|
Yes, that's clearly the tradeoff, Soeren. I think the question is how "expensive" it is to add licenses to the list and maintain them. I suspect that as with the spec, we'll have a working area for candidate licenses and a process for promoting to the official list.
We had some in person discussion about this at the LinuxCon BoF session last night and it was clear that this subject needs more discussion and work. Thanks for joining in and shining some light on it.
Hi Phil Wouldn’t it make sense to include as many licenses as possible? (except maybe the very strange ones) Sure this will all more data to the specification. But limiting the specification may bloat Software BOMs with license texts (which would be required to be included under spdx, as I understand it). If you want to limit the covered licenses, I still definitely would vote for including · Ruby · Xfree · RhEcos and Ecos (the old version eCos is still surprisingly often present in embedded devices, regardless of the fact that RedHat dropped the project long time ago) · OSSL · OLDAP-2.8 Cheers Soeren From: spdx-bounces@... [mailto:spdx-bounces@...] On Behalf Of Philip Odence
Sent: Wednesday, August 11, 2010 6:33 PM
To: Soeren Rabenstein(Soeren Rabenstein, II.M.)
Cc: spdx@...
Subject: Re: Hello world and additional licenses Welcome, Soeren. Glad to have you aboard. This is certainly fair discussion. The goal has been to have the standard license list cover a large majority of cases (Kate's been talking about 90% coverage). Beyond that we have provided a mechanism for including licenses that are not on the list, the main differences being that for the latter the user will include the text of the license in the SPDX file, not just a reference to our list. So, that fact that you have run across a license in your work would not on the face say that it meets the criteria for being included on the list. Do you think the licenses you list are fairly common and would belong on the list for that reason? Or do you think our criteria are too tight and that we should try to be more comprehensive in our coverage? Vice President of Business Development Black Duck Software, inc. 265 Winter Street, Waltham, MA 02451 Phone: 781.810.1819, Mobile: 781.258.9502
Hello spdx mailing list I guess I am the first new subscriber, since you went public? My name is Soeren Rabenstein, I am in ASUSTeK's legal department since early 2009 and responsible for European legal compliance as well as implementation of a FOSS license compliance program. Thank you for creating the specification. We are very interested in bringing forward the standard, since "Software-BOMs" form a key element of our compliance program (we actually switched to the term "BOC"="Bill of Code", to avoid confusion with actual, physical BOMs) and supply chain management turned out to be the biggest challenge over here. As a first contribution, I compared the list of specified licenses in the spdx-draft with my own approval list. As a result I would like to propose the following licenses to be added to spdx. With the exception of the last item, these are all licenses I came across during my practice. I may add them myself through the wiki, but currently I cannot see a working wiki page on this. I am also happy to dig our more licenses that are not yet listed. License Identifier: ClArtistic Formal Name: Clarified Artistic License 1.0 URL: http://www.ncftp.com/ncftp/doc/LICENSE.txt License Identifier: XFree86-1.1 Formal Name: XFree86 License 1.1 URL: http://www.xfree86.org/current/LICENSE4.html License Identifier: Ruby Formal Name: Ruby License URL: http://www.ruby-lang.org/en/LICENSE.txt License Identifier: RHeCos Formal Name: Red Hat eCos Public License v1.1 URL: http://ecos.sourceware.org/old-license.html License Identifier: eCos Formal Name: The eCos license version 2.0 URL: http://www.gnu.org/licenses/ecos-license.html License Identifier: OSSL Formal Name: OpenSSL License URL: ? (No direct web source known, license text therefore attached to this mail) License Identifier: ErlPL Formal Name: Erlang Public License Version 1.1 URL: http://www.erlang.org/EPLICENSE License Identifier: gsoPL Formal Name: gSOAP Public License Version 1.3b URL: http://www.cs.fsu.edu/~engelen/license.htmlLicense Identifier: SugPL Formal Name: SugarCRM Public License URL: http://www.sugarcrm.com/crm/SPLLicense Identifier: YPL Formal Name: Yahoo! Public License 1.1 URL: http://www.zimbra.com/license/yahoo_public_license_1.1.html License Identifier: OLDAP-2.8 Formal Name: OpenLDAP Public License Version 2.8 URL: http://www.openldap.org/software/release/license.html License Identifier: ZimPL Formal Name: Zimbra Public License, Version 1.3 URL: http://www.zimbra.com/license/zimbra-public-license-1-3.html ...AND OF COURSE ;) License Identifier: WTFPL Formal Name: Do What The Fuck You Want To Public License URL: http://sam.zoy.org/wtfpl/ Kind regards Soeren Rabenstein ____________________________________________________________ ASUSTeK COMPUTER INC. Soeren Rabenstein, LL.M. Legal Affairs Center - Legal Compliance Dept. 15, Li-Te Rd., Taipei 112, Taiwan Tel.: (+886) 2 2894 3447 Ext.2372 Fax.: (+886) 2 2890 7674 soeren_rabenstein@...____________________________________________________________ ===================================================================================================================================== This email and any attachments to it contain confidential information and are intended solely for the use of the individual to whom it is addressed.If you are not the intended recipient or receive it accidentally, please immediately notify the sender by e-mail and delete the message and any attachments from your computer system, and destroy all hard copies. If any, please be advised that any unauthorized disclosure, copying, distribution or any action taken or omitted in reliance on this, is illegal and prohibited. Furthermore, any views or opinions expressed are solely those of the author and do not represent those of ASUSTeK. Thank you for your cooperation. ===================================================================================================================================== <OpenSSL-License.txt><ATT00001..c> =====================================================================================================================================
This email and any attachments to it contain confidential information and are intended solely for the use of the individual to whom it
is addressed.If you are not the intended recipient or receive it accidentally, please immediately notify the sender by e-mail and delete
the message and any attachments from your computer system, and destroy all hard copies. If any, please be advised that any unauthorized
disclosure, copying, distribution or any action taken or omitted in reliance on this, is illegal and prohibited. Furthermore, any views
or opinions expressed are solely those of the author and do not represent those of ASUSTeK. Thank you for your cooperation.
