spdx@lists.spdx.org | new version of License List uploaded

Home Messages Hashtags Subgroups

Date Date 1 - 7 of 7

new version of License List uploaded

Tom Incorvia #304 Perhaps we stick with the version of MIT that is listed at http://www.opensource.org/licenses/mit-license.php as a way to include this license in the standard list -- it is too commonly used to exclude. To work with the variations, we treat it like the BSD variants where there must be an exact match other than Copyright (c) <year> <copyright holders>. Tom Tom Incorvia tom.incorvia@... Direct: (512) 340-1336 Mobile: (408) 499 6850 toggle quoted message Show quoted text -----Original Message----- From: Richard Fontana [mailto:rfontana@...] Sent: Wednesday, January 26, 2011 2:29 PM To: Tom Incorvia Cc: Jilayne Lovejoy; Kim Weins; SPDX Subject: Re: new version of License List uploaded Delurking ... On Wed, Jan 26, 2011 at 12:07:02PM -0800, Tom Incorvia wrote: - Regarding the MIT license. This is a VERY well-established license, #4 on the Black Duck site, is listed in expected form the OSI site, etc. I have not seen variants other than the copyright year and copyright holders template holders. I strongly recommend that we maintain the MIT license without associating it with Expat. No opinion on whether to list Expat or not – I have not used it, but am in the commercial world This is rather contrary to our experiences at Red Hat. We've encountered fascinatingly numerous language variants on the MIT/X11/Expat license family in the wild (though you might want to argue that these shouldn't be treated as one family). I once started to make an effort to catalogue all the different variants you find in just one project (Kerberos) and gave up (maybe out of boredom, but still...). Tom Callaway has probably made the most careful attempt to collect the various licenses that seem to often be labelled "MIT". (No question that the direction is towards standardization on the version that OSI happens to list as a template, or something close to that.) Some of the variants one finds in this license family are arguably legally significant. For what it's worth, Red Hat and Fedora use the "MIT" label to describe all of the various licenses in this family in package metadata. I would assume that Black Duck listing the MIT license as #4 involves to at least some degree collecting a bunch of variants. - Regarding Perl – since there is not a Perl license or Perl license stack (like Python), I suggest that we not list Perl as a license. I wonder if the value in doing so lies in the fact that Perl modules are commonly licensed as "under the same terms as Perl itself", which most often probably means (Artistic 1.0 or GPL) but is sometimes unclear. - I am not familiar with the general use of the OpenSSL exception, but it is certainly distinct from any exceptions that we currently have listed. Here is a reference from Debian Legal on this exception. Does anyone have experience with this exception and know if the text is consistent? We have experience with it. Not sure there is one canonical version but I think the one in that debian-legal posting is the one that the FSF recommended at one time. I believe that there is a different version that was updated for GPLv3, but I may be misremembering. I seem to remember writing my own version (while at Red Hat) at one point. Conceptually, the OpenSSL exception is one of a class of GPL linking exceptions. - Anyone else familiar with GPL Font – not me? The GPL font exception, which originates with the FSF, is pretty well known. We've used and encountered it in certain forms at Red Hat. It is possible the FSF has an updated version for GPLv3, or will someday. - Richard This message has been scanned for viruses by MailController - www.MailController.altohiway.com
More All Messages By This Member
Richard Fontana #303 Delurking ... On Wed, Jan 26, 2011 at 12:07:02PM -0800, Tom Incorvia wrote: - Regarding the MIT license. This is a VERY well-established license, #4 on the Black Duck site, is listed in expected form the OSI site, etc. I have not seen variants other than the copyright year and copyright holders template holders. I strongly recommend that we maintain the MIT license without associating it with Expat. No opinion on whether to list Expat or not – I have not used it, but am in the commercial world This is rather contrary to our experiences at Red Hat. We've encountered fascinatingly numerous language variants on the MIT/X11/Expat license family in the wild (though you might want to argue that these shouldn't be treated as one family). I once started