posted; Additional Week to Review

(B) Update on "Create Process/Method to Add Licenses"

(C) Update on SPDX Metadata License Discussion with Bradley and SPDX Core Team

(D) Continue/Conclude Discussion on Use of SPDX Standard License Acronyms

(E) Issue raised from Tech Workstream on the need for a Legal Policy on "SPDX Not Validating License Recited"

(F) Any New Topics


(2) -- International Dial-in Numbers --

Conference PIN: 0376146

Country

Toll free number

AUSTRALIA

1800003691

AUSTRIA

0800292117

BELGIUM

080077968

CANADA

8772832663

CHINA Netcom (CNC)*

10 800 712 3245
10 800 714 0551

CHINA Telecom (CT)*

10 800 120 3245

DENMARK

80703158

FINLAND

0800770232

FRANCE

0800941694

GERMANY

08001014510

GREECE

0080016122038641

HONG KONG

800967971

HUNGARY

0680015286

INDIA (Bharti) **

000 800 001 2005

INDIA (Reliance)

000195

INDIA (VSNL)

0008001005009

INDIA (ALL OTHER CARRIERS) **

000 800 100 6006

INDONESIA

008800105490 (mobile excluded)

INDONESIA Alternate

0018030113665 (mobile excluded)

IRELAND

1800944115

ISRAEL

1809458641

ITALY

800781687

JAPAN

00531160347

LUXEMBOURG

80023984

MALAYSIA

1 800 802 411

MONACO

80093182

NETHERLANDS

08002658218

NEW ZEALAND

0800447808

NORWAY

80057408

PHILIPPINES

180011100676

POLAND

008001114561

PORTUGAL

800819894

RUSSIA

81080022521012

SINGAPORE

800 120 0250

SOUTH AFRICA

0800990934

SOUTH KOREA

00308140426

SPAIN

900971504

SWEDEN

0201400558

SWITZERLAND

0800563963

TAIWAN, THE REPUBLIC OF CHINA

00801126569

THAILAND

0018001562038641

UNITED KINGDOM

08006920816

UNITED STATES

8772832663


***
Happy New Year to all.

This calendar appointment is for our regular bi-weekly SPDX Legal Workstream call.

Many thanks,

Rockett

Motorola Inc.
E.A. Rockett
Senior Counsel
Software, Applications &
Digital Content Licensing
(408)541-6703 (O)
(408)541-6900 (F)
(415)508-7625 (M)
rockett@...

When
Wed Jan 12 8am – 9am Pacific Time
Where
Conference Bridge 1.877.825.8522 PIN:0376146 (map)
Calendar
spdx@...
Who
Esteban Rockett - organizer
amanda.brock@...
tony.gomes@...
sadams@...
feb.cabrasawan@...
jmcbroom@...
rfontana@...
linda.shih@...
Alexandra.Siegel@...
mpierovi@...
kathleen.mullins@...
JOHN ELLIS
rtiller@...
alastern@...
Mikko.Amper@...
adcohn@...
paul.madick@...
ilardi@...
areid@...
owen.james.boyle@...
smortin@...
Mansour Ghomeshi
scott.k.peterson@...
Guy.Colpitts@...
bgieseman@...
pmcbride@...
spaek@...
tcarlson@...
andrew.wilson@...
barbara.reilly@...
jwacha@...
bkahin@...
andrew.updegrove@...
mrc@...
mccoy.smith@...
ssemel@...
gsjones@...
kcopenhaver@...
spdx-legal-request@...
spdx@...

Going?   Yes - Maybe - No    more options »

Invitation from Google Calendar

You are receiving this courtesy email at the account spdx@... because you are an attendee of this event.

To stop receiving future notifications for this event, decline this event. Alternatively you can sign up for a Google account at https://www.google.com/calendar/ and control your notification settings for your entire calendar.


Agenda for Thursday's SPDX General Meeting

Philip Odence
 

Meeting Time: Dec 2, 8am PDT / 10 am CDT / 11am EDT / 16:00 UTC. http://www.timeanddate.com/worldclock/converter.html

Conf call dial-in:
Conference code:  7812589502
Toll-free dial-in number (U.S. and Canada):  (877) 435-0230
International dial-in number: (253) 336-6732
For those dialing in from other regions, a list of toll free numbers can be found: 
https://www.intercallonline.com/portlets/scheduling/viewNumbers/viewNumber.do?ownerNumber=6053870&audioType=RP&viewGa=false&ga=OFF

Web:
Note, we will be using a different URL for each meeting for purposes of taking attendance. When you login PLEASE INCLUDE YOUR FULL NAME IN THIS FORM: Phil Odence, Black Duck Software so I can just copy/paste into minutes. THXhttp://blackducksoftware.na6.acrobat.com/spdx2dec10
 
Administrative Agenda
Attendance

Technical Team Report - Kate

Business Team Report - Kim/JohnE
Beta program status

Legal Team Report - Rockett/Karen

Cross Functional Issues - Phil


Action Items

Most of the action items belong with the Teams. So, in addition to statusing, we will dispatch them to the respective teams and will not continue to track in this meeting. Action items for this meeting will be cross functional.

