Re: License of "debian/" directories

[Paul Tagliamonte]

Hey Joel,

It should be outlined in the debian/copyright file for the package in
question

  Paul

On Thu, Oct 8, 2020 at 6:33 PM Joel Ray Holveck  wrote:

> I'm currently asking my employer to let me upstream some changes I've
> got to some Debian packaging.  Usually, they like to know what the
> license is.
>
> What's the license of "debian/" directories in source packages?  Not for
> native packages, but the packaging for third-party software.  Is it the
> same as the upstream code, or does Debian own the copyright and have a
> particular license for that, or what?
>
> I looked over the Policy Manual and the Legal FAQ, but didn't see an
> answer.  Is this something that's been discussed before?
>
> Best,
> joelh
>
>

-- 
All programmers are playwrights, and all computers are lousy actors.

#define sizeof(x) rand()
:wq

Re: Is ISC License considered DFSG free?

[Paul Tagliamonte]

Quote me on this:

ISC meets the DFSG, with my ftp hat on.

On Oct 22, 2016 12:46 PM, "Ben Finney"  wrote:

> Jari Aalto  writes:
>
> > Excellent summary Ben.
>
> Thank you for saying so.
>
> > Do you think, if it would be good if I added note about ISC license to
> > the Debian License information page[1] and point it to this thread for
> > future reference?
>
> No, I think my assessment is one person's opinion. It is based on no
> legal expertise. What you propose would give it too much authority.
>
> Better to seek a package using these license terms that the FTP Masters
> have expressed a position on; if that doesn't exist, mine is not a
> substitute :-)
>
> --
>  \“Good judgement comes from experience. Experience comes from |
>   `\  bad judgement.” —Frederick P. Brooks |
> _o__)  |
> Ben Finney
>
>

Re: Status of US Government Works in foreign countries

[Paul Tagliamonte]

[ The following is the views of me, personally. They are not the views
  of either the Debian FTP Team, nor those of the US Federal Government,
  my employer ]

On Mon, Jan 11, 2016 at 09:35:15PM +0100, Rytis wrote:
> US Goverment public domain issue has been discussed a few times in this
> mailing list [1]. According to the interpretation by [2], this would
> fall into public domain abroad as well and second part of the above
> licence snippet may be unenforceable.

So, I mean, the US Federal Government *can* hold copyrights of works
they have not created, and US Copyright does, in fact, carve out all
rights for works produced by the Federal Government outside the US.

Folks doing modern things in Government do something like[1]

> As a work of the United States Government, this project is in the public
> domain within the United States.
> 
> Additionally, we waive copyright and related rights in the work
> worldwide through the CC0 1.0 Universal public domain dedication.

[1]: 
https://github.com/department-of-veterans-affairs/caseflow/blob/master/LICENSE.md

Asking them to include such a notice would be neato. You can point them
to the work being done by 18F and USDS if you need to show them it's
fine.

FWIW, the Census people (I've interacted with them in the past) are real
cool.

> I wonder therefore whether it is legally sound to state licence as
> 'public-domain' for the package and include the licence and disclaimer
> text from the website. Would the package under this license qualify as
> free, non-free or should be outside Debian?

Yeah, so, most Government folks are actually nice. You should email them
and say that you're interested in using the data / software that's
distributed outside the strict boundries of the USA.

That being said, I've *never* heard of the US Government enforcing this,
ever. That's not to say someone won't think that's a fun idea. Because,
trust me, someone will.

If it weren't an ethics conflict, I'd even email them and ask myself.

> In my view, libtnt package in the main repo may be the one setting a
> precedent here as it refers to the same (17 U.S.C §105), although its

precedent is meaningless - if anything, it just means the other package
gets pulled along with the new one :P

> licence does not specify restrictions to foreign countries.
> 
> [1] https://lists.debian.org/debian-legal/2005/04/msg00164.html
> [2] https://lists.debian.org/debian-legal/2005/04/msg00300.html
> 
> Rytis
> 

Cheers,
  Paul


signature.asc
Description: PGP signature

Re: Non-Free SGML entity files

[Paul Tagliamonte]

In that copyright file I see an email (did anyone followup)?

At 12:51 PM 3/22/99 -0500, Adam Di Carlo wrote:

>Hello. I have the responsibility of assessing the current copyright
>of W3C DTDs accompanying your specifications, on behalf of the Debian
>project . Interesting question Adam!
>I would think that the W3C is
>happy to allow derivative DTDs so long as they don't represent
>themselves as W3C standards? If so, would it be possible to get
>clarification about the licensing and rights granted for DTDs?

You are right with respect to our general approach. I suspect that as long
as the DOCTYPE is different from our own, and they attribute it as a work
derived from W3C, we'd give permission. Let me bounce this off a few folks
here, and I'll get you a definitive answer shortly.
On Nov 30, 2015 10:01 PM,  wrote:

> > [C]an someone reply with a bad source package (or d/copyright file)
> > that we can evaluate in main?
>
> Here is sgml-data's copyright file:
> <
> http://ftp-master.metadata.debian.org/changelogs//main/s/sgml-data/sgml-data_2.0.10_copyright
> >.
>
> Here is the source of sgml-data:
> <
> http://http.debian.net/debian/pool/main/s/sgml-data/sgml-data_2.0.10.tar.xz
> >.
> Offending files are in sgml/entities/sgml-iso-entities*/. Also, files
> in xml/entities/xml-iso-entities-8879.1986 are derived from files with
> the same licence.
>
> The files and files derived from them are in other packages as well.
>
>
>

Re: Non-Free SGML entity files

[Paul Tagliamonte]

On Mon, Nov 30, 2015 at 09:20:21PM -0500, Paul Tagliamonte wrote:
> I'm cc'ing the rest of the ftp-master team; can someone reply with a bad 
> source
> package (or d/copyright file) that we can evaluate in main?

(actually cc'ing them now)


signature.asc
Description: PGP signature

Re: Non-Free SGML entity files

[Paul Tagliamonte]

On Mon, Nov 30, 2015 at 11:23:22PM +0100, Francesco Poli wrote:
> Any other debian-legal regular willing to share his/her opinion?

Without looking further into it (anyone have a source package I can look
at?), any license that restricts use to only that of implementing a
standard (and not modification nor derived works) is not fit for main.

I've seen similar stuff out of IETF-land (RFCs are non-free by default
because of a simialr restriction), and somewhere else. 

I've totally seen this type of stuff in NEW before. I have been rejecting them.

Stuff like Unicode docs, too, IIRC.


I'm cc'ing the rest of the ftp-master team; can someone reply with a bad source
package (or d/copyright file) that we can evaluate in main?

Thanks a ton!
  Paul


signature.asc
Description: PGP signature

Re: Status of CC-BY 3.0/4.0?

[Paul Tagliamonte]

CC-BY-SA 3.0, CC-BY-SA 4.0 are both DFSG free.

CC-BY-SA 2.5 is not.

Any CC license with -NC is nonfree.

Thanks!
  Paul

On Sun, Nov 1, 2015 at 6:11 AM, Oleksandr Gavenko 
wrote:

> https://wiki.debian.org/DFSGLicenses have no conclusion about CC-BY
> 3.0/4.0
> licenses.
>
> My system (up to date testing) already have CC-BY packages:
>
>   $ cat /usr/share/doc/*/copyright | command grep -i ^license:.*CC | sort
> | uniq -c
>
>  ...
>  10 License: CC-BY
>  33 License: CC-BY-3.0
>   1 License: CC-BY-3.0-US
>  ...
>
> Most notable application that uses CC-BY-3.0 is Deluge BitTorrent client:
>
>   Files: deluge/deluge/ui/web/icons/*
>   Copyright: Furgue icons from http://pinvoke.com/
>   License: CC-BY-3.0
>
> Search in debian-legal list shown that topic question already was asked
> several times. Summary is follow:
>
>   https://lists.debian.org/debian-legal/2014/04/msg00027.html
> My own personal opinion is that CC-by-sa-v4.0 fails to meet the DFSG.
> ...
> Debian ftp masters seem to disagree with me on CC-v3.0 licenses: they
> seem to think that CC-by-sa-v3.0 and CC-by-v3.0 are acceptable for
> Debian main.
>
>   https://lists.debian.org/debian-legal/2014/04/msg00032.html
> Reading them side-by-side: (CC-BY-SA 3.0 and 4.0)
> 
> So it's no worse than 3.0 and I don't remember what I thought of that
> :-)
> > [2]: https://wiki.debian.org/DFSGLicenses
> I'll update that now.
>
>   https://lists.debian.org/debian-legal/2013/08/msg00015.html
> Secondly, it's true that FTP-masters currently accept works licensed
> under CC-by-sa-v3.0 and under CC-by-v3.0 into Debian main.
>
>   https://lists.debian.org/debian-legal/2010/01/msg00084.html
> AFAICT, the status is as follows:
>   a) works licensed under the terms of CC-by-v3.0 seem to be currently
>  accepted by FTP-masters as DFSG-free
>   b) some people (mostly myself!) disagree with this conclusion and
> have
>  explained their position repeatedly on this list and elsewhere,
> but
>  (unfortunately!) failed to gain consensus
> ...
> as far as the Debian Project is concerned, is the FTP-masters' one:
> they
> are the real decision-makers.
>
>   https://lists.debian.org/debian-legal/2010/01/msg00085.html
> Re: is CC BY 3.0 DFSG-free, again
> I don't know which previous discussions you refer to, but reviewing the
> licenses, the *only* difference I see between CC BY 3.0 and CC BY-SA
> 3.0 is
> that CC BY-SA includes an *additional* restriction relative the CC BY
> (the
> copyleft requirement).
>
> Therefore, if CC BY-SA 3.0 is ok, CC BY 3.0 is also ok.
>
> While I can't find official decision about CC-BY 3.0/4.0 it seems
> acceptable
> with only complain from single person (see above quotations).
>
> Main problem with this issue is NEED TO SEARCH OVER MAIL LIST FOR EACH
> interested person. I personally spent 1 hour to figure out state of license
> (that it currently is acceptable).
>
> Please may any update https://wiki.debian.org/DFSGLicenses page to
> describe
> current practice for CC-BY 3.0/4.0?
>
> I can do it myself but afraid edit wars.
>
> Also I frustrated with docs:
>
>
> https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/#license-short-name
>
> Why include shortening for CC-BY-NC and CC-BY-ND? Or this abbreviation for
> packages from 'non-free' section?
>
> Please don't remove my CC, as I am not subscribed to list.
>
> --
> Best regards!
>
>


-- 
All programmers are playwrights, and all computers are lousy actors.