=====================================================================================================================================
|
|
|
Kate was right, I should have gone l,to LinuxConf
in the same line as Richard comment, why not include every license
found in the Linux kernel?
I am sure many of you have customers that need this data for the kernel
in fact, last week I discuss that the kernel is a very good exercise
to test the spec
much better than simple examples. If it can do the kernel, it could do
almost anything
---dmg
toggle quoted message
Show quoted text
On 8/11/10, Richard Fontana <rfontana@...> wrote: On Wed, Aug 11, 2010 at 06:33:01AM -0400, Philip Odence wrote:
So, that fact that you have run across a license in your work would not on
the
face say that it meets the criteria for being included on the list. Do you
think the licenses you list are fairly common and would belong on the list
for
that reason? Hi,
(First, happy to join this list after attending the LinuxCon session
yesterday.)
Of the ones Soeren listed, the OpenSSL license (or, I guess,
conjunction-of-licenses) stands out to me as one of the most commonly
encountered (it is not 'common' in the sense of being reused by
different projects, but because of the ubiquity of OpenSSL). Although
this may not bear on criteria for list inclusion, it is also a license
that often leads to angst for Linux distributions because of GPL
incompatibility arguments and the presence of an advertising clause.
- Richard
Richard E. Fontana
Open Source Licensing and Patent Counsel
Red Hat, Inc.
direct: +1 978 392 2423
mobile: +1 978 397 1504
fax: +1 978 392 1001
mail: rfontana@...
_______________________________________________
Spdx mailing list
Spdx@...
https://fossbazaar.org/mailman/listinfo/spdx
|
|
|
On Wed, Aug 11, 2010 at 06:33:01AM -0400, Philip Odence wrote: So, that fact that you have run across a license in your work would not on the
face say that it meets the criteria for being included on the list. Do you
think the licenses you list are fairly common and would belong on the list for
that reason? Hi, (First, happy to join this list after attending the LinuxCon session yesterday.) Of the ones Soeren listed, the OpenSSL license (or, I guess, conjunction-of-licenses) stands out to me as one of the most commonly encountered (it is not 'common' in the sense of being reused by different projects, but because of the ubiquity of OpenSSL). Although this may not bear on criteria for list inclusion, it is also a license that often leads to angst for Linux distributions because of GPL incompatibility arguments and the presence of an advertising clause. - Richard Richard E. Fontana Open Source Licensing and Patent Counsel Red Hat, Inc. direct: +1 978 392 2423 mobile: +1 978 397 1504 fax: +1 978 392 1001 mail: rfontana@...
|
|
|
| Hi Soren, Welcome. Glad to have your input :)
Wiki version of spec needs to be refreshed to correspond to the latest draft, and I'll try to work on it this weekend. If anyone else has time before, just let me know and I'll bounce you the raw doc file.
Can definitely add the licenses you list immediately below (I agree about eCOS - saw it alot), and if the others you sent earlier are commonly being encountered in analysis - then yes they should be included. Will add the short list below to the next draft, at least, and based on others input we can figure out what to do with the others ( how common is the WTFPL? ;) ).
There's 1900+ licenses out there, and we're just trying to keep the tracking of licenses to a reasonable level.
Thoughts on criteria to be listed are it must be present in significant number of packages already or strategic (ie. new one, anticipated to be present). What defines "significant" is a good topic for the next call on Aug 26th.
Kate
|
--- On Wed, 8/11/10, Soeren_Rabenstein@... <Soeren_Rabenstein@...> wrote:
From: Soeren_Rabenstein@... <Soeren_Rabenstein@...>
Subject: RE: Hello world and additional licenses
To: podence@...
Cc: spdx@...
Date: Wednesday, August 11, 2010, 6:44 AM
Hi Phil
Wouldn’t it make sense to include as many licenses as
possible? (except maybe the very strange ones)
Sure this will all more data to the specification. But limiting
the specification may bloat Software BOMs with license texts (which would be
required to be included under spdx, as I understand it).