to make an effort to catalogue all the different variants you find in just one project (Kerberos) and gave up (maybe out of boredom, but still...). Tom Callaway has probably made the most careful attempt to collect the various licenses that seem to often be labelled "MIT". (No question that the direction is towards standardization on the version that OSI happens to list as a template, or something close to that.) Some of the variants one finds in this license family are arguably legally significant. For what it's worth, Red Hat and Fedora use the "MIT" label to describe all of the various licenses in this family in package metadata. I would assume that Black Duck listing the MIT license as #4 involves to at least some degree collecting a bunch of variants. - Regarding Perl – since there is not a Perl license or Perl license stack (like Python), I suggest that we not list Perl as a license. I wonder if the value in doing so lies in the fact that Perl modules are commonly licensed as "under the same terms as Perl itself", which most often probably means (Artistic 1.0 or GPL) but is sometimes unclear. - I am not familiar with the general use of the OpenSSL exception, but it is certainly distinct from any exceptions that we currently have listed. Here is a reference from Debian Legal on this exception. Does anyone have experience with this exception and know if the text is consistent? We have experience with it. Not sure there is one canonical version but I think the one in that debian-legal posting is the one that the FSF recommended at one time. I believe that there is a different version that was updated for GPLv3, but I may be misremembering. I seem to remember writing my own version (while at Red Hat) at one point. Conceptually, the OpenSSL exception is one of a class of GPL linking exceptions. - Anyone else familiar with GPL Font – not me? The GPL font exception, which originates with the FSF, is pretty well known. We've used and encountered it in certain forms at Red Hat. It is possible the FSF has an updated version for GPLv3, or will someday. - Richard
More All Messages By This Member
Tom Incorvia #302 - Regarding the MIT license. This is a VERY well-established license, #4 on the Black Duck site, is listed in expected form the OSI site, etc. I have not seen variants other than the copyright year and copyright holders template holders. I strongly recommend that we maintain the MIT license without associating it with Expat. No opinion on whether to list Expat or not – I have not used it, but am in the commercial world - Regarding Perl – since there is not a Perl license or Perl license stack (like Python), I suggest that we not list Perl as a license. - I am not familiar with the general use of the OpenSSL exception, but it is certainly distinct from any exceptions that we currently have listed. Here is a reference from Debian Legal on this exception. Does anyone have experience with this exception and know if the text is consistent? - Anyone else familiar with GPL Font – not me? Tom Incorvia tom.incorvia@... Direct: (512) 340-1336 Mobile: (408) 499 6850 toggle quoted message Show quoted text From: Jilayne Lovejoy [mailto:Jlovejoy@...] Sent: Wednesday, January 26, 2011 1:34 PM To: Tom Incorvia; Kim Weins; SPDX Subject: RE: new version of License List uploaded Thanks, Tom. Do you (or anyone on the list) have any thoughts on the 3 items highlighted in yellow below? Jilayne Lovejoy \| Corporate Counsel jlovejoy@... 720 240 4545 \| phone 720 240 4556 \| fax 1 888 OpenLogic \| toll free www.openlogic.com OpenLogic, Inc. Headquarters, Broomfield, Colorado 80021 From: Tom Incorvia [mailto:tom.incorvia@...] Sent: Wednesday, January 26, 2011 11:04 AM To: Kim Weins; Jilayne Lovejoy; SPDX Subject: RE: new version of License List uploaded Hi Jilayne, On the legal call today I offered to do a last look at the Debian / SPDX license name differences. I agree with Kim: The exclusion of “.0” in cases where the license issuer does not use that makes sense The Debian abbreviation of the GNU Free Documentation License is a far more common use that the FDL that we chose, so let’s use GFDL. Tom Tom Incorvia tom.incorvia@... Direct: (512) 340-1336 Mobile: (408) 499 6850 From: spdx-bounces@... [mailto:spdx-bounces@...] On Behalf Of Kim Weins Sent: Monday, January 17, 2011 10:44 AM To: Jilayne Lovejoy; SPDX Subject: Re: new version of License List uploaded Thanks Jilayne After looking this over, we are pretty well aligned with two exceptions Debian excludes the “.0” on ends of versions (eg Apache-1 instead of Apache-1.0) Debian uses GFDL for GNU Free Documentation License and we use FDL. I would be fine with changing out names to match Debian on both the items above. That makes it easy and saves us from trying to negotiate changes. Kim On Fri 1/14/11 2:00 PM, "Jilayne Lovejoy" <Jlovejoy@...