#define sizeof(x) rand()
:wq

Re: Status of CC-BY 3.0/4.0?

[Paul Tagliamonte]

BY without SA is fine. ND and NC are not.

Its basically copyleft vs permissive. Non-SA works don't ensure derived
works are also in the Commons.
On Nov 1, 2015 3:22 PM, "Oleksandr Gavenko" <gaven...@gmail.com> wrote:

> On 2015-11-01, Paul Tagliamonte wrote:
>
> > CC-BY-SA 3.0, CC-BY-SA 4.0 are both DFSG free.
> >
> > CC-BY-SA 2.5 is not.
> >
> > Any CC license with -NC is nonfree.
> >
> I already known that info, it present on
>
>   https://wiki.debian.org/DFSGLicenses
>
> My question about:
>
> > On Sun, Nov 1, 2015 at 6:11 AM, Oleksandr Gavenko <gaven...@gmail.com>
> > wrote:
> >>
> >> describe current practice for CC-BY 3.0/4.0?
>
> CC-BY is different from CC-BY-SA:
>
>   https://creativecommons.org/licenses/by/3.0/
>
>   https://creativecommons.org/licenses/by-sa/3.0/
>
> --
> Best regards!
>

Re: Expat + exception = DFSG-compatible?

[Paul Tagliamonte]

This is not a DFSG free license, and it will be rejected from NEW if it's
sent there :)

Cheers,
  Paul

On Tue, Oct 13, 2015 at 2:54 AM, Dmitry Smirnov  wrote:

> Hi everyone,
>
> I'm seeking second opinion regarding mutation of the Expat license that can
> be found in [1]. In particular, author added the following clause:
>
> The Software shall not be used nor made available to TESTTailor or any
> individual or organization related or operated by Adarsh Mehta from
> Germany; some people just don't deserve free work to be made available
> to them.
>
> Do we consider this as DFSG compatible license?
>
> IMHO it is a DFSG-compatible license because added clause is not a
> restriction for field of endeavour but a termination clause similar to GPL
> ones except that is is explicitly added to the license in order to
> blacklist
> a known offender.
>
> Any thoughts?
>
> Thanks.
>
> [1]: https://github.com/martin-denizet/redmine_login_audit#license
>
> --
> Cheers,
>  Dmitry Smirnov.
>
> ---
>
> The great enemy of the truth is very often not the lie -- deliberate,
> contrived and dishonest, but the myth, persistent, persuasive, and
> unrealistic. Belief in myths allows the comfort of opinion without the
> discomfort of thought.
> -- John F Kennedy
>



-- 
All programmers are playwrights, and all computers are lousy actors.

#define sizeof(x) rand()
:wq

Re: Expat + exception = DFSG-compatible?

[Paul Tagliamonte]

It can not.

Thanks,
  Paul

On Tue, Oct 13, 2015 at 10:16 AM, Dmitry Smirnov <only...@debian.org> wrote:

> On Tuesday 13 October 2015 09:31:03 Paul Tagliamonte wrote:
> > This is not a DFSG free license, and it will be rejected from NEW if it's
> > sent there :)
>
> Understood, thanks. But my question really is whether it can be re-phrased
> to
> blacklist/mention known offender(s) in a DFSG-compatible manner and how...
>
> --
> Regards,
>  Dmitry Smirnov.
>
> ---
>
> Truth — Something somehow discreditable to someone.
> -- H. L. Mencken, 1949
>



-- 
All programmers are playwrights, and all computers are lousy actors.

#define sizeof(x) rand()
:wq

Re: GPL + question

[Paul Tagliamonte]

 actually agree, but are poorly expressing it :)

Cheers,
  Paul


-- 
 .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Re: GPL + question

[Paul Tagliamonte]

On Fri, May 29, 2015 at 09:32:12AM +0200, Ole Streicher wrote:
 Hi,
 
 I just had a discussion with an ftp-master who rejected one of my
 packages. The package in question is missfits. It contains a
 directory, src/wcs/ with files that were originally released by Mark
 Calabretta under LGPL-2+, but changed by the upstream author (Emmanuel
 Bertin) and released in the package under GPL-3+.

Upstream authors can't change licensing of any files, under any
conditions, ever.

If I say a file is GPLv2+, it is forever GPLv2+, even if it's combined
with a GPLv3 work, in that case the *files* are still GPLv2+, that other
file is a GPLv3 work, and the *combined work* is distributed under the
terms of the GPLv3, since it satisfies the license of every file in the
combined / derived work.

 debian/copyright currently mentions only GPL-3+ for the whole package.

Yeah, debian/copyright isn't what the binary is distributed under, it's
what the source licenses are.

If it had MIT/Expat code, you'd still need it in debian/copyright if the
other files are GPLv2+

 The ftp-master now asked me to add GPL-2+ for these files to
 debian/copyright. But I think that this would be wrong, since the files
 under src/wcs are not distributable under GPL-2+ (because they contain
 GPL-3+ code from Emmanuel Bertin).

Nah, it's wrong because you said LGPLv2+, adding it sounds right.

Just because files are being combined in such a way that they're
distributed under different terms than some of the files doesn't mean we
exclude them.

Just like Expat is contained within BSD-3. Or ISC is contained in Expat.
You still need all three, since that's the licese for the file.

Only the copyright holder can change what a *work* is licensed as.
Anyone can distribute a derived work inline witht he terms of their
license. That may also contains other terms as well.

 Do I miss an important point here?
 
 Best regards
 
 Ole

Cheers,
 Paul

-- 
:wq


signature.asc
Description: Digital signature

Re: GPL + question

[Paul Tagliamonte]

On Fri, May 29, 2015 at 10:41:58PM +1000, Riley Baird wrote:
 But there are multiple works being combined into the one file. So some
 parts of the file are GPLv2+ and other parts of the file are GPLv3. The
 file as a whole can only be distributed under GPLv3.

the terminology being thrown around was so confusing I had to look at the
source to see what was actually going on here :)


There was *one* work, which *was* LGPL. By an author. They published
it on their own.

This work will forver be LGPL.

The author of this package took that source, and *modified* it
(modified, *not* combined). This modified work is distributed as
GPLv3.

I don't see the point in adding LGPL, *IFF* the works *ARE* modified
and derived works. Not just straight copy-paste. I'd be interested
in what changes took place, I don't see any marking of it.

Defer to the ftp-master who processed it. Ask them for clarification
(feel free to point to this mail)


In the case where two works are combined into one file - this is
functionally compilation (at least not the preferred form of
modification, which means it's *not* source)

This doesn't appear to be the case, this looks like LGPLv2.1+ files were
modified by someone licensing their changes under GPLv3+, which is
legit. I believe treating this file as GPLv3+ is fine / good enough.

Cheers,
  Paul

-- 
 .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Re: GPL + question

[Paul Tagliamonte]

On Fri, May 29, 2015 at 03:09:34PM +0200, Ole Streicher wrote:
 Same for me. However: the (L)GPL allows even an unmodified
 redistribution under a later license.

This is key -- redistribution. It doesn't change the license. If I get
this file after you say it's GPLv3, it's still LGPLv2.1+ to me if I
remove it from other works that change the distribution terms (unless
it's been modified, in which case the licensing of the work on the whole
changes, and yadda yadda yadda)

I originally thought there was a different question being asked; sorry
about that (the terms used and not looking at the source didn't help :))

 It is up to upstream to decide
 whether he chooses the original or a later one. And since I take these
 files from upstream, not from the original author, I am bound to his
 decision, independently whether the files are modified or not.

Unmodified, the license of the works is unchanged, even if we
*distribute* under a different one.

 Therefore, if he chooses to redistribute the files in src/wcs/ under
 GPL-3+, than this is the license for these file, and it should be
 documented as such under debian/copyright. And in this case, the
 redistribution under a GPL-3+ is clear (by adding the according
 statement to the file headers).
 
  This doesn't appear to be the case, this looks like LGPLv2.1+ files were
  modified by someone licensing their changes under GPLv3+, which is
  legit. I believe treating this file as GPLv3+ is fine / good enough.
 
 The reason here is not modification (although it makes this case clear),
 but redistribution. Upstream has chosen to redistribute the files under
 GPL-3+, and if we want to use these files, we have to respect this.
 
 Best regards
 
 Ole

-- 
 .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Re: GPL + question

[Paul Tagliamonte]

On Fri, May 29, 2015 at 04:06:52PM +0200, Ole Streicher wrote:
 Paul Tagliamonte paul...@debian.org writes:
  On Fri, May 29, 2015 at 03:09:34PM +0200, Ole Streicher wrote:
  Same for me. However: the (L)GPL allows even an unmodified
  redistribution under a later license.
  This is key -- redistribution. It doesn't change the license.
 
 It does. Just look into the license (resp. the header, for simplicity):

No, it doesn't.

|   Each version is given a distinguishing version number. If the
| Library as you received it specifies that a certain numbered version
| of the GNU Lesser General Public License or any later version
| applies to it, you have the option of following the terms and
| conditions either of that published version or of any later version
| published by the Free Software Foundation.

Note this says you have the option of following the terms and conditions of
the version noted, *or* any later version, *not* that you relicense, you can
just follow different terms.

This means you can redistribute under the terms of whatever, but not relicense.

To relicense implies you hold copyright, since only the copyright holder
can license their works, even copylefted works.

 | you can redistribute it and/or modify it under the terms of the GNU
 | General Public License as published by the Free Software Foundation;
 | either version 2 of the License, or (at your option) any later version.
 
 So, redistribution may change the license.

No, you may redistribute it under different terms, *not* relicense. You may
*use* GPLv2+ as GPLv3+, *BUT* the original work is *STILL* GPLv2+, since
you can't relicense works.

To relicense implies you hold copyright, since only the copyright holder
can license their works, even copylefted works.



Snipping the rest, this seems to be your major point of confusion.

