|
Re: Licensing Workshop at LinuxTag 2011 (XML errors)
Soeren_Rabenstein@...
http://spdx.org/licenses/ISC andI am not sure who manages this page, but someerror.others cannot be displayed on my firefox as they give a xml parsing Confirming this problem for Firefox 4.0.1 (Win32) Cheers Soeren ===================================================================================================================================== This email and any attachments to it contain confidential information and are intended solely for the use of the individual to whom it is addressed.If you are not the intended recipient or receive it accidentally, please immediately notify the sender by e-mail and delete the message and any attachments from your computer system, and destroy all hard copies. If any, please be advised that any unauthorized disclosure, copying, distribution or any action taken or omitted in reliance on this, is illegal and prohibited. Furthermore, any views or opinions expressed are solely those of the author and do not represent those of ASUSTeK. Thank you for your cooperation. ===================================================================================================================================== |
|
|
|
Re: license name question
Philip Odence
First, let me be a pain in the neck and suggest we should move this
toggle quoted message
Show quoted text
discussion to the spdx-legal list. We've committed to limiting this general list to more summary information and less real work. My opinion on the discussion below is that this is a license that it not on the list, so needs to be treated as a custom license. It would be a candidate for the list and could be nominated once the Biz team defines a mechanism for new license inclusion. On 5/25/11 2:47 PM, "Bob Gobeille" <bob.gobeille@...> wrote:
I brought this up because it is a new signature in FOSSology and I'd like |
|
|
|
Re: license name question
Bob Gobeille
I brought this up because it is a new signature in FOSSology and I'd like the name to be as close to the SPDX guidelines as possible. I really like Daniel's method of identifying disjunctive licenses, but I don't see that syntax in the SPDX guideline.
toggle quoted message
Show quoted text
Would "GPL-2+-KDEupgradeClause" convey appropriate meaning? Or maybe I should use Daniel's name until this is formalized or added to the license list? Bob On May 25, 2011, at 10:40 AM, Jilayne Lovejoy wrote:
Daniel, et al. |
|
|
|
Re: Licensing Workshop at LinuxTag 2011 (XML errors)
Gary O'Neall
Hi Juergen,
toggle quoted message
Show quoted text
Thanks for pointing out the errors. I believe this is a known encoding error which should be fixed when we next update the licenses. This will be fixed on the next update. We don't have a specific date for the next update but it should be less than a week from now. Gary -----Original Message-----
From: spdx-bounces@... [mailto:spdx-bounces@...] On Behalf Of Juergen Weigert Sent: Wednesday, May 25, 2011 7:53 AM To: Joerg Schilling Cc: hoefel@...; cdenicolo@...; sebastian@...; fatih@...; vuntz@...; jsstewart@...; n-roeser@...; misc@...; zack@...; amanda.brock@...; spdx@...; jmbsvicetto@... Subject: Re: Licensing Workshop at LinuxTag 2011 (XML errors) On May 25, 11 15:26:01 +0200, Joerg Schilling wrote: I am not sure who manages this page, but http://spdx.org/licenses/ISC andsome others cannot be displayed on my firefox as they give a xml parsing error.Firefox diagnostics are misleading here. We have https://bugzilla.mozilla.org/show_bug.cgi?id=655661 for this. The SPDX pages are served with mime-type application/xml, but entities are used that are illegal in XML. We should either promote to application/html or get all entities fixed. Do we have anybody at SPDX, who would want to look into this? thanks, JW- -- o \ Juergen Weigert paint it green! __/ _=======.=======_ <V> | jw@... back to ascii! __/ _---|____________\/ \ | 0911 74053-508 __/ (____/ /\ (/) | _____________________________/ _/ \_ vim:set sw=2 wm=8 SUSE LINUX Products GmbH, GF: Jeff Hawn, J.Guild, F.Immendoerffer, HRB 16746 (AG Nuernberg), Maxfeldstrasse 5, 90409 Nuernberg, Germany SuSE. Supporting Linux since 1992. _______________________________________________ Spdx mailing list Spdx@... https://fossbazaar.org/mailman/listinfo/spdx |
|
|
|
Re: Licensing Workshop at LinuxTag 2011
Bruno Cornec <Bruno.Cornec@...>
Hello,
