License templates


Peter Williams <peter.williams@...>
 

On 10/2/10 4:39 AM, Philippe Ombredanne wrote:
the idea is good, though we should not reinvent a license templates
syntax when the OSI has alreday done something.
They use angle brackets so I would suggest using the same, not square
brackets. See http://www.opensource.org/licenses/bsd-license.php for
instance.
I was unaware that OSI has a pattern for this already. I agree we should follow the pattern they have used.

Another note is that copyright notices (such as in the BSD example you
provide) may or may not be part of the license.
I consider them part of the license when the license text itself is
copyrighted explicitly (GPL, Apache).
In the case of a BSD, I would not consider the copyright notice to be
explicitly part of the license, and therefore likely not needed in a
templatized license.
That is an excellent point. it seems reasonable to treat the copyright declarations that are usually associated with the BSD license as not really part of the license. Could those of you with a legal background comment on this?

Peter Williams
<http://openlogic.com>


Philippe Ombredanne
 

On 2010-09-30 18:52, Peter Williams wrote:
In <https://fossbazaar.org/pipermail/spdx/2010-September/000116.html>
dmg brought up and interesting question regarding how similar two
license texts need to be before they can be considered the same license.
This got me thinking about the proposed license templates.

I am increasing uncomfortable with the idea of spdx specify a mechanism
intended to support recognition of licenses. That very idea seems
fraught with peril, both technically and legally.

What constitutes similar enough to treat as a single license is a policy
decision. Risk averse organizations with a high profile might choose a
relatively high bar for sameness, while less risk averse organizations
will probably prefer a lower bar. I think setting these policies should
be left to the producers and consumers of spdx files. These parties are
the only ones with enough information to do it effectively.

There are a few situations where a light weight template syntax in the
license text field itself would be useful. Such a syntax would allow a
way to demarcate really obvious and uncontentious replaceable parts of
the license. Square brackets around a description of the replaceable
element would probably sufficient.
Peter:
my 2 cents:

the idea is good, though we should not reinvent a license templates syntax when the OSI has alreday done something.
They use angle brackets so I would suggest using the same, not square brackets. See http://www.opensource.org/licenses/bsd-license.php for instance.

Another note is that copyright notices (such as in the BSD example you provide) may or may not be part of the license.
I consider them part of the license when the license text itself is copyrighted explicitly (GPL, Apache).
In the case of a BSD, I would not consider the copyright notice to be explicitly part of the license, and therefore likely not needed in a templatized license.



For example, the 3 clause bsd license
text would look like this

Copyright (c) [YEAR], [OWNER]
All rights reserved.

Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:

* Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above
copyright notice, this list of conditions and the following
disclaimer in the documentation and/or other materials
provided with the distribution.
* Neither the name of the [ORGANIZATION] nor the names of its
contributors may be used to endorse or promote products
derived from this software without specific prior written
permission.

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.

This would allow spdx to provide canonical forms of licenses without
trying to specify policy issues.

Peter Williams
<http://openlogic.com>



_______________________________________________
Spdx mailing list
Spdx@...
https://fossbazaar.org/mailman/listinfo/spdx

--
Cordially
Philippe

philippe ombredanne | 1 650 799 0949 | pombredanne at nexb.com
nexB - Open by Design (tm) - http://www.nexb.com


Peter Williams <peter.williams@...>
 

In <https://fossbazaar.org/pipermail/spdx/2010-September/000116.html> dmg brought up and interesting question regarding how similar two license texts need to be before they can be considered the same license.  This got me thinking about the proposed license templates.

I am increasing uncomfortable with the idea of spdx specify a mechanism intended to support recognition of licenses.  That very idea seems fraught with peril, both technically and legally. 

What constitutes similar enough to treat as a single license is a policy decision.  Risk averse organizations with a high profile might choose a relatively high bar for sameness, while less risk averse organizations will probably prefer a lower bar.  I think setting these policies should be left to the producers and consumers of spdx files.  These parties are the only ones with enough information to do it effectively.

There are a few situations where a light weight template syntax in the license text field itself would be useful.  Such a syntax would allow a way to demarcate really obvious and uncontentious replaceable parts of the license.  Square brackets around a description of the replaceable element would probably sufficient.  For example, the 3 clause bsd license text would look like this
Copyright (c) [YEAR], [OWNER]
All rights reserved.

Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
  • Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
  • Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
  • Neither the name of the [ORGANIZATION] nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
This would allow spdx to provide canonical forms of licenses without trying to specify policy issues.

Peter Williams
<http://openlogic.com>