Cheers,
  Paul


-- 
 .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Re: GPL + question

[Paul Tagliamonte]

On Fri, May 29, 2015 at 05:43:21PM +0200, Ole Streicher wrote:
 Paul Tagliamonte paul...@debian.org writes:
  I don't know any jurisdiction where I can take a work of yours and now
  claim I have the rights to it under a different license.
 
 Apple did, as I have shown. I think they have good lawyers.

Or a CLA. Or breaking copyright law. Or modified the work and distribute
it under a superset of the old terms. Or or or :)

(FWIW, BSD-alikes deal perfectly fine with further restrictions so long
 as their terms are met; GPL does not.)

 Best
 
 Ole

For further clarification, I'd suggest asking the FSF about the
differences in relicensing vs redistributing under the GPL/LGPL.

Cheers,
  Paul


-- 
#define sizeof(x) rand()
/paul
:wq


signature.asc
Description: Digital signature

Re: GPL + question

[Paul Tagliamonte]

On Fri, May 29, 2015 at 05:11:12PM +0200, Ole Streicher wrote:
 Again: please provide a reference for this. The copyright holder has
 surely the initial right to license his work, but I don't see a reason
 why he can't transfer this.

Via copyright asignment, not licensing, unless the license includes a
copyright asignment to an entity.

 It is also wrong for the changed case that we have: If only the
 copyright holder (Mark Calabretta) had the right to change the license,
 then the files in question could not have been modified and distributed
 under the GPL-3+ license by the upstream author (Emmanuel Bertin) --

They *can* since the work as modified *can* be distributed under the
terms of the GPLv3+, *without* changing the original work's license, but
the *file* can be distributed as GPLv3+, since that's the minimum
license needed to comply with all parts.

 since even the modified files are still copyrighted by Mark, so the
 Emmanuel alone could not change their license. This is, however, against
 the idea of the + in the GPL versions.

No, it's really not.

 Therefore, please show a proof that only the copyright holder can change
 the license.

Wat? Copyright statute? What jurisdiction? If you want to fight this, I
suggest you get a lawyer, I don't know any jurisdiction where I can take
a work of yours and now claim I have the rights to it under a different
license.


The proof is on you -- where does it say you can relicense someone
else's copyrighted work / IP? Not *redistribute*, *relicense*.


Cheers,
  Paul

-- 
 .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Re: GPL + question

[Paul Tagliamonte]

Please end this thread, it's getting nuts. Ask the FSF if you're still unclear.

Thanks,
  Paul

On Fri, May 29, 2015 at 11:41 AM, Paul Tagliamonte paul...@debian.org wrote:
 On Fri, May 29, 2015 at 05:11:12PM +0200, Ole Streicher wrote:
 Again: please provide a reference for this. The copyright holder has
 surely the initial right to license his work, but I don't see a reason
 why he can't transfer this.

 Via copyright asignment, not licensing, unless the license includes a
 copyright asignment to an entity.

 It is also wrong for the changed case that we have: If only the
 copyright holder (Mark Calabretta) had the right to change the license,
 then the files in question could not have been modified and distributed
 under the GPL-3+ license by the upstream author (Emmanuel Bertin) --

 They *can* since the work as modified *can* be distributed under the
 terms of the GPLv3+, *without* changing the original work's license, but
 the *file* can be distributed as GPLv3+, since that's the minimum
 license needed to comply with all parts.

 since even the modified files are still copyrighted by Mark, so the
 Emmanuel alone could not change their license. This is, however, against
 the idea of the + in the GPL versions.

 No, it's really not.

 Therefore, please show a proof that only the copyright holder can change
 the license.

 Wat? Copyright statute? What jurisdiction? If you want to fight this, I
 suggest you get a lawyer, I don't know any jurisdiction where I can take
 a work of yours and now claim I have the rights to it under a different
 license.


 The proof is on you -- where does it say you can relicense someone
 else's copyrighted work / IP? Not *redistribute*, *relicense*.


 Cheers,
   Paul

 --
  .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
 : :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
 `. `'`  http://people.debian.org/~paultag
  `- http://people.debian.org/~paultag/conduct-statement.txt



-- 
:wq


-- 
To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/cao6p2qqdbfbxp-w4amfwn0q0n_reh4zs+aqwygggevfzfs+...@mail.gmail.com

Re: License for Debian Maintainer Scripts

[Paul Tagliamonte]

On Tue, Mar 31, 2015 at 02:28:40PM +0100, Ian Jackson wrote:
 Ben Finney writes (Re: License for Debian Maintainer Scripts):
  For free software, this forum normally recommends that the Debian
  packaging copyright holders should choose to grant the same license to
  the Debian packaging files as the general license for the upstream work.
 
 I disagree both with this recommendation, and with the assertion that
 we normally recommend using the same licence for Debian packaging as
 upstream use for the program.

This makes sense for cases where you have patches which are creative;
I've seen a lot of GPL'd debian/* files, and patches against a BSD-4
codebase. I question this, and it'd also prevent upstream from taking it
in.

In the case where you're not using the least common denominator of
licensing (BSD-2, Expat, ISC) for debian/*, matching it to upstream *is*
good advice.

Either way, I stand by my email in 20150330190830.ga12...@helios.pault.ag,
and 'check the copyright file' is the best advice for the original
question.

Cheers,
  Paul

-- 
 .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Re: Free as in speech, but not as in beer

[Paul Tagliamonte]

Please re-read my last mail on this thread.

This conversation is going in circles.

Thanks,
  Paul

On Tue, Mar 31, 2015 at 4:38 PM, Paul van der Vlis p...@vandervlis.nl wrote:
 Op 24-03-15 om 21:21 schreef Don Armstrong:
 On Tue, 24 Mar 2015, Paul van der Vlis wrote:
 Op 24-03-15 om 18:38 schreef Paul R. Tagliamonte:

 Unless it allows modification and redistribution of this (and we do so),

 What when the DD who packages it, would package it with the 5 user
 limitation?

 If it was actually AGPLed in its entirety, the maintainer would just
 remove code which enforced the 5 user limitation.

 Next step would be a friendly question from the developper to remove the
 software from Debian.

 Do you know an example of software what is distributed by Debian when
 it's clear the development team behind it, doesn't want that?

 cut

 In any event, without particular licenses

 The license is clear, it's plain AGPL.

 and source files, we're having
 an academic discussion without concrete information or relation to
 Debian, which isn't on topic for debian-legal.

 I've spoken to the developer and he does not want the name of his
 program into this discussion. In his opinion the question is clear.
 He thinks it would make the name of his new program dirty.

 I think you can say: Debian does not want any software at this moment
 what's not free as in beer.

 The problem is, that such software does not fit in any of the existing
 repositories. The correct place of this program would be in main, but
 people expect free as in beer software there. Myself included.

 With regards,
 Paul van der Vlis.


 --
 Paul van der Vlis Linux systeembeheer, Groningen
 http://www.vandervlis.nl/




 --
 To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
 with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
 Archive: https://lists.debian.org/mff0ju$kih$1...@ger.gmane.org




-- 
All programmers are playwrights, and all computers are lousy actors.

#define sizeof(x) rand()
:wq


-- 
To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/cao6p2qse+5qa9d5mycsj4psit1ouiug5phu52x3xw9avqsc...@mail.gmail.com

Re: Free as in speech, but not as in beer

[Paul Tagliamonte]

All of this is outside the scope of -legal. If you want to discuss
this, please bring this to -project.

Thanks.
  Paul

On Tue, Mar 31, 2015 at 5:25 PM, Paul van der Vlis p...@vandervlis.nl wrote:
 Op 31-03-15 om 22:40 schreef Paul Tagliamonte:
 Please re-read my last mail on this thread.

 This conversation is going in circles.

 I bring 4 new points in the discussion in this mail.

 1:

 I've spoken to the developer and he does not want the name of his
 program into this discussion. In his opinion the question is clear.
 He thinks it would make the name of his new program dirty.

 2:

 I think you can say: Debian does not want any software at this moment
 what's not free as in beer.

 3:

 The problem is, that such software does not fit in any of the existing
 repositories. The correct place of this program would be in main, but
 people expect free as in beer software there. Myself included.

 4:

 Do you know an example of software what is distributed by Debian when
 it's clear the development team behind it, doesn't want that?

 With regards,
 Paul van der Vlis.


 --
 Paul van der Vlis Linux systeembeheer, Groningen
 http://www.vandervlis.nl



-- 
All programmers are playwrights, and all computers are lousy actors.

#define sizeof(x) rand()
:wq


-- 
To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/cao6p2qqd65tpvwvtefunvfdue8wvmt2kc1goq8vo0e-g3ov...@mail.gmail.com

Re: License for Debian Maintainer Scripts

[Paul Tagliamonte]

On Mon, Mar 30, 2015 at 11:56:57AM -0700, Micheal Waltz wrote:
 Is there a license that maintainer scripts for packages fall under? I'm
 wondering about anything under /debian for a package, specifically postinst,
 postrm, etc type scripts.

Check the package copyright file. It should be noted in there.

Cheers,
  Paul

-- 
 .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Re: Free as in speech, but not as in beer

[Paul Tagliamonte]

[Right, so I'm with Don; concrete examples here help]

This is not the opinion of any organization I'm in, this is purely my
reading.

General notes I'm going to leave here because folks who think this way
can skip it and see my reading


 - DFSG freenes is applied to *licenses*. Notice everything in the DFSG
   starts with 'the license'. Software freeness is kinda a silly
   concept, and we should rather think about User freeness. Licenses
   that define redistribution protect users, not software. We therefore
   regulate and talk about licenses, not software (directly)

  - DFSG tests are to be applied to licenses, not software.


On Tue, Mar 24, 2015 at 07:23:32PM +0100, Paul van der Vlis wrote:
 Op 24-03-15 om 18:38 schreef Paul R. Tagliamonte:
  Unless it allows modification and redistribution of this (and we do so),
  its not dfsg free.
 
 Modefication and redistributing is allowed because it's pure AGPL v.3.

If it's pure AGPL; it's a DFSG free work. As far as I'm concerened, this
is the end of the story. What we do and do not patch, well, that's up to
the maintainer.

It's worth verifying that the license is in fact pure AGPL, and not
'freemium' or 'open core'.

 But the creator would not like it when the 5-user restriction would be
 removed and then redistributed by Debian, I expect.

This is partially a troll, but mostly to drive home a point.