If you want to limit the covered licenses, I still definitely would
vote for including
·
Ruby
·
Xfree
·
RhEcos and Ecos (the old version eCos is still surprisingly
often present in embedded devices, regardless of the fact that RedHat dropped
the project long time ago)
·
OSSL
·
OLDAP-2.8
Cheers
Soeren
From:
spdx-bounces@... [mailto:spdx-bounces@...] On Behalf
Of Philip Odence
Sent: Wednesday, August 11, 2010 6:33 PM
To: Soeren Rabenstein(Soeren Rabenstein, II.M.)
Cc: spdx@...
Subject: Re: Hello world and additional licenses
Welcome, Soeren. Glad to have
you aboard.
This is certainly fair
discussion. The goal has been to have the standard license list cover a large
majority of cases (Kate's been talking about 90% coverage). Beyond that we have
provided a mechanism for including licenses that are not on the list, the main
differences being that for the latter the user will include the text of the
license in the SPDX file, not just a reference to our list.
So, that fact that you have run
across a license in your work would not on the face say that it meets the
criteria for being included on the list. Do you think the licenses you list are
fairly common and would belong on the list for that reason? Or do you think our
criteria are too tight and that we should try to be more comprehensive in our
coverage?
Vice President of Business
Development
Black Duck Software, inc.
265 Winter Street, Waltham, MA
02451
Phone: 781.810.1819, Mobile:
781.258.9502
Hello spdx mailing list
I guess I am the first new subscriber, since you went public?
My name is Soeren Rabenstein, I am in ASUSTeK's legal department since early
2009 and responsible for European legal compliance as well as implementation of
a FOSS license compliance program.
Thank you for creating the specification. We are very interested in bringing
forward the standard, since "Software-BOMs" form a key element of our
compliance program (we actually switched to the term "BOC"="Bill
of Code", to avoid confusion with actual, physical BOMs) and supply chain
management turned out to be the biggest challenge over here.
As a first contribution, I compared the list of specified licenses in the
spdx-draft with my own approval list. As a result I would like to propose the
following licenses to be added to spdx. With the exception of the last item,
these are all licenses I came across during my practice. I may add them myself
through the wiki, but currently I cannot see a working wiki page on this.
I am also happy to dig our more licenses that are not yet listed.
License Identifier: ClArtistic
Formal Name: Clarified Artistic License 1.0
URL: http://www.ncftp.com/ncftp/doc/LICENSE.txt
License Identifier: XFree86-1.1
Formal Name: XFree86 License 1.1
URL: http://www.xfree86.org/current/LICENSE4.html
License Identifier: Ruby
Formal Name: Ruby License
URL: http://www.ruby-lang.org/en/LICENSE.txt
License Identifier: RHeCos
Formal Name: Red Hat eCos Public License v1.1
URL: http://ecos.sourceware.org/old-license.html
License Identifier: eCos
Formal Name: The eCos license version 2.0
URL: http://www.gnu.org/licenses/ecos-license.html
License Identifier: OSSL
Formal Name: OpenSSL License
URL: ? (No direct web source known, license text therefore attached to this
mail)
License Identifier: ErlPL
Formal Name: Erlang Public License Version 1.1
URL: http://www.erlang.org/EPLICENSE
License Identifier: gsoPL
Formal Name: gSOAP Public License Version 1.3b
URL: http://www.cs.fsu.edu/~engelen/license.html
License Identifier: SugPL
Formal Name: SugarCRM Public License
URL: http://www.sugarcrm.com/crm/SPL
License Identifier: YPL
Formal Name: Yahoo! Public License 1.1
URL: http://www.zimbra.com/license/yahoo_public_license_1.1.html
License Identifier: OLDAP-2.8
Formal Name: OpenLDAP Public License Version 2.8
URL: http://www.openldap.org/software/release/license.html
License Identifier: ZimPL
Formal Name: Zimbra Public License, Version 1.3
URL: http://www.zimbra.com/license/zimbra-public-license-1-3.html
...AND OF COURSE ;)
License Identifier: WTFPL
Formal Name: Do What The Fuck You Want To Public License
URL: http://sam.zoy.org/wtfpl/
Kind regards
Soeren Rabenstein
____________________________________________________________
ASUSTeK COMPUTER INC.
Soeren Rabenstein, LL.M.
Legal Affairs Center - Legal Compliance Dept.
15, Li-Te Rd., Taipei 112, Taiwan
Tel.: (+886) 2 2894 3447 Ext.2372
Fax.: (+886) 2 2890 7674
soeren_rabenstein@...
____________________________________________________________
=====================================================================================================================================
This email and any attachments to it contain confidential information and are
intended solely for the use of the individual to whom it
is addressed.If you are not the intended recipient or receive it accidentally,
please immediately notify the sender by e-mail and delete
the message and any attachments from your computer system, and destroy all hard
copies. If any, please be advised that any unauthorized
disclosure, copying, distribution or any action taken or omitted in reliance on
this, is illegal and prohibited. Furthermore, any views
or opinions expressed are solely those of the author and do not represent those
of ASUSTeK. Thank you for your cooperation.