• Kate/Kim- Draft example for LF Member Counsel; include XML and spreadsheet. PENDING
• MichaelH/Rockett- Write up and share postion on "reporting" vs. "interpreting. PENDING
• Rockett- Post regular meeting times on Legal Team page. PENDING
• MartinM- Report back on # of people on respective mailing lists. DONE, BUT LET'S KEEP UPDATING

L. Philip Odence
Vice President of Business Development
Black Duck Software, inc.
265 Winter Street, Waltham, MA 02451
Phone: 781.810.1819, Mobile: 781.258.9502


Purpose of licensing info

Peter Williams <peter.williams@...>
 

There has been a bit of discussion in the technical working group
about the role of judgments in spdx. It has been suggested that
information that is the result of human, or automated heuristic,
judgment should disallowed/discouraged in spdx files.

This has lead me to wonder a about the primary purpose of the
licensing parts of spdx. Do we intended for spdx files to convey the
actual licenses under which a package is copyable? Or should spdx
files convey the just licenses under which a package is explicitly
stated/declared to be copyable?

The actual licensing of a package is often not fully and explicitly
stated. (Files don't have header, code snippets are copied, etc.)
Therefore if spdx conveys the actual licensing of a package this will
require representing human/heuristic judgments.

Conveying the actual licensing will also mean that two spdx files for
the same package might disagree regarding the licensing. This could
happen because one was generated by a person or tool that discovered
more facts. (For example, a tool might detect that some of the code
in a file appears to originate from some other project while a human
on their own might not.) Or it could result from different judgments
being made from the same information.

If we limit spdx to conveying only the stated/declared licensing we
would avoid inharmonious spdx files. This would be achieved by
precluding judgments (or limiting the types of allowed judgments to a
very small set). However, consumers would not be able to treat spdx
files as an authoritative guide to the licensing of the package. The
set of declared/explicitly stated licenses would often be incomplete
and sometimes it would be erroneous.

The beta spec states that "information that cannot be derived from an
inspection (whether manual or using automated tools) of the package to
be analyzed" is "not covered in the specification". This would seem
to imply that judgments about what licenses a package was copyable
under would be allowed if those judgments where based in discoverable
facts. However, i am not sure it is entirely cut and dry.

I think some this issue bares some discussion in the larger group.
Are technical judgments regarding the licensing of the files and
packages acceptable and/or desirable in spdx files?

Peter
openlogic.com


SPDX General Meeting link

Philip Odence
 

Note: I realize that the link I sent our for the webshare has an older date embedded in it. Please ignore and use it anyway.
Thanks, Phil


L. Philip Odence
Vice President of Business Development
Black Duck Software, inc.
265 Winter Street, Waltham, MA 02451
Phone: 781.810.1819, Mobile: 781.258.9502


Re: Purpose of licensing info

kate.stewart@...
 

Based on discussions on the SPDX call today, I think we are closing in on the following proposal for the file level to address the concerns raised by Open Logic.

There will be a special call tomorrow at 9am EST to get resolution on this issue. Please let Esteban Rockett or myself know, off-list, if you are interested in participating and were not in the legal call yesterday or the coordination call today.

Proposal: section 5.3 (License(s)) of the spec will become 3 fields:

5.3a Asserted License

5.3a.1 Purpose: This field contains the license governing the file if it can be determined. If no license information can be determined, the license is denoted as “Unknown”. The licenses should use the standard short form names. See Appendix I for standardized license short forms. If a Detected License is not one of the standardized license short forms, this field must contain a reference to the full licenses text included in this SPDX file in section 4. If more than one license is detected in the file, then each should be listed. If any of the detected licenses offer the recipient a choice of licenses, then each of the choices will be declared as a “disjunctive” license.

5.3a.2 Intent: Here, the intent is to have a uniform method to refer to the license that is determined to represent the file with specificity to eliminate any license confusion. For example, the 3 clause BSD would have a different license identifier then the 4 clause BSD.

5.3a.3 Cardinality: Mandatory, one.