> wrote: I just uploaded v1.5 of the License List spreadsheet and accompanying guidelines/notes document to the SPDX website here: http://spdx.org/wiki/working-version-license-list This version reflects adds a column for comparison to the Debian short name protocols and list (http://dep.debian.net/deps/dep5/) and some comments where there were differences in license long names. Notes/observations/questions re: these additions below (this is also listed on the Word doc associated with the license): Column added for comparison to Debian license list short names: If left blank, then license not on Debian list If short name is the same, then “same” entered in this column If short name is different, then Debian variation entered here Debian uses Expat license instead of MIT; Expat is not on SPDX list ?? Debian identifies GPL font and SSL exception which were not on SPDX list; font exception was added to SPDX list Should we add the SSL exception? It looks like a suggestion more than a standard exception based on the info contained in a link. I’ve never seen this one before – anyone have any thoughts on this? SPDX list had exceptions not on Debian list, but short names using Debian short names rules listed in this column Debian lists Perl as a license, but this is really a disjunctive licensing situation with either GPL or Artistic; it doesn’t seem like “Perl” should be listed as a separate license in this case as there are other scenarios like this Added other GFDL v1.1 and v1.3 to license list, as they were missing Debian lists GNU Free Documentation License with no invariant sections à did not add this… ?? Jilayne Lovejoy \| Corporate Counsel jlovejoy@... 720 240 4545 \| phone 720 240 4556 \| fax 1 888 OpenLogic \| toll free www.openlogic.com <http://www.openlogic.com> OpenLogic, Inc. Headquarters, Broomfield, Colorado 80021 _______________________________________________ Spdx mailing list Spdx@... https://fossbazaar.org/mailman/listinfo/spdx Click here to report this email as spam. This message has been scanned for viruses by MailController.
More All Messages By This Member
Jilayne Lovejoy <Jlovejoy@...> #301 Thanks, Tom. Do you (or anyone on the list) have any thoughts on the 3 items highlighted in yellow below? Jilayne Lovejoy \| Corporate Counsel jlovejoy@... 720 240 4545 \| phone 720 240 4556 \| fax 1 888 OpenLogic \| toll free www.openlogic.com OpenLogic, Inc. Headquarters, Broomfield, Colorado 80021 toggle quoted message Show quoted text From: Tom Incorvia [mailto:tom.incorvia@...] Sent: Wednesday, January 26, 2011 11:04 AM To: Kim Weins; Jilayne Lovejoy; SPDX Subject: RE: new version of License List uploaded Hi Jilayne, On the legal call today I offered to do a last look at the Debian / SPDX license name differences. I agree with Kim: The exclusion of “.0” in cases where the license issuer does not use that makes sense The Debian abbreviation of the GNU Free Documentation License is a far more common use that the FDL that we chose, so let’s use GFDL. Tom Tom Incorvia tom.incorvia@... Direct: (512) 340-1336 Mobile: (408) 499 6850 From: spdx-bounces@... [mailto:spdx-bounces@...] On Behalf Of Kim Weins Sent: Monday, January 17, 2011 10:44 AM To: Jilayne Lovejoy; SPDX Subject: Re: new version of License List uploaded Thanks Jilayne After looking this over, we are pretty well aligned with two exceptions Debian excludes the “.0” on ends of versions (eg Apache-1 instead of Apache-1.0) Debian uses GFDL for GNU Free Documentation License and we use FDL. I would be fine with changing out names to match Debian on both the items above. That makes it easy and saves us from trying to negotiate changes. Kim On Fri 1/14/11 2:00 PM, "Jilayne Lovejoy" <Jlovejoy@...