=====================================================================================================================================
<OpenSSL-License.txt><ATT00001..c>
=====================================================================================================================================
This email and any attachments to it contain confidential information and are intended solely for the use of the individual to whom it
is addressed.If you are not the intended recipient or receive it accidentally, please immediately notify the sender by e-mail and delete
the message and any attachments from your computer system, and destroy all hard copies. If any, please be advised that any unauthorized
disclosure, copying, distribution or any action taken or omitted in reliance on this, is illegal and prohibited. Furthermore, any views
or opinions expressed are solely those of the author and do not represent those of ASUSTeK. Thank you for your cooperation.
=====================================================================================================================================
-----Inline Attachment Follows-----
|
|
|
Hi Phil
Wouldn’t it make sense to include as many licenses as
possible? (except maybe the very strange ones)
Sure this will all more data to the specification. But limiting
the specification may bloat Software BOMs with license texts (which would be
required to be included under spdx, as I understand it).
If you want to limit the covered licenses, I still definitely would
vote for including
·
Ruby
·
Xfree
·
RhEcos and Ecos (the old version eCos is still surprisingly
often present in embedded devices, regardless of the fact that RedHat dropped
the project long time ago)
·
OSSL
·
OLDAP-2.8
Cheers
Soeren
From:
spdx-bounces@... [mailto:spdx-bounces@...] On Behalf
Of Philip Odence
toggle quoted message
Show quoted text
Sent: Wednesday, August 11, 2010 6:33 PM
To: Soeren Rabenstein(Soeren Rabenstein, II.M.)
Cc: spdx@...
Subject: Re: Hello world and additional licenses
Welcome, Soeren. Glad to have
you aboard.
This is certainly fair
discussion. The goal has been to have the standard license list cover a large
majority of cases (Kate's been talking about 90% coverage). Beyond that we have
provided a mechanism for including licenses that are not on the list, the main
differences being that for the latter the user will include the text of the
license in the SPDX file, not just a reference to our list.
So, that fact that you have run
across a license in your work would not on the face say that it meets the
criteria for being included on the list. Do you think the licenses you list are
fairly common and would belong on the list for that reason? Or do you think our
criteria are too tight and that we should try to be more comprehensive in our
coverage?
Vice President of Business
Development
Black Duck Software, inc.
265 Winter Street, Waltham, MA
02451
Phone: 781.810.1819, Mobile:
781.258.9502
Hello spdx mailing list
I guess I am the first new subscriber, since you went public?
My name is Soeren Rabenstein, I am in ASUSTeK's legal department since early
2009 and responsible for European legal compliance as well as implementation of
a FOSS license compliance program.
Thank you for creating the specification. We are very interested in bringing
forward the standard, since "Software-BOMs" form a key element of our
compliance program (we actually switched to the term "BOC"="Bill
of Code", to avoid confusion with actual, physical BOMs) and supply chain
management turned out to be the biggest challenge over here.
As a first contribution, I compared the list of specified licenses in the
spdx-draft with my own approval list. As a result I would like to propose the
following licenses to be added to spdx. With the exception of the last item,
these are all licenses I came across during my practice. I may add them myself
through the wiki, but currently I cannot see a working wiki page on this.
I am also happy to dig our more licenses that are not yet listed.
License Identifier: ClArtistic
Formal Name: Clarified Artistic License 1.0
URL: http://www.ncftp.com/ncftp/doc/LICENSE.txt
License Identifier: XFree86-1.1
Formal Name: XFree86 License 1.1
URL: http://www.xfree86.org/current/LICENSE4.html
License Identifier: Ruby
Formal Name: Ruby License
URL: http://www.ruby-lang.org/en/LICENSE.txt
License Identifier: RHeCos
Formal Name: Red Hat eCos Public License v1.1
URL: http://ecos.sourceware.org/old-license.html
License Identifier: eCos
Formal Name: The eCos license version 2.0
URL: http://www.gnu.org/licenses/ecos-license.html
License Identifier: OSSL
Formal Name: OpenSSL License
URL: ? (No direct web source known, license text therefore attached to this
mail)
License Identifier: ErlPL
Formal Name: Erlang Public License Version 1.1
URL: http://www.erlang.org/EPLICENSE
License Identifier: gsoPL
Formal Name: gSOAP Public License Version 1.3b
URL: http://www.cs.fsu.edu/~engelen/license.html
License Identifier: SugPL
Formal Name: SugarCRM Public License
URL: http://www.sugarcrm.com/crm/SPL
License Identifier: YPL
Formal Name: Yahoo! Public License 1.1
URL: http://www.zimbra.com/license/yahoo_public_license_1.1.html
License Identifier: OLDAP-2.8
Formal Name: OpenLDAP Public License Version 2.8
URL: http://www.openldap.org/software/release/license.html
License Identifier: ZimPL
Formal Name: Zimbra Public License, Version 1.3
URL: http://www.zimbra.com/license/zimbra-public-license-1-3.html
...AND OF COURSE ;)
License Identifier: WTFPL
Formal Name: Do What The Fuck You Want To Public License
URL: http://sam.zoy.org/wtfpl/
Kind regards
Soeren Rabenstein
____________________________________________________________
ASUSTeK COMPUTER INC.
Soeren Rabenstein, LL.M.