5.3a.4 Tag: "LicenseAsserted:"

5.3a.5 RDF: TBD (include Disjunctive form here)

5.3a.6 Data Format: <short form identifier in Appendix I> | "FullLicense"-N

5.3a.7 Example:
LicenseAsserted: GPL-2.0


5.3b Detected License(s)

5.3b.1 Purpose: This field contains the license governing the file if it is known. It will be explicit from the file header or other information found in the file’s source code. If no license information is found it should be denoted as “NotSpecified”. If no license information can be determined, the license is denoted as “Unknown”. The licenses should use the standard short form names. See Appendix I for standardized license short forms. If a Detected License is not one of the standardized license short forms, this field must contain a reference to the full licenses text included in this SPDX file in section 4. If more than one license is detected in the file, then each should be listed. If any of the detected licenses offer the recipient a choice of licenses, then each of the choices will be declared as a “disjunctive” license.

5.ba.2 Intent: Here, the intent is to have a uniform method to refer to each license with specificity to eliminate any license confusion. For example, the 3 clause BSD would have a different license identifier then the 4 clause BSD.

5.3b.3 Cardinality: Mandatory, one or many.

5.3b.4 Tag: "LicenseDetected:"

5.3b.5 RDF: TBD (not including disjunctive form, if multiple many should be specified )

5.3b.6 Data Format: <short form identifier in Appendix I> | "FullLicense"-N

5.3b.7 Example:
LicenseDetected: GPL-2.0
LicenseDetected: FullLicense-2


5.3c License Comments

5.3c.1 Purpose: This field is a detailed description of the analysis and any relevent background references that went in to making the asserted license for a file, if the asserted license does not match the detected license that the person creating the SPDX file wants to share with the reviewers.

5.3c.2 Intent: Here, the intent is to provide technical readers/reviewers with a detailed technical explanation of how the asserted license was determined if it does not match the detected license.

5.3c.3 Cardinality: Optional, single instance

5.3c.4 Tag: “LicenseComments:”

5.3c.5 RDF: TBD

5.3c.6 Data Format: free form text than can span multiple lines, preceded with <text> and ending with </text>.

5.3c.7 Example: LicenseComments: <text> The asserted license was taken from the package level that the file was included in. </text>

The above is preliminary at this point, so needs some polishing. I've entered it in bugzilla (http://bugs.linux-foundation.org/show_bug.cgi?id=625), so after the discussion tomorrow, feel free to subscribe, and make improvements there.

Kate


Re: Purpose of licensing info

Peter Williams <peter.williams@...>
 

What about naming the field that represents the actual license of a
file/package "License". In the current spec File already has such a
property so all that would have to be done is adjust the verbiage
slightly and make it apply to packages too.

"LicenseDetected" is a little ambiguous for what this field actually
represents. "DeclaredLicenses" would be clearer. "DeclaredLicenses"
also has the advantage already being defined on package and it means
the same thing there. We could just make that property apply to
files too.

Peter
openlogic.com

On Thu, Jan 13, 2011 at 12:46 PM, <kate.stewart@...> wrote:
Based on discussions on the SPDX call today, I think we are closing in on the following proposal for the file level to address the concerns raised by Open Logic.

There will be a special call tomorrow at 9am EST to get resolution on this issue.  Please let Esteban Rockett or myself know,  off-list, if you are interested in participating and were not in the legal call yesterday or the coordination call today.

Proposal:  section 5.3 (License(s)) of the spec will become 3 fields:

5.3a Asserted License

5.3a.1 Purpose: This field contains the license governing the file if it can be determined.  If no license information can be determined, the license is denoted as “Unknown”.   The licenses should use the standard short form names.   See Appendix I for standardized license short forms.  If a Detected License is not one of the standardized license short forms, this field must contain a reference to the full licenses text included in this SPDX file in section 4.  If more than one license is detected in the file, then each should be listed.  If any of the detected licenses offer the recipient a choice of licenses, then each of the choices will be declared as a “disjunctive” license.

5.3a.2 Intent: Here, the intent is to have a uniform method to refer to the license that is determined to represent the file with specificity to eliminate any license confusion.  For example, the 3 clause BSD would have a different license identifier then the 4 clause BSD.

5.3a.3 Cardinality:  Mandatory, one.