Technically speaking, I don't have a problem with leaving it in.
The big objection that I'm going to feel here is that it restricts
use of the software -- but this is *not* present in the license,
rather, it's implemented in code, in a work that is DFSG free, and
may be patched out without issue.

I don't think a *feature* that's part of a DFSG free work that
infringes on user freedom inherently causes a DFSG freeness issue.

I do, however, strongly believe that this messes with the spirit of the
license, and I wish the author would find an alternate monetization
technique, rather than trying to *create* a power dynamic that free
software intends to solve (namely; subjecting users to a single central
entity to their rules by denying them freedom)

 ( When some organizations with less money would do that themselves, it
 would not be a problem. )
 
 Is this the way Debian handles programs what are not free as in beer?

We have no mechanism to charge users for programs. Some may say this is
a feature, others might claim it's a failure.

I do, however, believe that some of this is not entirely about DFSG
freenes, but the spirit of what we're doing in Debian - namely, how is
this work adding to liberated users.

 With regards,
 Paul van der Vlis.


Toodles,
  Paul

-- 
 .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Re: Strange legal notice in AllJoyn (from Qualcomm)

[Paul Tagliamonte]

INAL, etc

On Fri, Oct 10, 2014 at 10:23:09PM +0100, Cleto Martín wrote:
 Hello!
 
 I'm studying to start a package for AllJoyn[1], a network middleware
 created by Qualcomm which is now hosted by the Linux Foundation.
 
 In general terms, this middleware is licensed under the Internet
 Software Consortium (ISC) terms, which seems to be good in terms of
 Debian Policy. However, I have found this notice within git repository [2]:
 
 ---8---
 
[BXA Export notice thinger here]
 
 ---8---
 
 Sounds me like a non-free clause. I have had a look at [3] but I'm not
 sure if actually is the same case, so I doubt if I could follow the
 procedure explained there. Is this a non-free clause or we have similar
 cases in the past?

Well, lucky for us, it's not in the license that we *must* comply with
BXA - seems to just be a nice note informing distributors. I believe
that [3] still applies to this -- I don't see this as something they're
trying to write into the license terms :)

 
 Many thanks,
  cleto.
 
 [1]: https://www.alljoyn.org
 [2]: https://git.allseenalliance.org/cgit/core/alljoyn.git/tree/README.md
 [3]: https://www.debian.org/legal/cryptoinmain

Should be fine!
  Paul

-- 
 .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Re: [PHP-QA] Debian and the PHP license

[Paul Tagliamonte]

debian-legal isn't the body that makes this decision, you might want
ftpmas...@ftp-master.debian.org

Thanks,
  Paul

On Tue, Jul 29, 2014 at 10:47 AM, Ferenc Kovacs tyr...@gmail.com wrote:



 On Tue, Jul 29, 2014 at 3:55 PM, James Wade jpsw...@gmail.com wrote:

 Hi all,

 There seems to be some confusion over the PHP License.

 We had this bug report into a PEAR project which outlines that Debian
 cannot include any projects that fall under the PHP License.

  * https://pear.php.net/bugs/bug.php?id=20172

 You will find details of the reason behind it here:

  * https://ftp-master.debian.org/REJECT-FAQ.html

You have a PHP add-on package (any php script/app/thing, not PHP
itself) and it's licensed only under the standard PHP license. That
license, up to the 3.x which is actually out, is not really usable
for anything else than PHP itself. I've mailed our -legal list about
that and got only one response, which basically supported my view on
this. Basically this license talks only about PHP, the PHP Group,
and includes Zend Engine, so its not applicable to anything else.
And even worse, older versions include the nice ad-clause.
One good solution here is to suggest a license change to your
upstream, as they clearly wanted a free one. LGPL or BSD seems to be
what they want

 After a quick search, I quickly found that this isn't an isolated case...

  * https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=728196
  * https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=752530
  * http://pear.php.net/bugs/bug.php?id=20316
  *
 https://www.mail-archive.com/debian-bugs-rc@lists.debian.org/msg362847.html
  * https://github.com/nicolasff/phpredis/issues/384

 Judging by the email to legal sent almost a decade ago this situation is
 in need of a review...

  * https://lists.debian.org/debian-legal/2005/08/msg00128.html

 I can't understand this line of thought in this context:

GPL enforces many restrictions on what can and cannot be done with
the licensed code. The PHP developers decided to release PHP under a
much more loose license (Apache-style), to help PHP become as
popular as possible.
- http://php.net/license/

 I also read that Rasmus Lerdorf issued a statement which said that the PHP
 license is pretty much identical to the Apache license.

  * http://pear.php.net/manual/en/faq.devs.php

 I've also discovered that this is not the first instance that this issue
 has been discussed:

  * http://lwn.net/Articles/604630/

 All this has raised some questions:

 1. Is 'The PHP License, version 3.01' an Open Source license, certified by
 the Open Source Initiative? Their website only lists 'PHP License 3.0
 (PHP-3.0)'.
 2. When was 'The PHP License, version 3.01' released?
 3. Can 'The PHP License, version 3.01' be used for anything other than PHP
 itself?
 4. Are there any legal implications of changing a project from 'The PHP
 License, version 3.01' to LGPL or BSD?
 5. Is the PHP license clear enough to ensure that it is correctly applied
 to extensions?
 6. Why would the (Apache-style) PHP License be listed by Debian as a
 'serious violation' yet the Apache license is not?

 Thanks.


 Hi,

 please see the thread at
 http://comments.gmane.org/gmane.comp.php.pecl.devel/11046 and if you want to
 reply I think pecl-dev@ is a better place than php-qa@
 Most of your links are old and some of the previous problems claimed by
 debian was addressed with php license version 3.01.
 from the replies on the debian mailing lists it seems that this decision on
 dropping any project using the php license distributed outside of php-src is
 controversial to say the least.
 I've tried to start a discussion to find some kind of resolution, but most
 of the replies from php-dev side was that the current license is fine, and
 we don't need to change anything, while we didn't got any reply from the
 debian-legal (apart from the mail from Francesco Poli who explicitly stated
 that not part of the debian project and not speaking on behalf of it).

 Based on the lack of clarification and cooperation from their side, I think
 the consensus on our part will be to keep everything as-is, and at the end
 of the day, it is up to the package maintainer to decide if they take the
 advice from the debian package maintainers and change the license for their
 project.

 --
 Ferenc Kovács
 @Tyr43l - http://tyrael.hu



-- 
All programmers are playwrights, and all computers are lousy actors.

#define sizeof(x) rand()
:wq


--
To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/cao6p2qscni8ha54jmd6rqs7uox9xaljugj0+smqtjnputkd...@mail.gmail.com

Re: [PHP-QA] Debian and the PHP license

[Paul Tagliamonte]

On Tue, Jul 29, 2014 at 05:20:21PM +0200, Ferenc Kovacs wrote:
If you feel to dispute this please take your *well-formed* and
*well-thought* arguments to debian-legal.

... to discuss it. d-legal is a proper venue for *discussing* it, but
it's not the right one to discuss the actual critera for archive
fitness. 

Which is likely why you didn't get a reply.

So I was under the impression that debian-legal is the correct list to
contact.

debian-legal has no delegated authority to make such decisions for the
archive.

From the mails from Ondřej it seems that the reject decision was made by
the ftpmaster team, but as the argument for the decision was a legal one,
so I think that debian-legal is appropriate.

... to discuss it. Not decide on critera.

--
Ferenc Kovács
@Tyr43l - [4]http://tyrael.hu

Cheers,
  Paul

-- 
 .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Re: Can I have a look at the newer mail sent to BIS and NSA?

[Paul Tagliamonte]

On Wed, Jun 18, 2014 at 06:16:50PM +0900, AOKI Akio wrote:
 Hi there,
 Can I have a look at the newer e-mail which Debian Project 
 actually sent to BIS and/or NSA as notification for license 
 exception TSU of EAR ? 
 
 I'm sorry to send the same query two times with a different 
 subject. The first one is the following and I got no reply for that.
 
 https://lists.debian.org/debian-legal/2014/06/msg00010.html
 
 Best wishes,
 Akio Aoki

Such mail is archived on project servers, which we will give to BXA at
their request.

See https://www.debian.org/legal/cryptoinmain for more information.

That includes the template that dak logs. Check the dak source for more
information on when that's triggered.

Thanks,
  Paul

-- 
 .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Re: libbitcoin license - AGPL with clauses added by SFLC and FSF

[Paul Tagliamonte]

On Wed, May 21, 2014 at 06:06:38PM +0200, Jonas Smedegaard wrote:
  I can't figure out exactly what your previous concerns were but it's 
  good to hear that they're resolved.
 
 For the record, my concern was not the AGPL (I am a fan of that too, and 
 will most likely use it for my packaging work when Debian ships it in 
 common-licenses).  Rather, the licensing text itself forbids editing, 
 and previous revisions had the exceptions placed within the common AGPL 
 license - now it is properly placed before the common license.

It's not a change to the AGPL text, it's an Additional permission, as
defined by the (A)GPL. I see no issues, myself. In fact, it looks to
clarify an issue (by rounding down, not adding further restrictions)
that some consider to be problematic.

Also, for clarity's sake, the AGPL text wasn't changed, the LICENSE file
contains more than just the license. At least, that's what I guess by
glancing at this file for a few seconds. I could be wrong.

Cheers,
  Paul

-- 
 .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Re: Suspected X Server Copyright Infrigement

[Paul Tagliamonte]

On Mon, Apr 28, 2014 at 11:58:29AM +0200, Mateusz Jończyk wrote:
 Hello,
 Could You review the code in
 http://cgit.freedesktop.org/xorg/xserver/tree/hw/xfree86/modes/xf86cvt.c
 and
 http://cgit.freedesktop.org/xorg/xserver/tree/hw/xwayland/xwayland-cvt.c
 
 There is a comment that claims that it was based on some XLS spreadsheet. It 
 can be
 found currently at http://www.elo.utfsm.cl/~elo212/docs/CVTd6r1.xls (probably 
 the
 same version).

It looks like a pretty simple formula, is there a part of it which is
subject to copyright law that looks to be problematic?

Have you emailed the author of this xls file? Is he claiming copyright
over a mathmatical function and a few forms in an xls file?