> wrote: I just uploaded v1.5 of the License List spreadsheet and accompanying guidelines/notes document to the SPDX website here: http://spdx.org/wiki/working-version-license-list This version reflects adds a column for comparison to the Debian short name protocols and list (http://dep.debian.net/deps/dep5/) and some comments where there were differences in license long names. Notes/observations/questions re: these additions below (this is also listed on the Word doc associated with the license): Column added for comparison to Debian license list short names: If left blank, then license not on Debian list If short name is the same, then “same” entered in this column If short name is different, then Debian variation entered here Debian uses Expat license instead of MIT; Expat is not on SPDX list ?? Debian identifies GPL font and SSL exception which were not on SPDX list; font exception was added to SPDX list Should we add the SSL exception? It looks like a suggestion more than a standard exception based on the info contained in a link. I’ve never seen this one before – anyone have any thoughts on this? SPDX list had exceptions not on Debian list, but short names using Debian short names rules listed in this column Debian lists Perl as a license, but this is really a disjunctive licensing situation with either GPL or Artistic; it doesn’t seem like “Perl” should be listed as a separate license in this case as there are other scenarios like this Added other GFDL v1.1 and v1.3 to license list, as they were missing Debian lists GNU Free Documentation License with no invariant sections à did not add this… ?? Jilayne Lovejoy \| Corporate Counsel jlovejoy@... 720 240 4545 \| phone 720 240 4556 \| fax 1 888 OpenLogic \| toll free www.openlogic.com <http://www.openlogic.com> OpenLogic, Inc. Headquarters, Broomfield, Colorado 80021 _______________________________________________ Spdx mailing list Spdx@... https://fossbazaar.org/mailman/listinfo/spdx Click here to report this email as spam. This message has been scanned for viruses by MailController.
More
Tom Incorvia #300 Hi Jilayne, On the legal call today I offered to do a last look at the Debian / SPDX license name differences. I agree with Kim: The exclusion of “.0” in cases where the license issuer does not use that makes sense The Debian abbreviation of the GNU Free Documentation License is a far more common use that the FDL that we chose, so let’s use GFDL. Tom Tom Incorvia tom.incorvia@... Direct: (512) 340-1336 Mobile: (408) 499 6850 toggle quoted message Show quoted text From: spdx-bounces@... [mailto:spdx-bounces@...] On Behalf Of Kim Weins Sent: Monday, January 17, 2011 10:44 AM To: Jilayne Lovejoy; SPDX Subject: Re: new version of License List uploaded Thanks Jilayne After looking this over, we are pretty well aligned with two exceptions Debian excludes the “.0” on ends of versions (eg Apache-1 instead of Apache-1.0) Debian uses GFDL for GNU Free Documentation License and we use FDL. I would be fine with changing out names to match Debian on both the items above. That makes it easy and saves us from trying to negotiate changes. Kim On Fri 1/14/11 2:00 PM, "Jilayne Lovejoy" <Jlovejoy@...> wrote: I just uploaded v1.5 of the License List spreadsheet and accompanying guidelines/notes document to the SPDX website here: http://spdx.org/wiki/working-version-license-list This version reflects adds a column for comparison to the Debian short name protocols and list (http://dep.debian.net/deps/dep5/) and some comments where there were differences in license long names. Notes/observations/questions re: these additions below (this is also listed on the Word doc associated with the license): Column added for comparison to Debian license list short names: If left blank, then license not on Debian list If short name is the same, then “same” entered in this column If short name is different, then Debian variation entered here Debian uses Expat license instead of MIT; Expat is not on SPDX list ?? Debian identifies GPL font and SSL exception which were not on SPDX list; font exception was added to SPDX list Should we add the SSL exception? It looks like a suggestion more than a standard exception based on the info contained in a link. I’ve never seen this one before – anyone have any thoughts on this? SPDX list had exceptions not on Debian list, but short names using Debian short names rules listed in this column Debian lists Perl as a license, but this is really a disjunctive licensing situation with either GPL or Artistic; it doesn’t seem like “Perl” should be listed as a separate license in this case as there are other scenarios like this Added other GFDL v1.1 and v1.3 to license list, as they were missing Debian lists GNU Free Documentation License with no invariant sections à did not add this… ?? Jilayne Lovejoy \| Corporate Counsel jlovejoy@... 720 240 4545 \| phone 720 240 4556 \| fax 1 888 OpenLogic \| toll free www.openlogic.com <http://www.openlogic.com> OpenLogic, Inc. Headquarters, Broomfield, Colorado 80021 _______________________________________________ Spdx mailing list Spdx@... https://fossbazaar.org/mailman/listinfo/spdx Click here to report this email as spam. This message has been scanned for viruses by MailController.