5.3a.4 Tag: "LicenseAsserted:"

5.3a.5 RDF: TBD  (include Disjunctive form here)

5.3a.6 Data Format: <short form identifier in Appendix I> | "FullLicense"-N

5.3a.7 Example:
LicenseAsserted: GPL-2.0


5.3b Detected License(s)

5.3b.1 Purpose: This field contains the license governing the file if it is known.  It will be explicit from the file header or other information found in the file’s source code.    If no license information is found it should be denoted as “NotSpecified”.  If no license information can be determined, the license is denoted as “Unknown”.   The licenses should use the standard short form names.   See Appendix I for standardized license short forms.  If a Detected License is not one of the standardized license short forms, this field must contain a reference to the full licenses text included in this SPDX file in section 4.  If more than one license is detected in the file, then each should be listed.  If any of the detected licenses offer the recipient a choice of licenses, then each of the choices will be declared as a “disjunctive” license.

5.ba.2 Intent: Here, the intent is to have a uniform method to refer to each license with specificity to eliminate any license confusion.  For example, the 3 clause BSD would have a different license identifier then the 4 clause BSD.

5.3b.3 Cardinality:  Mandatory, one or many.

5.3b.4 Tag: "LicenseDetected:"

5.3b.5 RDF: TBD (not including disjunctive form, if multiple many should be specified )

5.3b.6 Data Format: <short form identifier in Appendix I> | "FullLicense"-N

5.3b.7 Example:
LicenseDetected: GPL-2.0
LicenseDetected: FullLicense-2


5.3c License Comments

5.3c.1 Purpose: This field is a detailed description of the analysis and any relevent background references that went in to making the asserted license for a file, if the asserted license does not match the detected license that the person creating the SPDX file wants to share with the reviewers.

5.3c.2 Intent:  Here, the intent is to provide technical readers/reviewers with a detailed technical explanation of how the asserted license was determined if it does not match the detected license.

5.3c.3 Cardinality: Optional, single instance

5.3c.4 Tag: “LicenseComments:”

5.3c.5 RDF: TBD

5.3c.6 Data Format: free form text than can span multiple lines, preceded with <text> and ending with </text>.

5.3c.7 Example: LicenseComments: <text> The asserted license was taken from the package level that the file was included in.  </text>

The above is preliminary at this point, so needs some polishing.  I've entered it in bugzilla (http://bugs.linux-foundation.org/show_bug.cgi?id=625), so after the discussion tomorrow, feel free to subscribe, and make improvements there.

Kate
_______________________________________________
Spdx mailing list
Spdx@...
https://fossbazaar.org/mailman/listinfo/spdx


Re: Purpose of licensing info

Esteban Rockett <mgia3940@...>
 

Kate:

Thank you for sending. Agree 100%.

All:

This issue has been a continually thought of all founders since the origins of SPDX.

The below is consistent with the original intent of SPDX, and direction of the SPDX Core Team, SPDX Legal Workstream, and Linux Foundation Member Counsel.

I look forward to finalizing in the meeting tomorrow.

Many thanks,

Rockett





Many thanks,

Rockett

On 2011-01-13, at 11:46 AM, <kate.stewart@...> wrote:

Based on discussions on the SPDX call today, I think we are closing in on the following proposal for the file level to address the concerns raised by Open Logic.

There will be a special call tomorrow at 9am EST to get resolution on this issue. Please let Esteban Rockett or myself know, off-list, if you are interested in participating and were not in the legal call yesterday or the coordination call today.

Proposal: section 5.3 (License(s)) of the spec will become 3 fields:

5.3a Asserted License

5.3a.1 Purpose: This field contains the license governing the file if it can be determined. If no license information can be determined, the license is denoted as “Unknown”. The licenses should use the standard short form names. See Appendix I for standardized license short forms. If a Detected License is not one of the standardized license short forms, this field must contain a reference to the full licenses text included in this SPDX file in section 4. If more than one license is detected in the file, then each should be listed. If any of the detected licenses offer the recipient a choice of licenses, then each of the choices will be declared as a “disjunctive” license.

5.3a.2 Intent: Here, the intent is to have a uniform method to refer to the license that is determined to represent the file with specificity to eliminate any license confusion. For example, the 3 clause BSD would have a different license identifier then the 4 clause BSD.

5.3a.3 Cardinality: Mandatory, one.

5.3a.4 Tag: "LicenseAsserted:"

5.3a.5 RDF: TBD (include Disjunctive form here)

5.3a.6 Data Format: <short form identifier in Appendix I> | "FullLicense"-N

5.3a.7 Example:
LicenseAsserted: GPL-2.0


5.3b Detected License(s)

5.3b.1 Purpose: This field contains the license governing the file if it is known. It will be explicit from the file header or other information found in the file’s source code. If no license information is found it should be denoted as “NotSpecified”. If no license information can be determined, the license is denoted as “Unknown”. The licenses should use the standard short form names. See Appendix I for standardized license short forms. If a Detected License is not one of the standardized license short forms, this field must contain a reference to the full licenses text included in this SPDX file in section 4. If more than one license is detected in the file, then each should be listed. If any of the detected licenses offer the recipient a choice of licenses, then each of the choices will be declared as a “disjunctive” license.