Ciaran Farrell said on Wed, May 25, 2011 at 01:35:01PM +0200: Currently, one example of an online collaborative effort (under the auspicesJust for completion (and maybe discussion with them), I attended a session at the latest Solutions Linux in Paris, where a project called Open Source Cartouche was described, which is near from SPDX. Cf: http://www.opensourcecartouche.org/ (Shameless plug for the source: http://brunocornec.wordpress.com/2011/05/12/second-day-at-solutions-linux-2011/) "Open Source Cartouche by Philippe-Arnaud Haranger (Atos Origin – Team Pascal Pujo) Study made around an Aerospatial customer. 9 years of devs, and strong willingness to use FLOSS components. Study showed incompatible licenses. Copy/Paste of code in 2000+ bricks. Quote: “My God ! What have been done ?” Licensing wasn’t a priority (they already didn’t document) Code contamination is made on purpose, because they need it, and is due to local teams, outsourcing, and external application maintenance. Consequences: licenses not respected, proprietary code tainted (PI loss) Open Source was favoured, but in reality they created risks. Solutons: Strong governance (creates too many constraints in general) or Tooling (cost, but efficient) or Manual Audit (cost, complex, impact) or take risk (costs and impact) or open source the SW (anyway conformity required, but impact as irreversible). The earlier it’s done the less it costs. Solution is Open Source Cartouche (what is around the Pharaon) – derived from QSOS. Identify licenses and the recursivity of components integrated It’s a structural approach beforehands, instead of scan afterwards (even if this is also required) Put more trust in the FLOSS, Avoid contamination and protect community works. Presenter asked the possibility of using this formalism in FOSSology ? Some Remarks on my side: I asked the question: What is the position vs SPDX ? I think they are probably in competition, and that they forget to consider it before launching something on their side. What is important is to have a standard adopted. The answer was that there is a fear of Blackduck that may create problems for communities. Their standard proposal is simpler than SPDX so more pragmatic, and thus propably easier to adopt by FLOSS projects. And the team is open to make required adaptations. However, it won’t work as a franco-french stuff !! I think we need an SPDX lite if we aim at being adopted by FLOSS projects, as the current status of the project is just only understandable by lawyers. I’ll try to generate some discussions around that on the SPDX ML. Thinking about all this I think it would be valuable as well to lauch a new initiative to create the CERT/CVE base of licenses violations, working on the same model (disclosure after problem is solved)." HTH, Bruno. -- Open Source & Linux Profession Lead EMEA / http://opensource.hp.com HP/Intel/Red Hat Open Source Solutions Initiative / http://www.hpintelco.net http://www.HyPer-Linux.org http://mondorescue.org http://project-builder.org La musique ancienne? http://www.musique-ancienne.org http://www.medieval.org |
|
|
|
Re: license name question
Jilayne Lovejoy <jilayne.lovejoy@...>
Daniel, et al.
By "KDEupgradeClause" you are referring to the previous posts re: KDE reserving the right to decide on post-v3 versions of GPL as well, is that right? I suppose from the standpoint of our current SPDX license list short and the spec guidelines, Daniel has a good point and my previous suggestion that it would be "GPLv2+" (I know, that is not the exact correct short identifier, but for expediency purposes...) is not exactly right, but more accuratly, it would be: a disjunctive set of GPLv2 or GPLv3 Jilayne On 5/25/11 10:35 AM, "Daniel M. German" <dmg@...> wrote: Hi Bob, Scott, Jilayne, Armijn,Jilayne Lovejoy | Corporate Counsel jlovejoy@... 720 240 4545 | phone 720 240 4556 | fax 1 888 OpenLogic | toll free www.openlogic.com OpenLogic, Inc. 10910 W 120th Ave, Suite 450 Broomfield, Colorado 80021 |
|
|
|
Re: license name question
dmg
Hi Bob, Scott, Jilayne, Armijn,
On Wed, May 25, 2011 at 8:51 AM, Lamons, Scott (Open Source Program Office) <scott.lamons@...> wrote: This is the way I read it as well. However I don't know why they wouldn't just license it under GPLv2 or GPLv3 and eliminate the "or (at your option) any later version..." which seems completely unnecessary and forces you into effectively dealing with a non-standard license in SPDX.We (as in Ninka) decided to consider this a (GPLv2 | GPLv3-KDEupgradeClause). It can also be considered: (GPLv2 | GPLv3 | GPLv3-KDEupgradeClause) from a practical point of view that would simplify analysis. It is not a GPLv2+ or (GPLv2| GPLv3+) since the upgrade path is different (in the former one the KDE foundation decides the upgrade path, in the latter the FSF). --dmg My 2 cents. -- --dmg --- Daniel M. German http://turingmachine.org |