Legal Affairs Center - Legal Compliance Dept.
15, Li-Te Rd., Taipei 112, Taiwan
Tel.: (+886) 2 2894 3447 Ext.2372
Fax.: (+886) 2 2890 7674
soeren_rabenstein@...
____________________________________________________________
=====================================================================================================================================
This email and any attachments to it contain confidential information and are
intended solely for the use of the individual to whom it
is addressed.If you are not the intended recipient or receive it accidentally,
please immediately notify the sender by e-mail and delete
the message and any attachments from your computer system, and destroy all hard
copies. If any, please be advised that any unauthorized
disclosure, copying, distribution or any action taken or omitted in reliance on
this, is illegal and prohibited. Furthermore, any views
or opinions expressed are solely those of the author and do not represent those
of ASUSTeK. Thank you for your cooperation.
=====================================================================================================================================
<OpenSSL-License.txt><ATT00001..c>
=====================================================================================================================================
This email and any attachments to it contain confidential information and are intended solely for the use of the individual to whom it
is addressed.If you are not the intended recipient or receive it accidentally, please immediately notify the sender by e-mail and delete
the message and any attachments from your computer system, and destroy all hard copies. If any, please be advised that any unauthorized
disclosure, copying, distribution or any action taken or omitted in reliance on this, is illegal and prohibited. Furthermore, any views
or opinions expressed are solely those of the author and do not represent those of ASUSTeK. Thank you for your cooperation.
=====================================================================================================================================
|
|
|
Soeren, welcome, and thanks for the incremental licenses -- Licenses that come up in day-to-day practice are high value for SPDX. Thanks, Tom
Tom Incorvia
tom.incorvia@...
Direct: (512) 340-1336
Mobile: (408) 499 6850
toggle quoted message
Show quoted text
-----Original Message----- From: spdx-bounces@... [mailto:spdx-bounces@...] On Behalf Of Soeren_Rabenstein@... Sent: Wednesday, August 11, 2010 1:30 AM To: spdx@... Subject: Hello world and additional licenses Hello spdx mailing list I guess I am the first new subscriber, since you went public? My name is Soeren Rabenstein, I am in ASUSTeK's legal department since early 2009 and responsible for European legal compliance as well as implementation of a FOSS license compliance program. Thank you for creating the specification. We are very interested in bringing forward the standard, since "Software-BOMs" form a key element of our compliance program (we actually switched to the term "BOC"="Bill of Code", to avoid confusion with actual, physical BOMs) and supply chain management turned out to be the biggest challenge over here. As a first contribution, I compared the list of specified licenses in the spdx-draft with my own approval list. As a result I would like to propose the following licenses to be added to spdx. With the exception of the last item, these are all licenses I came across during my practice. I may add them myself through the wiki, but currently I cannot see a working wiki page on this. I am also happy to dig our more licenses that are not yet listed. License Identifier: ClArtistic Formal Name: Clarified Artistic License 1.0 URL: http://www.ncftp.com/ncftp/doc/LICENSE.txt License Identifier: XFree86-1.1 Formal Name: XFree86 License 1.1 URL: http://www.xfree86.org/current/LICENSE4.html License Identifier: Ruby Formal Name: Ruby License URL: http://www.ruby-lang.org/en/LICENSE.txt License Identifier: RHeCos Formal Name: Red Hat eCos Public License v1.1 URL: http://ecos.sourceware.org/old-license.html License Identifier: eCos Formal Name: The eCos license version 2.0 URL: http://www.gnu.org/licenses/ecos-license.html License Identifier: OSSL Formal Name: OpenSSL License URL: ? (No direct web source known, license text therefore attached to this mail) License Identifier: ErlPL Formal Name: Erlang Public License Version 1.1 URL: http://www.erlang.org/EPLICENSE License Identifier: gsoPL Formal Name: gSOAP Public License Version 1.3b URL: http://www.cs.fsu.edu/~engelen/license.htmlLicense Identifier: SugPL Formal Name: SugarCRM Public License URL: http://www.sugarcrm.com/crm/SPLLicense Identifier: YPL Formal Name: Yahoo! Public License 1.1 URL: http://www.zimbra.com/license/yahoo_public_license_1.1.html License Identifier: OLDAP-2.8 Formal Name: OpenLDAP Public License Version 2.8 URL: http://www.openldap.org/software/release/license.html License Identifier: ZimPL Formal Name: Zimbra Public License, Version 1.3 URL: http://www.zimbra.com/license/zimbra-public-license-1-3.html ...AND OF COURSE ;) License Identifier: WTFPL Formal Name: Do What The Fuck You Want To Public License URL: http://sam.zoy.org/wtfpl/ Kind regards Soeren Rabenstein ____________________________________________________________ ASUSTeK COMPUTER INC. Soeren Rabenstein, LL.M. Legal Affairs Center - Legal Compliance Dept. 15, Li-Te Rd., Taipei 112, Taiwan Tel.: (+886) 2 2894 3447 Ext.2372 Fax.: (+886) 2 2890 7674 soeren_rabenstein@... ____________________________________________________________ ===================================================================================================================================== This email and any attachments to it contain confidential information and are intended solely for the use of the individual to whom it is addressed.If you are not the intended recipient or receive it accidentally, please immediately notify the sender by e-mail and delete the message and any attachments from your computer system, and destroy all hard copies. If any, please be advised that any unauthorized disclosure, copying, distribution or any action taken or omitted in reliance on this, is illegal and prohibited. Furthermore, any views or opinions expressed are solely those of the author and do not represent those of ASUSTeK. Thank you for your cooperation. ===================================================================================================================================== This message has been scanned for viruses by MailController - www.MailController.altohiway.com
|
|
|
I know that the Ruby license is pretty common. I would vote to add that one.