This is creative, sure, but the creative part is the presentation -- the
actual xls script part, not the facts generated, nor the forumla used to
generate it.

I'd email the author to see what he says before going much further.

Cheers,
  Paul

-- 
 .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Re: CC-BY-SA-4.0

[Paul Tagliamonte]

On Tue, Apr 22, 2014 at 07:05:58PM +0100, Ian Jackson wrote:
 I have read it and my initial view is that it is DFSG-compatible.

(Not with my ftpteam hat on)


I read the changes from the last version, and none of the changes made
appear to affect it's suitability as a DFSG free license.

(I agree with Ian :) )

Cheers,
  Paul

-- 
 .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Re: CAcert Licensing and Inclusion in Debian main

[Paul Tagliamonte]

These certs were removed from Debian a month ago. Perhaps you'd be
interested in the recent thread on devel:

  https://lists.debian.org/debian-devel/2014/03/msg00375.html

Cheers,
  Paul


On Tue, Apr 01, 2014 at 09:58:33PM -0500, Michael Shuler wrote:
 Hello,
 
 I have reopened #687693, as I believe that I was in error by
 ignoring the CAcert Root Distribution License. I closed that bug in
 order to maintain status quo, but have continued to feel that I was
 wrong in doing so, based on several points in the Social Contract. I
 am seeking a legal determination on whether the CAcert RDL follows
 the DFSG or is non-free.
 
 Additional questions about CAcert's inclusion in ca-certificates
 were raised in #718434. As a result of those questions and history,
 Ubuntu removed CAcert's root certificates from ca-certificates and
 nss in LP: #1258286. Prompted by Ubuntu's removal, my understanding
 that that redistribution did not follow DFSG, and the other issues
 presented, I removed the CAcert root certificates from
 ca-certificates. #741561 is seeking a possible re-introduction of
 CAcert's roots in Debian and would require proper judgement on
 licensing, prior to proceeding.
 
 I am familiar with the premise that SSL certificates may be seen as
 un-copyrightable, however, CAcert has (I assume with legal advice)
 intentionally burdened their root certificates with a license which
 claims copyright, as well as, by several opinions, verbiage that
 makes it non-free.
 
 I strongly believe that ignoring the CAcert RDL, in order to
 maintain status quo, is not the ethical thing to do for Debian, and
 I would enjoy some legal guidance. Thanks for your time.
 
 
 https://bugs.debian.org/687693
 http://www.cacert.org/policy/RootDistributionLicense.php
 https://bugs.debian.org/718434
 https://bugs.debian.org/741561
 
 -- 
 Kind regards,
 Michael Shuler
 
 
 -- 
 To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
 with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
 Archive: https://lists.debian.org/533b7cd9.3070...@pbandjelly.org
 

-- 
 .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Re: Trilinos licensing

[Paul Tagliamonte]

On Fri, Mar 14, 2014 at 05:38:47PM +0100, Nico Schlömer wrote:
 Unfortunately, Trilinos' licensing is not exactly straightforward.

Alas; this happens.

 Most of it is BSD-licensed, part of if LGPL, with some contributions
 of other licenses mixed in;

Both of those licenses sound great and compatable. Provided it's not
BSD-4.

 more details on
 http://trilinos.org/?page_id=143. I've contacted Trilinos about what
 parts of Trilinos are concerned by those other licenses.
 
 What's you guys' opinion here, specifically when it comes to
 compatibility with Debian? (I could disable certain subpackages if the
 licensing does not concur with Debian's policies.)

https://www.debian.org/social_contract

contains the DFSG, our guidelines for free software works that are fit
for Debian's main archive section.

Licenses must be compatable with each other or the resulting work isn't
distributable.

 Cheers,
 Nico

Cheers,
  Paul

-- 
 .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Re: Trilinos licensing

[Paul Tagliamonte]

On Fri, Mar 14, 2014 at 05:38:47PM +0100, Nico Schlömer wrote:
 (I could disable certain subpackages if the licensing does not
 concur with Debian's policies.)

Whoops, missed this part. Both the binaries and source package must also
comply with these terms - which is to say, nonfree stuff in the source
package must be stripped.

Cheers,
  Paul

-- 
 .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Re: Trilinos licensing

[Paul Tagliamonte]

On Fri, Mar 14, 2014 at 08:59:06PM +0100, Nico Schlömer wrote:
  Both of those licenses sound great and compatable. Provided it's not
  BSD-4.
 
 It's 3-clause, so we're good.

Great :)

  https://www.debian.org/social_contract
 
  contains the DFSG, our guidelines for free software works that are fit
  for Debian's main archive section.
 
 I checked all licenses on http://trilinos.org/?page_id=143 and
 besides the BSD-3 clause and the LGPL 2.1, they appear to be either
 one of
 
* MIT

Provided this is MIT/Expat and not MIT/XFree86, which contains the 4th
clause of the BSD-4 (so-called advertising clause, which is GPL
incompatable)

* BSD 2-clause
* Apache 2.0
* GPL3 with Bison exception
* Public domain (not a license)

These look good. Apache2 is compatable with GPLv3+, but not v2 (due to
patent termination and indemnification provisions)


These are all free software licenses (except for PD, which should be
fine), and the resulting work looks to be freely licensed GPLv3+

 with copyright from various institutions. Can you say anything about
 their interoperability and Debian compatibility of those licenses?

It appears that this would be a freely licensed work with compatable
licenses. I'd need to take a closer look to be sure, but it looks great
if that's a full and complete listing of licensing terms.

 Cheers,
 Nico

Cheers,
  Paul

-- 
 .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Re: Trilinos licensing

[Paul Tagliamonte]

On Fri, Mar 14, 2014 at 09:14:39PM +0100, Nico Schlömer wrote:
 What about interoperability of Apache2 with LGPL2.1?

Here's a GPL-centric image to show off license interop with common
licenses:

http://4.bp.blogspot.com/_-REQ3wEST4I/TEc2k263n-I/Afo/lpwAI5Twml8/s1600/quick-guide-gplv3-compatibility.png

Also keep in mind GPLv3+ and LGPLv2.1 (hard) are not compatable.

Which is to say; it's likely not OK to combine apache2 and LGPLv2,
unless the apache2 and LGPL'd work are being linked, rather then
incorperated into the same binary, in which case it may be fine.
I'd have to re-read the LGPL exception text.

 I was also a little worried about the public domain disclaimer.
 After all, public domain is not a license and the copyright holder
 may choose to retract the software from PD at any moment

Wat. That's not a public domain dedication if they reserve any rights at
all. Indeed, this would fail a DFSG check, if they're actually asserting
the right to relicense something retroactively.

Someone needs to give this guy a wiki page on what public domain means?

 The Bison exception struck me as weird as well; I'd never come
 across anything like it.

The GPL has a neat clause wherein it allows you to disregard further
restrictions, so exceptions can only serve to relax any rules that the
GPL has -- which are *very* hard to use to create a nonfree work.

 --Nico

Cheers,
  Paul

-- 
 .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Re: Trilinos licensing

[Paul Tagliamonte]

On Fri, Mar 14, 2014 at 05:07:15PM -0400, Richard Fontana wrote:
 Why not? The traditional (though possibly retro-justified) theory of
 LGPLv2.x compatibility with GPLv2 is the 'convert to GPL' section 3 of
 LGPLv2.x

 (even though its requirements are almost never followed in
 any relevant situation). This says you can convert to later versions
 of the GPL.
 
 - Richard

It appears as though you're right. Is there a history of folks changing
this section to read like the GPLv2 (hard) to avoid the upgrade-ability
of the LGPLv2.1? (and wow, I've missed that for years, thanks, Richard)


Cheers,
  Paul

-- 
 .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Re: Trilinos licensing

[Paul Tagliamonte]

On Fri, Mar 14, 2014 at 06:42:54PM -0400, Richard Fontana wrote:
 Not that I can recall. I have encountered one, but only one, project
 that explicitly invoked this clause but I can't recall whether it
 arose out of a license compatibility issue or simply a desire to
 upgrade to GPL for its own sake.
 
  (and wow, I've missed that for years, thanks, Richard)
 
 You might like my FOSDEM 2014 talk on license compatibility or some
 parts of it at least. There's an amusing moment where I am informed
 that Ian Jackson is Ian Jackson. :)
 
 http://video.fosdem.org/2014/H2213/Sunday/Taking_license_compatibility_semiseriously.webm

I watched it after you suggested it over IRC, but indeed it's great
stuff. Others on the list may take interest in it indeed.

 - RF

Cheers,
  Paul

-- 
 .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Re: Unteralterbach visual novel

[Paul Tagliamonte]

On Mon, Mar 10, 2014 at 08:31:24PM +0100, Christoph Biedl wrote:
 Thibaut Paumard wrote...
 
  IANAL, but this discussion has got me wondering were we should draw the
  line. Summary: in my opinion, if you intend on uploading a package which
  as fair chances of being classified as pornography *somewhere*, please
  don't. Argumentation follows (Nils, obviously I'm not meaning you by you):
 
 There was a discussion about hotbabe some years ago ...

(not speaking as ftpteam, we've not considered this yet, and the
 decision will come from an ftp-master, not a lowly minion such as
 myself)

Be careful here; in most Jurisdictions child porn is treated very
differently then normal porn (and rightly so).

That is, if you consider this porn (I've not seen this game yet, I'll
have to grab some facts about it before I voice an opinion on that) - but
from what I read so far, it's not looking great - this is *not* the same as
hotbabe, this pushes a lot more laws.

 Globally thinking, since there's a wide span of what pornography
 contitutes, I was careful with your approach. Some corners in the
 world might consider that term applies to bible-kjv-text. It has some
 parts they carefully avoided in sunday school.
 
 Christoph

Sure; but the question of intent is valid -- is the intent to 'excite'
the consumer or is it a work on it's own? Usually there's some test like
that in most places; but I've not researched this at all.

Cheers,
  Paul


-- 
 .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Re: Unteralterbach visual novel (was: Re: Introduction)

[Paul Tagliamonte]

On Mon, Mar 10, 2014 at 09:39:07PM +0100, Nils Dagsson Moskopp wrote:
 If the player is considered a pedophile, there are opportunities for
 abuse at every corner. Similar to other games, where you have a gun.
 