|
|
|
Re: license name question
Armijn Hemel <armijn@...>
On 05/25/2011 05:51 PM, Lamons, Scott (Open Source Program Office) wrote:
This is the way I read it as well. However I don't know why they wouldn't just license it under GPLv2 or GPLv3 and eliminate the "or (at your option) any later version..." which seems completely unnecessary and forces you into effectively dealing with a non-standard license in SPDX.Because KDE e.V. is a German non-profit and its members like to have endless meetings ;-) Kidding aside, this license change came a few years ago because they went through a lot of pain when they wanted to relicense some code. The KDE project spent 1.5 years trying to track down five copyright holders for this license change. They did not respond for a variety of reasons ('dropped off the planet', 'dead', etc.) and KDE did not want to ever go through a similar painful process in the future, so this was part of their solution. (more details available from Adriaan de Groot from KDE) armijn -- ------------------------------------------------------------------------ armijn@... || http://www.gpl-violations.org/ ------------------------------------------------------------------------ |
|
|
|
Re: license name question
Lamons, Scott (Open Source Program Office) <scott.lamons@...>
This is the way I read it as well. However I don't know why they wouldn't just license it under GPLv2 or GPLv3 and eliminate the "or (at your option) any later version..." which seems completely unnecessary and forces you into effectively dealing with a non-standard license in SPDX.
toggle quoted message
Show quoted text
My 2 cents. -Scott -----Original Message----- |
|
|
|
Re: license name question
Bob Gobeille
doh!
toggle quoted message
Show quoted text
Thank you and Armijn for straightening me out. So would a reasonable license name be "GPL-2+-KDE" ? Bob Gobeille On May 25, 2011, at 9:43 AM, Jilayne Lovejoy wrote:
This would be GPL-2+ - as it's really just describing GPL v2 or later. |
|
|
|
Re: license name question
Jilayne Lovejoy <jilayne.lovejoy@...>
This would be GPL-2+ - as it's really just describing GPL v2 or later.
THere is no GPL v2.1 (that would be LGPL v2.1, I know, confusing!) As for the KDE exception - the notice reads to me that KDE is reserving the right to approve future versions of the GPL for use as the license for this code, which seems different to me than an exception. I understand it to be saying - 'if there's a GPL v4, we want the chance to check that out and accept or not accecpt it instead of preemptively saying we'll accept a license before it has even been written.' Makes sense and seems reasonable, actually. I guess I would think of this as different than an exception, since usually an exception usually adds or modifies the terms of the original license, which I suppose this does in a way, but in a different way than we usually think of? Jilayne On 5/25/11 9:34 AM, "Bob Gobeille" <bob.gobeille@...> wrote: I just ran into the following license. It is GPL v2 or GPL v3+ KDEJilayne Lovejoy | Corporate Counsel jlovejoy@... 720 240 4545 | phone 720 240 4556 | fax 1 888 OpenLogic | toll free www.openlogic.com OpenLogic, Inc. 10910 W 120th Ave, Suite 450 Broomfield, Colorado 80021 |
|
|
|
Re: license name question
Armijn Hemel <armijn@...>
On 05/25/2011 05:34 PM, Bob Gobeille wrote:
I just ran into the following license. It is GPL v2 or GPL v3+ KDE exception. Note the absence of GPLv2.1. If 2.1 was included, the name would be GPL-2+-with-KDE-exception, but since it isn't, what is the protocol?I've never heard of GPLv2.1, but if you mean LGPLv2.1, the KDE project has a similar license for that too. Basically this license says: "KDE e.V. currently only approves GPLv2 or GPLv3, but if the members of KDE e.V. approve a newer version, then that license is OK for this code too" armijn -- ------------------------------------------------------------------------ armijn@... || http://www.gpl-violations.org/ ------------------------------------------------------------------------ |
|
|
|
license name question
Bob Gobeille
I just ran into the following license. It is GPL v2 or GPL v3+ KDE exception. Note the absence of GPLv2.1. If 2.1 was included, the name would be GPL-2+-with-KDE-exception, but since it isn't, what is the protocol?