Kim
Sent from my Verizon Wireless Phone
----- Reply message -----
From: "Philip Odence" <podence@...>
Date: Wed, Aug 11, 2010 6:33 am
Subject: Hello world and additional licenses
To: "<Soeren_Rabenstein@...>" <Soeren_Rabenstein@...>
Cc: "spdx@..." <spdx@...>
Welcome, Soeren. Glad to have you aboard.
This is certainly fair discussion. The goal has been to have the standard license list cover a large majority of cases (Kate's been talking about 90% coverage). Beyond that we have provided a mechanism for including licenses that are not on the list, the main differences being that for the latter the user will include the text of the license in the SPDX file, not just a reference to our list.
So, that fact that you have run across a license in your work would not on the face say that it meets the criteria for being included on the list. Do you think the licenses you list are fairly common and would belong on the list for that reason? Or do you think our criteria are too tight and that we should try to be more comprehensive in our coverage?
Phil
L. Philip Odence
Vice President of Business Development
Black Duck Software, inc.
265 Winter Street, Waltham, MA 02451
Phone: 781.810.1819, Mobile: 781.258.9502
podence@...<mailto:podence@...>
http://www.blackducksoftware.com
http://twitter.com/podence
http://www.linkedin.com/in/podence
http://www.networkworld.com/community/odence (my blog)
On Aug 11, 2010, at 2:30 AM, <Soeren_Rabenstein@...<mailto:Soeren_Rabenstein@...>> wrote:
Hello spdx mailing list
I guess I am the first new subscriber, since you went public?
My name is Soeren Rabenstein, I am in ASUSTeK's legal department since early 2009 and responsible for European legal compliance as well as implementation of a FOSS license compliance program.
Thank you for creating the specification. We are very interested in bringing forward the standard, since "Software-BOMs" form a key element of our compliance program (we actually switched to the term "BOC"="Bill of Code", to avoid confusion with actual, physical BOMs) and supply chain management turned out to be the biggest challenge over here.
As a first contribution, I compared the list of specified licenses in the spdx-draft with my own approval list. As a result I would like to propose the following licenses to be added to spdx. With the exception of the last item, these are all licenses I came across during my practice. I may add them myself through the wiki, but currently I cannot see a working wiki page on this.
I am also happy to dig our more licenses that are not yet listed.
License Identifier: ClArtistic
Formal Name: Clarified Artistic License 1.0
URL: http://www.ncftp.com/ncftp/doc/LICENSE.txt
License Identifier: XFree86-1.1
Formal Name: XFree86 License 1.1
URL: http://www.xfree86.org/current/LICENSE4.html
License Identifier: Ruby
Formal Name: Ruby License
URL: http://www.ruby-lang.org/en/LICENSE.txt
License Identifier: RHeCos
Formal Name: Red Hat eCos Public License v1.1
URL: http://ecos.sourceware.org/old-license.html
License Identifier: eCos
Formal Name: The eCos license version 2.0
URL: http://www.gnu.org/licenses/ecos-license.html
License Identifier: OSSL
Formal Name: OpenSSL License
URL: ? (No direct web source known, license text therefore attached to this mail)
License Identifier: ErlPL
Formal Name: Erlang Public License Version 1.1
URL: http://www.erlang.org/EPLICENSE
License Identifier: gsoPL
Formal Name: gSOAP Public License Version 1.3b
URL: http://www.cs.fsu.edu/~engelen/license.html
License Identifier: SugPL
Formal Name: SugarCRM Public License
URL: http://www.sugarcrm.com/crm/SPL
License Identifier: YPL
Formal Name: Yahoo! Public License 1.1
URL: http://www.zimbra.com/license/yahoo_public_license_1.1.html
License Identifier: OLDAP-2.8
Formal Name: OpenLDAP Public License Version 2.8
URL: http://www.openldap.org/software/release/license.html
License Identifier: ZimPL
Formal Name: Zimbra Public License, Version 1.3
URL: http://www.zimbra.com/license/zimbra-public-license-1-3.html
...AND OF COURSE ;)
License Identifier: WTFPL
Formal Name: Do What The Fuck You Want To Public License
URL: http://sam.zoy.org/wtfpl/
Kind regards
Soeren Rabenstein
____________________________________________________________
ASUSTeK COMPUTER INC.
Soeren Rabenstein, LL.M.
Legal Affairs Center - Legal Compliance Dept.