5.ba.2 Intent: Here, the intent is to have a uniform method to refer to each license with specificity to eliminate any license confusion. For example, the 3 clause BSD would have a different license identifier then the 4 clause BSD.

5.3b.3 Cardinality: Mandatory, one or many.

5.3b.4 Tag: "LicenseDetected:"

5.3b.5 RDF: TBD (not including disjunctive form, if multiple many should be specified )

5.3b.6 Data Format: <short form identifier in Appendix I> | "FullLicense"-N

5.3b.7 Example:
LicenseDetected: GPL-2.0
LicenseDetected: FullLicense-2


5.3c License Comments

5.3c.1 Purpose: This field is a detailed description of the analysis and any relevent background references that went in to making the asserted license for a file, if the asserted license does not match the detected license that the person creating the SPDX file wants to share with the reviewers.

5.3c.2 Intent: Here, the intent is to provide technical readers/reviewers with a detailed technical explanation of how the asserted license was determined if it does not match the detected license.

5.3c.3 Cardinality: Optional, single instance

5.3c.4 Tag: “LicenseComments:”

5.3c.5 RDF: TBD

5.3c.6 Data Format: free form text than can span multiple lines, preceded with <text> and ending with </text>.

5.3c.7 Example: LicenseComments: <text> The asserted license was taken from the package level that the file was included in. </text>

The above is preliminary at this point, so needs some polishing. I've entered it in bugzilla (http://bugs.linux-foundation.org/show_bug.cgi?id=625), so after the discussion tomorrow, feel free to subscribe, and make improvements there.

Kate
_______________________________________________
Spdx mailing list
Spdx@...
https://fossbazaar.org/mailman/listinfo/spdx


Re: Purpose of licensing info

Philip Odence
 

I think the concept is sound and, as Rockett says, consistent.

Minor stuff: 
- I agree with Peter that we may want to tweak the names and the descriptions. 
- Description under Asserted still says "detected" in a few places.

Great progress on a thorny issues.

Phil



On Jan 13, 2011, at 4:16 PM, Esteban Rockett wrote:

Kate:

Thank you for sending.  Agree 100%.

All:

This issue has been a continually thought of all founders since the origins of SPDX.

The below is consistent with the original intent of SPDX, and direction of the SPDX Core Team, SPDX Legal Workstream, and Linux Foundation Member Counsel.

I look forward to finalizing in the meeting tomorrow.

Many thanks,

Rockett





Many thanks,

Rockett


On 2011-01-13, at 11:46 AM, <kate.stewart@...> wrote:

Based on discussions on the SPDX call today, I think we are closing in on the following proposal for the file level to address the concerns raised by Open Logic.

There will be a special call tomorrow at 9am EST to get resolution on this issue.  Please let Esteban Rockett or myself know,  off-list, if you are interested in participating and were not in the legal call yesterday or the coordination call today.

Proposal:  section 5.3 (License(s)) of the spec will become 3 fields:

5.3a Asserted License

5.3a.1 Purpose: This field contains the license governing the file if it can be determined.  If no license information can be determined, the license is denoted as “Unknown”.   The licenses should use the standard short form names.   See Appendix I for standardized license short forms.  If a Detected License is not one of the standardized license short forms, this field must contain a reference to the full licenses text included in this SPDX file in section 4.  If more than one license is detected in the file, then each should be listed.  If any of the detected licenses offer the recipient a choice of licenses, then each of the choices will be declared as a “disjunctive” license.

5.3a.2 Intent: Here, the intent is to have a uniform method to refer to the license that is determined to represent the file with specificity to eliminate any license confusion.  For example, the 3 clause BSD would have a different license identifier then the 4 clause BSD.

5.3a.3 Cardinality:  Mandatory, one.

5.3a.4 Tag: "LicenseAsserted:"  

5.3a.5 RDF: TBD  (include Disjunctive form here)

5.3a.6 Data Format: <short form identifier in Appendix I> | "FullLicense"-N

5.3a.7 Example:
LicenseAsserted: GPL-2.0


5.3b Detected License(s)

5.3b.1 Purpose: This field contains the license governing the file if it is known.  It will be explicit from the file header or other information found in the file’s source code.    If no license information is found it should be denoted as “NotSpecified”.  If no license information can be determined, the license is denoted as “Unknown”.   The licenses should use the standard short form names.   See Appendix I for standardized license short forms.  If a Detected License is not one of the standardized license short forms, this field must contain a reference to the full licenses text included in this SPDX file in section 4.  If more than one license is detected in the file, then each should be listed.  If any of the detected licenses offer the recipient a choice of licenses, then each of the choices will be declared as a “disjunctive” license.