More All Messages By This Member
Kim Weins #287 Thanks Jilayne After looking this over, we are pretty well aligned with two exceptions Debian excludes the “.0” on ends of versions (eg Apache-1 instead of Apache-1.0) Debian uses GFDL for GNU Free Documentation License and we use FDL. I would be fine with changing out names to match Debian on both the items above. That makes it easy and saves us from trying to negotiate changes. Kim On Fri 1/14/11 2:00 PM, "Jilayne Lovejoy" <Jlovejoy@...> wrote: toggle quoted message Show quoted text I just uploaded v1.5 of the License List spreadsheet and accompanying guidelines/notes document to the SPDX website here: http://spdx.org/wiki/working-version-license-list This version reflects adds a column for comparison to the Debian short name protocols and list (http://dep.debian.net/deps/dep5/) and some comments where there were differences in license long names. Notes/observations/questions re: these additions below (this is also listed on the Word doc associated with the license): Column added for comparison to Debian license list short names: If left blank, then license not on Debian list If short name is the same, then “same” entered in this column If short name is different, then Debian variation entered here Debian uses Expat license instead of MIT; Expat is not on SPDX list ?? Debian identifies GPL font and SSL exception which were not on SPDX list; font exception was added to SPDX list Should we add the SSL exception? It looks like a suggestion more than a standard exception based on the info contained in a link. I’ve never seen this one before – anyone have any thoughts on this? SPDX list had exceptions not on Debian list, but short names using Debian short names rules listed in this column Debian lists Perl as a license, but this is really a disjunctive licensing situation with either GPL or Artistic; it doesn’t seem like “Perl” should be listed as a separate license in this case as there are other scenarios like this Added other GFDL v1.1 and v1.3 to license list, as they were missing Debian lists GNU Free Documentation License with no invariant sections à did not add this… ?? Jilayne Lovejoy \| Corporate Counsel jlovejoy@... 720 240 4545 \| phone 720 240 4556 \| fax 1 888 OpenLogic \| toll free www.openlogic.com <http://www.openlogic.com> OpenLogic, Inc. Headquarters, Broomfield, Colorado 80021 _______________________________________________ Spdx mailing list Spdx@... https://fossbazaar.org/mailman/listinfo/spdx
More All Messages By This Member
Jilayne Lovejoy <Jlovejoy@...> #279 I just uploaded v1.5 of the License List spreadsheet and accompanying guidelines/notes document to the SPDX website here: http://spdx.org/wiki/working-version-license-list This version reflects adds a column for comparison to the Debian short name protocols and list (http://dep.debian.net/deps/dep5/) and some comments where there were differences in license long names. Notes/observations/questions re: these additions below (this is also listed on the Word doc associated with the license): Column added for comparison to Debian license list short names: If left blank, then license not on Debian list If short name is the same, then “same” entered in this column If short name is different, then Debian variation entered here Debian uses Expat license instead of MIT; Expat is not on SPDX list ?? Debian identifies GPL font and SSL exception which were not on SPDX list; font exception was added to SPDX list Should we add the SSL exception? It looks like a suggestion more than a standard exception based on the info contained in a link. I’ve never seen this one before – anyone have any thoughts on this? SPDX list had exceptions not on Debian list, but short names using Debian short names rules listed in this column Debian lists Perl as a license, but this is really a disjunctive licensing situation with either GPL or Artistic; it doesn’t seem like “Perl” should be listed as a separate license in this case as there are other scenarios like this Added other GFDL v1.1 and v1.3 to license list, as they were missing Debian lists GNU Free Documentation License with no invariant sections à did not add this… ?? Jilayne Lovejoy \| Corporate Counsel jlovejoy@... 720 240 4545 \| phone 720 240 4556 \| fax 1 888 OpenLogic \| toll free www.openlogic.com OpenLogic, Inc. Headquarters, Broomfield, Colorado 80021
More

1 - 7 of 7

1

Previous Topic Next Topic

Home Hashtags Subgroups Terms