GPL-2or3-with-KDE-exception ??? Here is the code license notice: /**************************************************************************************** * Copyright (c) 2007 Ian Monroe <ian@...> * * (c) 2010 Jeff Mitchell <mitchell@...> * * * * This program is free software; you can redistribute it and/or modify it under * * the terms of the GNU General Public License as published by the Free Software * * Foundation; either version 2 of the License, or (at your option) version 3 or * * any later version accepted by the membership of KDE e.V. (or its successor approved * * by the membership of KDE e.V.), which shall act as a proxy defined in Section 14 of * * version 3 of the license. * * * * This program is distributed in the hope that it will be useful, but WITHOUT ANY * * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A * * PARTICULAR PURPOSE. See the GNU General Public License for more details. * * * * You should have received a copy of the GNU General Public License along with * * this program. If not, see <http://www.gnu.org/licenses/>. * ****************************************************************************************/ Thanks, Bob Gobeille Hewlett Packard Open Source Program Office (http://fossology.org) |
|
|
|
Re: Licensing Workshop at LinuxTag 2011 (XML errors)
Juergen Weigert <jw@...>
On May 25, 11 15:26:01 +0200, Joerg Schilling wrote:
I am not sure who manages this page, but http://spdx.org/licenses/ISC and someFirefox diagnostics are misleading here. We have https://bugzilla.mozilla.org/show_bug.cgi?id=655661 for this. The SPDX pages are served with mime-type application/xml, but entities are used that are illegal in XML. We should either promote to application/html or get all entities fixed. Do we have anybody at SPDX, who would want to look into this? thanks, JW- -- o \ Juergen Weigert paint it green! __/ _=======.=======_ <V> | jw@... back to ascii! __/ _---|____________\/ \ | 0911 74053-508 __/ (____/ /\ (/) | _____________________________/ _/ \_ vim:set sw=2 wm=8 SUSE LINUX Products GmbH, GF: Jeff Hawn, J.Guild, F.Immendoerffer, HRB 16746 (AG Nuernberg), Maxfeldstrasse 5, 90409 Nuernberg, Germany SuSE. Supporting Linux since 1992. |
|
|
|
Re: Licensing Workshop at LinuxTag 2011
Joerg Schilling <Joerg.Schilling@...>
Ciaran Farrell <cfarrell@...> wrote:
before LinuxTag 2011 I sent around invitations to this workshop "Cross... Currently, one example of an online collaborative effort (under the auspicesI am not sure who manages this page, but http://spdx.org/licenses/ISC and some others cannot be displayed on my firefox as they give a xml parsing error. I'm more than interested in hearing your comments, feedback and opinions. I just had a small discussion with Thomas Gordon who wrote Carneades: http://carneades.berlios.de/ His software currently uses an interactive questionaire but it could be enhanced to read specs that contain a list of licenses and code relations as well as general rules on how to interpret licenses (e.g. whether the GPL is to be interpreted as being in conflict with US Copyright law title 17 paragraph 106 or not) and then could output a license compatibility report. Doing this automatically on a large number of software projects could be used to find out whether a specific license intepretation would affect a large number of OSS projects that are typicallally shipped on distros. Carneades currently contains basic rules for a few licenses. There would be a need to refine the rules and to add more licenses but the engine is ready.... Jörg -- EMail:joerg@... (home) Jörg Schilling D-13353 Berlin js@... (uni) joerg.schilling@... (work) Blog: http://schily.blogspot.com/ URL: http://cdrecord.berlios.de/private/ ftp://ftp.berlios.de/pub/schily |
|
|
|
Re: Licensing Workshop at LinuxTag 2011
Amanda Brock <amanda.brock@...>
Ciaran
toggle quoted message
Show quoted text
Kate Stewart is the Chair of SPDX and represents Canonical on this. I have asked her to respond to this and would be pleased if you could please keep both of us on the thread. All the best Amanda Amanda Brock, General Counsel Canonical 27 Floor, Millbank Tower London SW1P 4QP +44 2076302446 +44 7809389878 Ubuntu - Linux for Human Beings www.canonical.com On 25/05/11 12:35, Ciaran Farrell wrote:
|
|
|
|
Licensing Workshop at LinuxTag 2011
Ciaran Farrell