5.ba.2 Intent: Here, the intent is to have a uniform method to refer to each license with specificity to eliminate any license confusion.  For example, the 3 clause BSD would have a different license identifier then the 4 clause BSD.

5.3b.3 Cardinality:  Mandatory, one or many.

5.3b.4 Tag: "LicenseDetected:"  

5.3b.5 RDF: TBD (not including disjunctive form, if multiple many should be specified )

5.3b.6 Data Format: <short form identifier in Appendix I> | "FullLicense"-N

5.3b.7 Example:
LicenseDetected: GPL-2.0
LicenseDetected: FullLicense-2


5.3c License Comments

5.3c.1 Purpose: This field is a detailed description of the analysis and any relevent background references that went in to making the asserted license for a file, if the asserted license does not match the detected license that the person creating the SPDX file wants to share with the reviewers.   

5.3c.2 Intent:  Here, the intent is to provide technical readers/reviewers with a detailed technical explanation of how the asserted license was determined if it does not match the detected license.  

5.3c.3 Cardinality: Optional, single instance

5.3c.4 Tag: “LicenseComments:”

5.3c.5 RDF: TBD

5.3c.6 Data Format: free form text than can span multiple lines, preceded with <text> and ending with </text>.

5.3c.7 Example: LicenseComments: <text> The asserted license was taken from the package level that the file was included in.  </text>

The above is preliminary at this point, so needs some polishing.  I've entered it in bugzilla (http://bugs.linux-foundation.org/show_bug.cgi?id=625), so after the discussion tomorrow, feel free to subscribe, and make improvements there.   

Kate
_______________________________________________
Spdx mailing list
Spdx@...
https://fossbazaar.org/mailman/listinfo/spdx

_______________________________________________
Spdx mailing list
Spdx@...
https://fossbazaar.org/mailman/listinfo/spdx


Re: Purpose of licensing info

Peterson, Scott K (HP Legal)
 

Kate and Peter --

I am trying to understand the meaning and value of "detected" and/or "declared" as distinguished from "your best guess", i.e., "asserted".

What would be the value of the detected or declared field for the two cases where the file included one of these strings:

"This file is licensed under the same terms as Perl."

"For license terms, see the file LICENSE."

-- Scott

-----Original Message-----
From: spdx-bounces@... [mailto:spdx-bounces@...] On Behalf Of Peter Williams
Sent: Thursday, January 13, 2011 3:52 PM
To: spdx@...
Subject: Re: Purpose of licensing info

What about naming the field that represents the actual license of a
file/package "License". In the current spec File already has such a
property so all that would have to be done is adjust the verbiage
slightly and make it apply to packages too.

"LicenseDetected" is a little ambiguous for what this field actually
represents. "DeclaredLicenses" would be clearer. "DeclaredLicenses"
also has the advantage already being defined on package and it means
the same thing there. We could just make that property apply to
files too.

Peter
openlogic.com

On Thu, Jan 13, 2011 at 12:46 PM, <kate.stewart@...> wrote:
Based on discussions on the SPDX call today, I think we are closing in on the following proposal for the file level to address the concerns raised by Open Logic.

There will be a special call tomorrow at 9am EST to get resolution on this issue.  Please let Esteban Rockett or myself know,  off-list, if you are interested in participating and were not in the legal call yesterday or the coordination call today.

Proposal:  section 5.3 (License(s)) of the spec will become 3 fields:

5.3a Asserted License

5.3a.1 Purpose: This field contains the license governing the file if it can be determined.  If no license information can be determined, the license is denoted as "Unknown".   The licenses should use the standard short form names.   See Appendix I for standardized license short forms.  If a Detected License is not one of the standardized license short forms, this field must contain a reference to the full licenses text included in this SPDX file in section 4.  If more than one license is detected in the file, then each should be listed.  If any of the detected licenses offer the recipient a choice of licenses, then each of the choices will be declared as a "disjunctive" license.

5.3a.2 Intent: Here, the intent is to have a uniform method to refer to the license that is determined to represent the file with specificity to eliminate any license confusion.  For example, the 3 clause BSD would have a different license identifier then the 4 clause BSD.