 The only game I know that challenges that is Aquaria. After acquiring
 the skill to throw energy balls, most players shoot everything they can
 see. This triggers a monologue from the – usually silent – protagonist
 about how powerful she feels when killing weaker creatures. Ouch.


Again, not ftpteam, just my opinion:



I don't believe this is an entirely fair comparison. Most games where
you kill people it's done in a way that keeps your player as 'ethical',
which is not to say you follow the geneva conventions (perhaps someone
out there can patch a WWII game for this? :) ), but you're on the
ethical 'high ground'. Mostly. Not all of it, but mostly.

Most games where you are unethical and killing a non-hostile force are
often condemmed -- or even banned!

One such game was Postal 2. Postal 2 is a game where you don't have to,
but can, shoot innocent people. You can play through without shooting a
single person, but it's very hard. It goes so far as to give you such
weapons as an 'anthrax filled cow head'.

It's intentionally provocitive -- you can play as the taliban, priests,
midgets or any other group that was open to mockery at the time.

As a result, it was banned in NZ and elsewhere in the world.


I think shooting games where you are fighting some force for ethical
good is more similar to pornography then child porn - I'd say games like
Postal 2, where you can kill innocent people for fun to be more similar
to that.


Again, I have not played this game, so I pass no judgement on anything
as of yet.

Cheers,
  Paul


-- 
 .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Re: Re: Artwork License for package in main

[Paul Tagliamonte]

On Tue, Dec 31, 2013 at 11:51:48AM +0100, Dimitry Polivaev wrote:
 Hello,
 
 I still have one related question. Could you please explain how we
 can protect Freeplane logo displayed in program splash screen and
 used in program icons from being misused if all images are
 distributed under a free license?

Trademark usage guidelines are common. They should allow for derivitive
works to carry the mark, otherwise we end up with an iceweasel/firefox
situation.

Copyright != Licensing != Trademark usage

 Thank you very much for your answers!
 Dimitry Polivaev, Freeplane

Cheers,
  Paul

-- 
 .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Re: Artwork License for package in main

[Paul Tagliamonte]

On Sun, Dec 29, 2013 at 10:17:29PM +0100, Felix Natter wrote:
 As it is, this license agreement is probably not suitable for packages
 in main [1].

s/probably/definitely/g

 -- Which criteria does the license agreement for Freeplane artwork have
 to meet in order for Freeplane to be allowed in main?

The DFSG - http://www.debian.org/social_contract

 -- Which licenses can you recommend? Can we simply modify the existing
 agreement in order to transfer more rights from the copyright holder
 (artist)?

CC* 3.0+ is great for creative works. The GPL also works, to some degree,
as does permissive licenses like MIT/Expat. I'd prefer CC0 myself.

Also keep in mind licensing != trademark usage. For instance, Debian has
trademark usage, but it's logo is DFSG free, license-wise.

 -- How about compatibility with Freeplane's (source code-)license
 (GPL-2+)?

Irrelevant. It's loaded at runtime, just as the GIMP would load a
non-free image. Totally fine. Those images just can't be in main.

 [1] http://lists.debian.org/debian-mentors/2013/12/msg00236.html
 
 Thank you very much and Best Regards,
 -- 
 Felix Natter

Cheers,
 Paul

-- 
 .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Re: LGPLv3 - is GPLv2 incompatibility transitive?

[Paul Tagliamonte]

I have to say this, just because I don't want this ever to be misused:

 * As always, this is not the opinion of the ftpteam.

 * Don't use this to justify a GPL violation. The other comments on this
   thread are the correct way to read this. Don't use this to back up
   silly arguments. I'm just bring it up.

On Wed, Dec 11, 2013 at 07:21:18PM +0100, Andreas Metzler wrote:
 Hello,
 
 I think this is a very simple question but I somehow failed at
 search^Wfinding:
 
 We know this is in not distributable:
 [GPLv2 program] linked with [LGPLv3+ library]
 
 How about this, with indirect linkage:
 [GPLv2 program] li.w. [LGPLv2+ library] li.w. [LGPLv3+ library]
 
 One way to look at it is as a huge aggregated work including two parts
 with incompatible licenses.
 
 The other way round is to look at the two pieces on the right and say
 that it is perfectly fine for a LGPLv2+ library to be linked against a
 LGPLv3+ library without being upgraded to LGPLv3 [1], and therefore
 the GPLv2 program can use it.
 
 Is there a canonical interpretation?

Look to the others on this thread for a sane interpretation, but here's
another that I think has a useful way of looking at the issue.


IMHO, sharing memory shouldn't always force the GPL's licensing on your
program[1].

As example, if we have a well defined header file, which contains a
general use library with some well defined behavior (say, for doing
Crypto, or some common set of system calls), the API it's self ought not
be considered a derivitive work of the GPL, since there's nothing
original to that implementation.

The program can be linked against any number of libraries, and the fact
the library is GPL'd shouldn't force linked code to result in a
violation of sorts.

Put this the other way. What if we re-implemented a BSD library from the
headers, and built an API (hell, even ABI) compatable library that's
GPL'd. Does this mean when we switch out the system library, we have
undistributable software (or force 3ed parties to hand over source?). I
can see the argument that says no to that.

For me, the question isn't is this transitively linked - but is it
transitively a derived work? I'd say some cases, yes, some, no.


Devilishly advocatingly yours,
  Paul


[1]: The FSF disagrees with me, so listen to them.

-- 
 .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Re: [License-review] For Approval: Scripting Free Software License, Version 1.3.5 (S-FSL v1.3.5)

[Paul Tagliamonte]

On Sun, Nov 10, 2013 at 05:07:00PM +, Elmar Stellnberger wrote:
 
 Am 08.11.2013 16:33, schrieb Paul Tagliamonte:
 On Fri, Nov 08, 2013 at 04:15:30PM +, Elmar Stellnberger wrote:
 specific to someone: Well this is an unavoidable necessity in order to
 Maybe, but specific clauses like this clearly violate OSD #3 and #5
 (#3: if your downstream “A” is a “public distribution” and A’s
 downstream “B” isn’t, B cannot distribute them under the same terms
 as it got them from A under).
 Well we could crop out this special facilitation but that would make
 the license less fit for practical purposes. I do not want to sacrifice
 practical fitness towards perfectly strict OSI compliance.
 To be clear, not satisfying OSD 3  5 (DFSG 3 and 5 as well) this will
 *NOT* be fit for Debian main. You're free to try to get it into
 non-free.
 
 Concerning OSD conformance please see for the discussion at 
 http://projects.opensource.org/pipermail/license-discuss/2013-November/001358.html.

Debian doesn't use OSI conformance as it's measure for free software. We
have our own tests (the DFSG), and a team to work out if a license is
free (the ftpteam).

Last I checked, your license will still not be fit for Debian main.

Cheers!
  Paul

-- 
 .''`.  Paul Tagliamonte paul...@debian.org
: :'  : Proud Debian Developer
`. `'`  4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
 `- http://people.debian.org/~paultag


signature.asc
Description: Digital signature

Re: [License-review] For Approval: Scripting Free Software License, Version 1.3.5 (S-FSL v1.3.5)

[Paul Tagliamonte]

On Fri, Nov 08, 2013 at 04:15:30PM +, Elmar Stellnberger wrote:
 specific to someone: Well this is an unavoidable necessity in order to
 Maybe, but specific clauses like this clearly violate OSD #3 and #5
 (#3: if your downstream “A” is a “public distribution” and A’s
 downstream “B” isn’t, B cannot distribute them under the same terms
 as it got them from A under).
 Well we could crop out this special facilitation but that would make
 the license less fit for practical purposes. I do not want to sacrifice
 practical fitness towards perfectly strict OSI compliance.

To be clear, not satisfying OSD 3  5 (DFSG 3 and 5 as well) this will
*NOT* be fit for Debian main. You're free to try to get it into
non-free.

Thanks!
  Paul

-- 
 .''`.  Paul Tagliamonte paul...@debian.org
: :'  : Proud Debian Developer
`. `'`  4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
 `- http://people.debian.org/~paultag


signature.asc
Description: Digital signature

Re: xchroot: packaging as non-free

[Paul Tagliamonte]

Email ftpmas...@ftp-master.debian.org with your license, and the ftpteam
will disucss if we can distribute it safely. If so, you can upload it to
non-free. Ask your sponsor for more information on that.

Please note that non-free is *not* Debian (the distribution), but is
mearely software hosted on Debian boxes, and given small amounts of
infra (such as the BTS). We will *not* autobuild the package on the
buildd network, and you won't see project members coming to help fix RC
bugs (it's more likely it'll be removed if bugs are not tended to
quickly).

Cheers,
  Paul

On Fri, Nov 08, 2013 at 06:03:35PM +, Elmar Stellnberger wrote:
   You're free to try to get it into non-free.
 
 Thanks!
Paul
 
 How to apply for acceptance in non-free?

-- 
 .''`.  Paul Tagliamonte paul...@debian.org
: :'  : Proud Debian Developer
`. `'`  4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
 `- http://people.debian.org/~paultag


signature.asc
Description: Digital signature

Re: Bug#728716: RFS: xchroot/2.3.2-9 [ITP] -- Hi Debian!

[Paul Tagliamonte]

 for the first time. He
 has absolutely no idea how to do it, so he buys a book about the topic.
 To install additional software, such as those covered by this license,
 he uses tools and techniques described in the manual, for which he paid
 for. In this case, the distribution is not allowed to let Joe Average
 install programs covered by this license, because he needed a paid-for
 manual to install the distribution and the software covered by the
 license in question.
  Thanks for that hint. My intention was that a technically experienced user
 should be able to do it. For OS/2 Warp 4.5 doing the updates without
 purchasing docs was even impossible for a technical expert user before
 http://www.elstel.org/OS2Warp/InstallUpdate.html. That is the only issue
 I want to prevent.
 :: replaced by the term 'averagely experienced technical user'
 
  That's not true; commercial software *can be paid software*. So
  long as
 
 
 can be free software* (sorry!)
 
  the software is compatable (and the work on the whole is
  distributed as
  GPL), this isn't a problem.
 
  Please, if you don't know how the GPL works, I have to strongly insist
  on you not writing your own license.
 