15, Li-Te Rd., Taipei 112, Taiwan
Tel.: (+886) 2 2894 3447 Ext.2372
Fax.: (+886) 2 2890 7674
soeren_rabenstein@...<mailto:soeren_rabenstein@...>
____________________________________________________________
=====================================================================================================================================
This email and any attachments to it contain confidential information and are intended solely for the use of the individual to whom it
is addressed.If you are not the intended recipient or receive it accidentally, please immediately notify the sender by e-mail and delete
the message and any attachments from your computer system, and destroy all hard copies. If any, please be advised that any unauthorized
disclosure, copying, distribution or any action taken or omitted in reliance on this, is illegal and prohibited. Furthermore, any views
or opinions expressed are solely those of the author and do not represent those of ASUSTeK. Thank you for your cooperation.
=====================================================================================================================================
<OpenSSL-License.txt><ATT00001..c>
|
|
|
Welcome, Soeren. Glad to have you aboard.
This is certainly fair discussion. The goal has been to have the standard license list cover a large majority of cases (Kate's been talking about 90% coverage). Beyond that we have provided a mechanism for including licenses that are not on the list, the main differences being that for the latter the user will include the text of the license in the SPDX file, not just a reference to our list.
So, that fact that you have run across a license in your work would not on the face say that it meets the criteria for being included on the list. Do you think the licenses you list are fairly common and would belong on the list for that reason? Or do you think our criteria are too tight and that we should try to be more comprehensive in our coverage?
Phil
L. Philip Odence Vice President of Business Development Black Duck Software, inc. 265 Winter Street, Waltham, MA 02451 Phone: 781.810.1819, Mobile: 781.258.9502
Hello spdx mailing list I guess I am the first new subscriber, since you went public? My name is Soeren Rabenstein, I am in ASUSTeK's legal department since early 2009 and responsible for European legal compliance as well as implementation of a FOSS license compliance program. Thank you for creating the specification. We are very interested in bringing forward the standard, since "Software-BOMs" form a key element of our compliance program (we actually switched to the term "BOC"="Bill of Code", to avoid confusion with actual, physical BOMs) and supply chain management turned out to be the biggest challenge over here. As a first contribution, I compared the list of specified licenses in the spdx-draft with my own approval list. As a result I would like to propose the following licenses to be added to spdx. With the exception of the last item, these are all licenses I came across during my practice. I may add them myself through the wiki, but currently I cannot see a working wiki page on this. I am also happy to dig our more licenses that are not yet listed. License Identifier: ClArtistic Formal Name: Clarified Artistic License 1.0 URL: http://www.ncftp.com/ncftp/doc/LICENSE.txt License Identifier: XFree86-1.1 Formal Name: XFree86 License 1.1 URL: http://www.xfree86.org/current/LICENSE4.html License Identifier: Ruby Formal Name: Ruby License URL: http://www.ruby-lang.org/en/LICENSE.txt License Identifier: RHeCos Formal Name: Red Hat eCos Public License v1.1 URL: http://ecos.sourceware.org/old-license.html License Identifier: eCos Formal Name: The eCos license version 2.0 URL: http://www.gnu.org/licenses/ecos-license.html License Identifier: OSSL Formal Name: OpenSSL License URL: ? (No direct web source known, license text therefore attached to this mail) License Identifier: ErlPL Formal Name: Erlang Public License Version 1.1 URL: http://www.erlang.org/EPLICENSE License Identifier: gsoPL Formal Name: gSOAP Public License Version 1.3b URL: http://www.cs.fsu.edu/~engelen/license.htmlLicense Identifier: SugPL Formal Name: SugarCRM Public License URL: http://www.sugarcrm.com/crm/SPLLicense Identifier: YPL Formal Name: Yahoo! Public License 1.1 URL: http://www.zimbra.com/license/yahoo_public_license_1.1.html License Identifier: OLDAP-2.8 Formal Name: OpenLDAP Public License Version 2.8 URL: http://www.openldap.org/software/release/license.html License Identifier: ZimPL Formal Name: Zimbra Public License, Version 1.3 URL: http://www.zimbra.com/license/zimbra-public-license-1-3.html ...AND OF COURSE ;) License Identifier: WTFPL Formal Name: Do What The Fuck You Want To Public License URL: http://sam.zoy.org/wtfpl/ Kind regards Soeren Rabenstein ____________________________________________________________ ASUSTeK COMPUTER INC. Soeren Rabenstein, LL.M. Legal Affairs Center - Legal Compliance Dept. 15, Li-Te Rd., Taipei 112, Taiwan Tel.: (+886) 2 2894 3447 Ext.2372 Fax.: (+886) 2 2890 7674 soeren_rabenstein@...____________________________________________________________ ===================================================================================================================================== This email and any attachments to it contain confidential information and are intended solely for the use of the individual to whom it is addressed.If you are not the intended recipient or receive it accidentally, please immediately notify the sender by e-mail and delete the message and any attachments from your computer system, and destroy all hard copies. If any, please be advised that any unauthorized disclosure, copying, distribution or any action taken or omitted in reliance on this, is illegal and prohibited. Furthermore, any views or opinions expressed are solely those of the author and do not represent those of ASUSTeK. Thank you for your cooperation. ===================================================================================================================================== <OpenSSL-License.txt><ATT00001..c>