5.3a.3 Cardinality:  Mandatory, one.

5.3a.4 Tag: "LicenseAsserted:"

5.3a.5 RDF: TBD  (include Disjunctive form here)

5.3a.6 Data Format: <short form identifier in Appendix I> | "FullLicense"-N

5.3a.7 Example:
LicenseAsserted: GPL-2.0


5.3b Detected License(s)

5.3b.1 Purpose: This field contains the license governing the file if it is known.  It will be explicit from the file header or other information found in the file's source code.    If no license information is found it should be denoted as "NotSpecified".  If no license information can be determined, the license is denoted as "Unknown".   The licenses should use the standard short form names.   See Appendix I for standardized license short forms.  If a Detected License is not one of the standardized license short forms, this field must contain a reference to the full licenses text included in this SPDX file in section 4.  If more than one license is detected in the file, then each should be listed.  If any of the detected licenses offer the recipient a choice of licenses, then each of the choices will be declared as a "disjunctive" license.

5.ba.2 Intent: Here, the intent is to have a uniform method to refer to each license with specificity to eliminate any license confusion.  For example, the 3 clause BSD would have a different license identifier then the 4 clause BSD.

5.3b.3 Cardinality:  Mandatory, one or many.

5.3b.4 Tag: "LicenseDetected:"

5.3b.5 RDF: TBD (not including disjunctive form, if multiple many should be specified )

5.3b.6 Data Format: <short form identifier in Appendix I> | "FullLicense"-N

5.3b.7 Example:
LicenseDetected: GPL-2.0
LicenseDetected: FullLicense-2


5.3c License Comments

5.3c.1 Purpose: This field is a detailed description of the analysis and any relevent background references that went in to making the asserted license for a file, if the asserted license does not match the detected license that the person creating the SPDX file wants to share with the reviewers.

5.3c.2 Intent:  Here, the intent is to provide technical readers/reviewers with a detailed technical explanation of how the asserted license was determined if it does not match the detected license.

5.3c.3 Cardinality: Optional, single instance

5.3c.4 Tag: "LicenseComments:"

5.3c.5 RDF: TBD

5.3c.6 Data Format: free form text than can span multiple lines, preceded with <text> and ending with </text>.

5.3c.7 Example: LicenseComments: <text> The asserted license was taken from the package level that the file was included in.  </text>

The above is preliminary at this point, so needs some polishing.  I've entered it in bugzilla (http://bugs.linux-foundation.org/show_bug.cgi?id=625), so after the discussion tomorrow, feel free to subscribe, and make improvements there.

Kate
_______________________________________________
Spdx mailing list
Spdx@...
https://fossbazaar.org/mailman/listinfo/spdx
_______________________________________________
Spdx mailing list
Spdx@...
https://fossbazaar.org/mailman/listinfo/spdx


Re: Purpose of licensing info

Peter Williams <peter.williams@...>
 

On Thu, Jan 13, 2011 at 3:46 PM, Peterson, Scott K (HP Legal)
<scott.k.peterson@...> wrote:
Kate and Peter --

I am trying to understand the meaning and value of "detected" and/or "declared" as distinguished from "your best guess", i.e., "asserted".

What would be the value of the detected or declared field for the two cases where the file included one of these strings:

"This file is licensed under the same terms as Perl."
I don't know about this one. Would this statement be representable in
a declared license file? It requires multiple facts and deduction
based on those facts to determine what licenses are actually being
referenced. It that sort of inference is allowed i can think of
several options for rendering it into the spdx model. It would either
be a simple list of the licenses or a composite licensing info
structure if we want to preserve the junctive relationships in the
declaration.

"For license terms, see the file LICENSE."
In this case the value of the declared licenses field would be the
identifier for LICENSE. Either a short form license id from the
standard list or the locally unique embedded license id for that
license.

Peter
openlogic.com


Licence abbreviations?

dmg
 

Hi Everybody,

is there a place where the abbreviations (as to be used in the SPDX
document) are listed? This page only lists the full names.

http://www.spdx.org/licenses/


--
--
Daniel M. German
http://turingmachine.org/
http://silvernegative.com/
dmg (at) uvic (dot) ca
replace (at) with @ and (dot) with .


Re: Licence abbreviations?

Jilayne Lovejoy <Jlovejoy@...>
 

Daniel,

The license list spreadsheet is located here:
http://spdx.org/wiki/working-version-license-list

The most recent version is 1.4 and will have a column with the short
names therein. The associated word doc just has some explanations
regarding the fields, etc.