Hi, before LinuxTag 2011 I sent around invitations to this workshop "Cross Distribution Licensing Summit": http://is.gd/7GF9Ar (linuxtag.org) Some of you indicated that you would not be able to make it. As it turned out there was not a huge variety of distributions present there, but I think that the discussion that we had was nonetheless quite enlightening. We saw that there is a variety of ways in which distributions describe the license of a package (or a component of a package) - where the distributions actually mean the same license but have different designations (short names) for their package metadata. Whereas we didn't actually conclusively decide on anything, we did agree that it would be beneficial if the distributions would adopt a common scheme of designating license names. Currently, one example of an online collaborative effort (under the auspices of the Linux Foundation) is SPDX (spdx.org) (which has been adopted by Debian in DEP5). The workgroup at SPDX.org has come up with a list of commonly used licenses (see http://www.spdx.org/licenses). The list has many licenses but not all licenses that distributions will likely need to track and reference. There should not be a problem with submitting more licenses to SPDX so be included in that list. Therefore, I'd like to propose that we evaluate as a group the possibility of standardising how we refer to licenses based on SPDX. I know that there has been considerable criticism of the absence of numerous licenses from the SPDX list, but I believe that if we inform the SPDX working group of the licenses we would like to see included and if they are in fact included, the benefits will be quite substantial. I'm more than interested in hearing your comments, feedback and opinions. Also, I've included as many people on the mail thread as I could and I believe I have reached a large number of distributions. However, if anybody is aware of a person/company who could be interested, please do forward this mail. Ciaran -- Ciaran Farrell __o cfarrell@... _`\<,_ Phone: +49 (0)911 74053 262 (_)/ (_) SUSE LINUX Products GmbH, GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer, HRB 16746 (AG Nürnberg) Maxfeldstraße 5 90409 Nürnberg Germany /ˈkiː.ræn/ |
|
|
|
Typo 'Nauman' in spreadsheet
Juergen Weigert <jw@...>
Hi SPDX-team!
I just downloaded spdx_lienelist_v1.11.ods and spotted this Naumen Public License Nauman http://www.opensource.org/licenses/naumen.php I figure the short name should say 'Naumen', right? cheers, JW- -- o \ Juergen Weigert paint it green! __/ _=======.=======_ <V> | jw@... back to ascii! __/ _---|____________\/ \ | 0911 74053-508 __/ (____/ /\ (/) | _____________________________/ _/ \_ vim:set sw=2 wm=8 SUSE LINUX Products GmbH, GF: Jeff Hawn, J.Guild, F.Immendoerffer, HRB 16746 (AG Nuernberg), Maxfeldstrasse 5, 90409 Nuernberg, Germany SuSE. Supporting Linux since 1992. |
|
|
|
Agenda for Thursday SPDX General Meeting
Philip Odence
Meeting Time: May 19, 8am PDT / 10 am CDT / 11am EDT / 15:00 UTC. http://www.timeanddate.com/worldclock/converter.html Conf call dial-in: Conference code: 7812589502 Toll-free dial-in number (U.S. and Canada): (877) 435-0230 International dial-in number: (253) 336-6732 For those dialing in from other regions, a list of toll free numbers can be found: https://www.intercallonline.com/portlets/scheduling/viewNumbers/viewNumber.do?ownerNumber=6053870&audioType=RP&viewGa=false&ga=OFF Administrative Agenda
Technical Team Report - Kate Business Team Report - Kim Legal Team Report - Rockett/Karen Cross Functional Issues – Discussion Website update- Kirsten/Pierre/Steve Action Items Most of the action items belong with the Teams. So, in
|
|
|
|
Re: Question on SampleRDF
Mario Tokarz <mario@...>
Hi Peter,
On Fri, May 13, 2011 at 10:48:31AM -0600 , Peter Williams wrote: Hope these explanations clarify these issues. Any suggestions as toThanks for the clarifications. I am going to have a closer look at it again. I might have been working on a slightly outdated version of your specification though. When reading through, I noticed some minor issues but I would rather write those down for an official version of the document, e.g. the next beta release. Is there another version scheduled for relase yet? Best, Mario -- BMW Car IT GmbH http://www.bmw-carit.de |
|
|