|
|
|
On Wednesday 11 August 2010 08:30:14 Soeren_Rabenstein@... wrote: ...AND OF COURSE ;)
License Identifier: WTFPL
Formal Name: Do What The Fuck You Want To Public License
URL: http://sam.zoy.org/wtfpl/
Hi, just one point about this license - it was a problem for one of our major OEM customers. Through bugzilla, they requested that we change the expletive to something less problematic for them (IIRC we changed it to the Do What the Hell You Want Public License). It was the strangest legal patch I ever wrote :-) Ciaran -- Ciaran Farrell __o cfarrell@... _`\<,_ Phone: +49 (0)911 74053 262 (_)/ (_) SUSE Linux Products GmbH, GF: Markus Rex, HRB 16746 (AG Nürnberg) Maxfeldstrasse 5, 90409, Nuremberg, Germany /ˈkiː.ræn/
|
|
|
On Tue, Aug 10, 2010 at 11:30 PM, <Soeren_Rabenstein@...> wrote:
...AND OF COURSE ;)
License Identifier: WTFPL
Formal Name: Do What The Fuck You Want To Public License
URL: http://sam.zoy.org/wtfpl/
I have to agree with Soeren (welcome!). A standard can't be complete without it and the Beerware License Rev.42 (in a template form). -- --dmg --- Daniel M. German http://turingmachine.org
|
|
|
Hello spdx mailing list I guess I am the first new subscriber, since you went public? My name is Soeren Rabenstein, I am in ASUSTeK's legal department since early 2009 and responsible for European legal compliance as well as implementation of a FOSS license compliance program. Thank you for creating the specification. We are very interested in bringing forward the standard, since "Software-BOMs" form a key element of our compliance program (we actually switched to the term "BOC"="Bill of Code", to avoid confusion with actual, physical BOMs) and supply chain management turned out to be the biggest challenge over here. As a first contribution, I compared the list of specified licenses in the spdx-draft with my own approval list. As a result I would like to propose the following licenses to be added to spdx. With the exception of the last item, these are all licenses I came across during my practice. I may add them myself through the wiki, but currently I cannot see a working wiki page on this. I am also happy to dig our more licenses that are not yet listed. License Identifier: ClArtistic Formal Name: Clarified Artistic License 1.0 URL: http://www.ncftp.com/ncftp/doc/LICENSE.txt License Identifier: XFree86-1.1 Formal Name: XFree86 License 1.1 URL: http://www.xfree86.org/current/LICENSE4.html License Identifier: Ruby Formal Name: Ruby License URL: http://www.ruby-lang.org/en/LICENSE.txt License Identifier: RHeCos Formal Name: Red Hat eCos Public License v1.1 URL: http://ecos.sourceware.org/old-license.html License Identifier: eCos Formal Name: The eCos license version 2.0 URL: http://www.gnu.org/licenses/ecos-license.html License Identifier: OSSL Formal Name: OpenSSL License URL: ? (No direct web source known, license text therefore attached to this mail) License Identifier: ErlPL Formal Name: Erlang Public License Version 1.1 URL: http://www.erlang.org/EPLICENSE License Identifier: gsoPL Formal Name: gSOAP Public License Version 1.3b URL: http://www.cs.fsu.edu/~engelen/license.htmlLicense Identifier: SugPL Formal Name: SugarCRM Public License URL: http://www.sugarcrm.com/crm/SPLLicense Identifier: YPL Formal Name: Yahoo! Public License 1.1 URL: http://www.zimbra.com/license/yahoo_public_license_1.1.html License Identifier: OLDAP-2.8 Formal Name: OpenLDAP Public License Version 2.8 URL: http://www.openldap.org/software/release/license.html License Identifier: ZimPL Formal Name: Zimbra Public License, Version 1.3 URL: http://www.zimbra.com/license/zimbra-public-license-1-3.html ...AND OF COURSE ;) License Identifier: WTFPL Formal Name: Do What The Fuck You Want To Public License URL: http://sam.zoy.org/wtfpl/ Kind regards Soeren Rabenstein ____________________________________________________________ ASUSTeK COMPUTER INC. Soeren Rabenstein, LL.M. Legal Affairs Center - Legal Compliance Dept. 15, Li-Te Rd., Taipei 112, Taiwan Tel.: (+886) 2 2894 3447 Ext.2372 Fax.: (+886) 2 2890 7674 soeren_rabenstein@... ____________________________________________________________ ===================================================================================================================================== This email and any attachments to it contain confidential information and are intended solely for the use of the individual to whom it is addressed.If you are not the intended recipient or receive it accidentally, please immediately notify the sender by e-mail and delete the message and any attachments from your computer system, and destroy all hard copies. If any, please be advised that any unauthorized disclosure, copying, distribution or any action taken or omitted in reliance on this, is illegal and prohibited. Furthermore, any views or opinions expressed are solely those of the author and do not represent those of ASUSTeK. Thank you for your cooperation. =====================================================================================================================================
|
|
|