Jilayne

-----Original Message-----
From: spdx-bounces@... [mailto:spdx-bounces@...]
On Behalf Of D M German
Sent: Thursday, January 13, 2011 6:43 PM
To: spdx@...
Subject: Licence abbreviations?


Hi Everybody,

is there a place where the abbreviations (as to be used in the SPDX
document) are listed? This page only lists the full names.

http://www.spdx.org/licenses/


--
--
Daniel M. German
http://turingmachine.org/
http://silvernegative.com/
dmg (at) uvic (dot) ca
replace (at) with @ and (dot) with .
_______________________________________________
Spdx mailing list
Spdx@...
https://fossbazaar.org/mailman/listinfo/spdx


Re: Licence abbreviations?

dmg
 

Thanks Jylayne,

one thing that would be useful (for those of us wanting to identify
the license of a file) is to have examples of the use of each license
(not the license itself,
but how it is used). Many of these licenses, I haven't seen them in the wild.

---dmg

On Fri, Jan 14, 2011 at 11:13 AM, Jilayne Lovejoy
<Jlovejoy@...> wrote:
Daniel,

The license list spreadsheet is located here:
http://spdx.org/wiki/working-version-license-list

The most recent version is 1.4 and will have a column with the short
names therein.  The associated word doc just has some explanations
regarding the fields, etc.

Jilayne

-----Original Message-----
From: spdx-bounces@... [mailto:spdx-bounces@...]
On Behalf Of D M German
Sent: Thursday, January 13, 2011 6:43 PM
To: spdx@...
Subject: Licence abbreviations?


Hi Everybody,

is there a place where the abbreviations (as to be used in the SPDX
document) are listed? This page only lists the full names.

http://www.spdx.org/licenses/


--
--
Daniel M. German
http://turingmachine.org/
http://silvernegative.com/
dmg (at) uvic (dot) ca
replace (at) with @ and (dot) with .
_______________________________________________
Spdx mailing list
Spdx@...
https://fossbazaar.org/mailman/listinfo/spdx



--
--dmg

---
Daniel M. German
http://turingmachine.org


Re: Licence abbreviations?

Jilayne Lovejoy <Jlovejoy@...>
 

What kind of example did you have in mind? Do you mean an example of a particular software package that uses a particular license?

Sent from J's iPhone

On Jan 13, 2011, at 7:22 PM, "dmg" <dmg@...> wrote:

Thanks Jylayne,

one thing that would be useful (for those of us wanting to identify
the license of a file) is to have examples of the use of each license
(not the license itself,
but how it is used). Many of these licenses, I haven't seen them in the wild.

---dmg

On Fri, Jan 14, 2011 at 11:13 AM, Jilayne Lovejoy
<Jlovejoy@...> wrote:
Daniel,

The license list spreadsheet is located here:
http://spdx.org/wiki/working-version-license-list

The most recent version is 1.4 and will have a column with the short
names therein. The associated word doc just has some explanations
regarding the fields, etc.

Jilayne

-----Original Message-----
From: spdx-bounces@... [mailto:spdx-bounces@...]
On Behalf Of D M German
Sent: Thursday, January 13, 2011 6:43 PM
To: spdx@...
Subject: Licence abbreviations?


Hi Everybody,

is there a place where the abbreviations (as to be used in the SPDX
document) are listed? This page only lists the full names.

http://www.spdx.org/licenses/


--
--
Daniel M. German
http://turingmachine.org/
http://silvernegative.com/
dmg (at) uvic (dot) ca
replace (at) with @ and (dot) with .
_______________________________________________
Spdx mailing list
Spdx@...
https://fossbazaar.org/mailman/listinfo/spdx



--
--dmg

---
Daniel M. German
http://turingmachine.org


Re: Licence abbreviations?

dmg
 

On Fri, Jan 14, 2011 at 11:31 AM, Jilayne Lovejoy
<Jlovejoy@...> wrote:
What kind of example did you have in mind? Do you mean an example of a particular software package that uses a particular license?
A file that contains it. For example, this is the usage of the
GPL-2.0+ (excerpted from a Bison file):

usage is very different from the text of the license itself.

--dmg

---------------------------------------------------------------------------------------------
/* A Bison parser, made by GNU Bison 1.875. */

/* Skeleton parser for Yacc-like parsing with Bison,
Copyright (C) 1984, 1989, 1990, 2000, 2001, 2002 Free Software
Foundation, Inc.

This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2, or (at your option)
any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place - Suite 330,
Boston, MA 02111-1307, USA. */


--
--dmg

---
Daniel M. German
http://turingmachine.org

241 - 260 of 1604