Oops there we have an error! (Well I clearly know how it works with GPL.)
 Commercial software does not need to be paid software. Well, to me a
 similar restriction like for GPL could be very handy: having to put
 all of the
 software under any OSS-compliant license as soon as an S-FSL program
 is incorporated (That would also limit possible interference with other
 licenses).
 Would that be acceptible?
 I'm not exactly sure I understand what you mean here. If you mean that
 any program or distribution that incorporates an S-FSL licensed program
 will need to comply with the S-FSL license terms aswell, that will not
 work. First of all, the S-FSL is not compatible with the GPL, so you
 can't link it or integrate it with anything that is GPL'd.
 Furthermore, DFSG#9: a license must not contaminate other, unrelated
 software.
 no just compliance with any OSS-license like f.i. GPL so that S-FSL is
 'compatible' to other licenses; see for S-FSL v1.3.3
 
 

-- 
 .''`.  Paul Tagliamonte paul...@debian.org
: :'  : Proud Debian Developer
`. `'`  4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
 `- http://people.debian.org/~paultag


signature.asc
Description: Digital signature

Re: incompatible licenses in the debian directory

[Paul Tagliamonte]

On Fri, Sep 27, 2013 at 01:06:27PM +, Thorsten Glaser wrote:
 Paul Tagliamonte paultag at debian.org writes:
 
  So, the way *I* see this is so long as the GPL code isn't being put into
  a combined work with anything (e.g. GPL'd patches), it *should* be OK.
 
 Unfortunately, GPLv3 considers build scripts (thus, d/rules plus the
 input for the declarative dh* commands, plus d/control which is parsed
 by some, etc.) to be part of the “complete” source code.
 
 This means that even the previous maintainer was unable to legally
 upload the package with debian/* being GPLv3, unless he added an
 exception.

This is a GPL restriction. Since the upstream code isn't GPL, why are
you using a GPL argument about build scripts? -- in theory this would apply
to build scripts for the GPLv3'd debian/* files, but there are none that
I know of :)

 Make out of that, consequences-wise, whatever you want…
 just saying… there have been precedences of upstream being
 forced to relicence because they have distributed something
 they couldn’t under the choices they made themselves.
 
 bye,
 //mirabilos
 
 
 -- 
 To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
 with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
 Archive: http://lists.debian.org/loom.20130927t150424-...@post.gmane.org
 

-- 
 .''`.  Paul Tagliamonte paul...@debian.org
: :'  : Proud Debian Developer
`. `'`  4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
 `- http://people.debian.org/~paultag


signature.asc
Description: Digital signature

Re: incompatible licenses in the debian directory

[Paul Tagliamonte]

On Fri, Sep 27, 2013 at 03:24:58PM +, Thorsten Glaser wrote:
 Hm unsure. It really depends on how far you acknowledge the
 virality of the GPL – Debian, AFAIK, tends to go more with
 the FSF’s extreme interpretation…

I don't think my view is out of line with the FSF's.

This applies to source code for the covered work. The covered work *is*
the build-script in this case. The upstream code is EPL, which has no
clause that requires the build-scripts to be under a compatable license.

In addition, I don't think that using the build-scripts creates a
derivative work, so I don't think the resulting work would be GPL'd just
because of the build scripts.

As such, I don't see a problem, unless someone points out something I've
overlooked here.

 But if the new maintainer is willing to completely remove the
 old stuff that’s probably the best outcome, considering the
 old maintainer is unwilling to cooperate.

Perhaps, but I don't think it's a problem, so long as the debian/patches
are licensed EPL or more permissive. There are oodles of packages that
have GPL-3+'d debian/* with a non-GPL upstream license.

 (Personally I think debian/ should be permissive, especially
 if there’s not too much “magic” in it… and others even think
 there should be no magic in it…)

I don't disagree, but I don't think this is inherently an issue.

 
 bye,
 //mirabilos


Cheers,
  Paul

-- 
 .''`.  Paul Tagliamonte paul...@debian.org
: :'  : Proud Debian Developer
`. `'`  4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
 `- http://people.debian.org/~paultag


signature.asc
Description: Digital signature

Re: incompatible licenses in the debian directory

[Paul Tagliamonte]

On Wed, Sep 25, 2013 at 10:18:58AM -0400, Miles Lubin wrote:
 Dear debian-legalers,

Yo, Miles!

 - The debian directory had no explicit license mentioned in the
 copyright file. It was pointed out by Paul Tagliamonte that the

Oh yes, I remember this.

 previous maintainer(s) must agree to the change in license.
 - Soeren Sonnenburg, the previous maintainer, has insisted that his
 work be licensed under GPLv3 exclusively.

:\

 What's the best way to resolve this issue? In general I see two
 different classes of files in the debian directory as they might
 relate to the license incompatibility.
 
 1) Debian helper files (rules, watch, control, copyright, changelog)
 which are not part of the distributed package.
 2) Patches, manpages, etc. which are part of the distributed package.

So, the way *I* see this is so long as the GPL code isn't being put into
a combined work with anything (e.g. GPL'd patches), it *should* be OK.


I couldn't imagine the case to be made against shipping CC-BY images in
a GPL source package, so I don't see why we can't have different
conflicting licenses in the same tarball (unless the license stipulates
such, in which case, I'm not sure of the DFSG freeness, see point 9)


It's a skitch hazy, but I don't think there's an issue with
distributing CC-BY and GPL code in the same tarball -- the only issue is
this *MAY* result in GPL issues if *upstream* is GPL, if you've checked
out some of the CDDL build-scripts + GPL'd source code flames.


I've not looked into the details of those issues, however, so I couldn't
speak to them.


Hopefully you can find a good solution!

Cheers,
  Paul


-- 
 .''`.  Paul Tagliamonte paul...@debian.org
: :'  : Proud Debian Developer
`. `'`  4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
 `- http://people.debian.org/~paultag


signature.asc
Description: Digital signature

Re: incompatible licenses in the debian directory

[Paul Tagliamonte]

On Wed, Sep 25, 2013 at 10:37:12AM -0400, Paul Tagliamonte wrote:
 It's a skitch hazy, but I don't think there's an issue with
 distributing CC-BY and GPL code in the same tarball -- the only issue is
 this *MAY* result in GPL issues if *upstream* is GPL, if you've checked
 out some of the CDDL build-scripts + GPL'd source code flames.

Strike this bit. It's redundant and I've not had enough coffee, so you
should strike it and I should get coffee because it's redundant.

(Sorry y'all :) )

Cheers,
  Paul


-- 
 .''`.  Paul Tagliamonte paul...@debian.org
: :'  : Proud Debian Developer
`. `'`  4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
 `- http://people.debian.org/~paultag


signature.asc
Description: Digital signature

Re: evil prohibition downgraded to no-no-evil suggstion

[Paul Tagliamonte]

On Fri, Sep 20, 2013 at 02:45:59PM +0100, Barak A. Pearlmutter wrote:
 The lintian tag license-problem-json-evil, added per BTS 692616, should
 have its description modified ... because those files have been
 relicensed under free terms!


Uh

 So now, people should be told to get new
 version of the cson files, without the problematic prohibition on evil.

json != cson.

Stephan Beal sgb...@googlemail.com != Douglas Crockford

Is this CSON code based on Crockford's code? If so, he *can't* dismiss
these terms.

 See http://lists.debian.org/debian-legal/2013/09/msg00051.html for
 details and (presumably) discussion, but the important information from
 upstream is included below.
 
 If someone who has edit rights would care to edit the immutable page
 https://wiki.debian.org/qa.debian.org/jsonevil appropriately, that would

Again, json != cson.

 be great.  It might also be a good idea for someone to scan back for
 bugs tagged json-evil-license, open or closed or archived, and alert the
 relevant maintainers of this change.

Thank you for caring about the freeness of our archive :)


Cheers,
  Paul

-- 
 .''`.  Paul Tagliamonte paul...@debian.org
: :'  : Proud Debian Developer
`. `'`  4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
 `- http://people.debian.org/~paultag


signature.asc
Description: Digital signature

Re: evil prohibition downgraded to no-no-evil suggstion

[Paul Tagliamonte]

On Fri, Sep 20, 2013 at 10:05:22AM -0400, Paul Tagliamonte wrote:
 On Fri, Sep 20, 2013 at 02:45:59PM +0100, Barak A. Pearlmutter wrote:
  The lintian tag license-problem-json-evil, added per BTS 692616, should
  have its description modified ... because those files have been
  relicensed under free terms!
 
 
 Uh
 
  So now, people should be told to get new
  version of the cson files, without the problematic prohibition on evil.
 
 json != cson.
 
 Stephan Beal sgb...@googlemail.com != Douglas Crockford
 
 Is this CSON code based on Crockford's code? If so, he *can't* dismiss
 these terms.

10:08  svuorela 
http://fossil.wanderinghorse.net/repos/cson/index.cgi/fdiff?v1=96aa6450818f00b7v2=020e4321af9622d7sbs=0
 looks fishy

I agree :)

 
  See http://lists.debian.org/debian-legal/2013/09/msg00051.html for
  details and (presumably) discussion, but the important information from
  upstream is included below.
  
  If someone who has edit rights would care to edit the immutable page
  https://wiki.debian.org/qa.debian.org/jsonevil appropriately, that would
 
 Again, json != cson.
 
  be great.  It might also be a good idea for someone to scan back for
  bugs tagged json-evil-license, open or closed or archived, and alert the
  relevant maintainers of this change.
 
 Thank you for caring about the freeness of our archive :)
 
 
 Cheers,
   Paul
 
 -- 
  .''`.  Paul Tagliamonte paul...@debian.org
 : :'  : Proud Debian Developer
 `. `'`  4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
  `- http://people.debian.org/~paultag



-- 
 .''`.  Paul Tagliamonte paul...@debian.org
: :'  : Proud Debian Developer
`. `'`  4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
 `- http://people.debian.org/~paultag


signature.asc
Description: Digital signature

Re: data and software licence incompatabilities?

[Paul Tagliamonte]

On Sat, Aug 31, 2013 at 11:30:31PM +0900, Charles Plessy wrote:
 Hi Paul,
 
 Frankly speaking, Debian's opinion on the CC licenses does not exist.  There
 is the empirical observation that this or that CC license is accepted or
 rejected from our archive, with both false positives and false negatives, and
 there is not any document that presents logically and clearly the facts behind
 the FTP team's choice of accepting version 3.0 and rejecting older versions.
 
 Given that the difference between the accepted and rejected license is so 
 thin,
 I think that we can not blame people being unsatisfied in one direction or the
 other and telling it repeatedly their opinion on that matter.  If you do not
 like this, please write a convincing and authoritative explanation of 
 Debian's
 opinion, that will close the debate.

Perhaps you'd be interested in helping: 
http://lists.debian.org/debian-project/2013/01/msg00043.html 

 
 Cheers,
 
 -- 
 Charles Plessy
 Ceterum censeo Carthaginem delendam esse
 
 
 -- 
 To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
 with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
 Archive: http://lists.debian.org/20130831143031.ga8...@falafel.plessy.net
 

Cheers,
  Paul

-- 
 .''`.  Paul Tagliamonte paul...@debian.org
: :'  : Proud Debian Developer
`. `'`  4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
 `- http://people.debian.org/~paultag


signature.asc
Description: Digital signature

Re: data and software licence incompatabilities?

[Paul Tagliamonte]

On Tue, Aug 27, 2013 at 10:55:33PM +0200, Francesco Poli wrote:
 CC licenses may be perfectly fine in *your* opinion.
 Apparently in many other people's opinion, too.
 But they are not in *my* opinion.

Sorry, this was not *my* opinion, it was *Debian*'s opinion. This *is*
debian-legal, isn't it?

 I think I have a right to have my own opinion and to express it
 publicly, as long as I clearly describe it as my *own personal* opinion.

Sorry, this is debian-legal. Let's stick to that. If you want to
continue talking about CC licenses, please start a new thread and talk
about it there. Don't clutter up every thread with your opinions, which
are counter to Debian.

 I just said that, if all files were licensed in a mutually compatible
 manner, there would be no doubt about possible license compatibility
 issues. Which should be quite obvious, shouldn't it?

This is like saying (to take a quote from a TV show) The Banana Stand
that won't make you sick and kill you is a fine thing to say, it should
be quite obvious, right?

The fact of the matter is by saying something will remove doubt, you
assume there *is* doubt. Which there isn't.


I'm seriously out of this thread :)

-T


-- 
 .''`.  Paul Tagliamonte paul...@debian.org
: :'  : Proud Debian Developer
`. `'`  4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
 `- http://people.debian.org/~paultag


signature.asc
Description: Digital signature

Re: data and software licence incompatabilities?

[Paul Tagliamonte]

On Mon, Aug 26, 2013 at 11:00:38PM +0200, Francesco Poli wrote:
 I respectfully disagree: I am convinced that the GNU GPL is far better
 than any CC license, for both programmatic and non-programmatic works.
 
 But that's not the point, anyway.
 What I was trying to say was just that having those files under
 GPL-compatible terms would erase any possible doubt (and also enable
 other potential uses that are currently forbidden).

Please don't spread FUD against the CC license set when it'll be
perfectly fine. (quite literally F.U.D. in this case). The CC licenses
are perfectly fine, no matter how much you disagree.

  In addition, this is an absurd claim to start; the GIMP is GPL-3, can we
  not edit CC-BY-SA images in the GIMP? The GIMP reads these files at
  runtime, too!
 
 Once again, that's not what I said.

I don't see how you can draw a distinction between a data file being
loaded and an image being edited.


Anyway, end-of-thread for me,
  Paul


-- 
 .''`.  Paul Tagliamonte paul...@debian.org
: :'  : Proud Debian Developer
`. `'`  4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
 `- http://people.debian.org/~paultag


signature.asc
Description: Digital signature

Re: data and software licence incompatabilities?

[Paul Tagliamonte]

My own opinions below (not any sort of ftp* anything)

On Sun, Aug 25, 2013 at 12:15:11PM +0200, Francesco Poli wrote:
  A database of place names. Read in as data when the program runs.
 
 If these attribute files are really just data read at run-time by the
 program, I think that the license incompatibility should not be a
 re-distribution legal issue.


Correct.


 Anyway, persuading the copyright holder(s) of these attribute files to
 re-license (or dual-license) them under the terms of the GNU GPL v2
 would erase any doubt...

This is absurd at best; there's no need to do this. Such works as
place-name databases are perfectly fine under CC-BY-SA 3.0 or better.
(inb4 you tell us how much you hate CC-BY and it's not free to you, and
the ftp-masters made a mistake) In fact, many works are *better*
licensed under CC-BY-SA 3.0 than GPL-2 or 3, since the GPL's terms are
much better fit for code (just as you'd not ask someone to license code
under CC-BY-SA, since that's also silly)

In addition, this is an absurd claim to start; the GIMP is GPL-3, can we
not edit CC-BY-SA images in the GIMP? The GIMP reads these files at
runtime, too!

I don't think it's not a combined work if it's reading the data file at
runtime.

Cheers,
  Paul


-- 
 .''`.  Paul Tagliamonte paul...@debian.org
: :'  : Proud Debian Developer
`. `'`  4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
 `- http://people.debian.org/~paultag


signature.asc
Description: Digital signature

Re: AGPLv3 Compliance and Debian Users

[Paul Tagliamonte]

On Thu, Jul 11, 2013 at 12:19:47PM -0700, Howard Chu wrote:
 Right, I want to understand AGPL's motivations is all.
 
 I used to put similar terms on my code, back before the GPL existed.
 Essentially: If you modify this code, you must send your
 modifications back to me (the original author). The motivation is
 that if you fixed a bug or improved the code, you should make your
 improvements available to me, and I subsequently make them available
 to the user base at large in my next release.
 
 I don't consider this a terrible restriction - if you're using my

Sure, but that doesn't make it DFSG free (hint: it's likely not)[1][2]


[1]: The Dissident test
[2]: The Desert Island test

-- 
 .''`.  Paul Tagliamonte paul...@debian.org
: :'  : Proud Debian Developer
`. `'`  4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
 `- http://people.debian.org/~paultag


signature.asc
Description: Digital signature

Re: Berkeley DB 6.0 license change to AGPLv3

[Paul Tagliamonte]

On Tue, Jul 02, 2013 at 09:44:10AM +0200, Ondřej Surý wrote:
 Florian Weimer has correctly pointed out that Oracle has decided to change the
 BDB 6.0 license to AGPLv3 (https://oss.oracle.com/pipermail/bdb/2013-June/
 56.html). This hasn't been reflected in release tarball (probably by
 mistake), but since the AGPLv3 is not very friendly to downstream projects, we
 (as the Debian project) need to take a decision.

What? Wait, What? What?[1]

The AGPL is a DFSG free FSF approved and OSI approved free software
license? We made a decision, it's *free software* and fit for main.

 My opinion is that this Oracle move just sent the Berkeley DB to oblivion, and
 Berkeley DB will be less and less used (or replaced by something else).

Sure. Software comes and goes. Why not let it happen, who cares, it's
still free software.

 What we can do right now (more can apply):
 [ ] Keep db5.3 for jessie
 [ ] Keep db5.3 for jessie+
 [ ] Keep db5.3 forever
 [ ] Suck it and relicense the downstream software as appropriate
 [ ] Block db6.0 and higher from entering Debian
 [ ] Remove Berkeley DB support from jessie+
 [ ] Remove Berkeley DB support from jessie++
 [ ] Replace Berkeley DB with free alternative [*]
 [ ] Somebody writes a BDB-compatible wrapper around the free alternative(s)
  [ ] Do nothing because it's free software

 dak rm -Rn -s unstable db-defaults db5.1 db5.3  db-depends

Again, why do you plan on removing free software from main due to a
change in license?

Cheers,
  Paul


[1]: 
http://1.bp.blogspot.com/-GfEnd4xeEJs/UOxBvCCdgGI/BSU/PgL41SlEQ98/s1600/huh-what.gif

-- 
 .''`.  Paul Tagliamonte paul...@debian.org
: :'  : Proud Debian Developer
`. `'`  4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
 `- http://people.debian.org/~paultag


signature.asc
Description: Digital signature

Re: Berkeley DB 6.0 license change to AGPLv3

[Paul Tagliamonte]

On Tue, Jul 02, 2013 at 09:15:15AM -0400, Paul Tagliamonte wrote:
 Again, why do you plan on removing free software from main due to a
 change in license?

As algernon points out, it makes slightly more sense when you remember
that the AGPLv3 is not compatable with the GPLv2

I'm still against removing it from the archive.

Cheers,
  Paul


-- 
 .''`.  Paul Tagliamonte paul...@debian.org
: :'  : Proud Debian Developer
`. `'`  4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
 `- http://people.debian.org/~paultag


signature.asc
Description: Digital signature

Re: Public Domain again

[Paul Tagliamonte]

On Thu, Jan 31, 2013 at 04:25:21PM -0800, Don Armstrong wrote:
 On Fri, 01 Feb 2013, Jérémy Lal wrote:
  My issue is that i don't understand how public domain is DFSG,
 
 If a work can actually be placed into the public domain, then that
 usually means that it has no copyright, and therefore automatically
 satisfies the DFSG so long as there is source.
 
 In countries where this isn't the case,[1] then it may not, but Debian
 has never claimed to be able to work around all countries broken legal
 systems.
 
 Beyond that, I'm afraid I'm unable to follow what you're asking for,
 exactly.
 
 
 Don Armstrong

In addition, I'd like to note that's what CC0 is for, really. It has
some neat fall-back clauses that trigger in the event a jurisdiction
doesn't allow for public domain works as such, and also releases
database rights[1] which some other public domain dedications may not :)

 
 -- 
 Some pirates achieved immortality by great deeds of cruelty or
 daring-do. Some achieved immortality by amassing great wealth. But
 the captain had long ago decided that he would, on the whole, prefer
 to achieve immortality by not dying.
  -- Terry Pratchet _The Color of Magic_
 
 http://www.donarmstrong.com  http://rzlab.ucr.edu
 
 
 -- 
 To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
 with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
 Archive: 
 http://lists.debian.org/20130201002521.gn30...@teltox.donarmstrong.com
 

Cheers,
  Paul

[1]: http://en.wikipedia.org/wiki/Database_right

-- 
 .''`.  Paul Tagliamonte paul...@debian.org
: :'  : Proud Debian Developer
`. `'`  4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
 `- http://people.debian.org/~paultag


signature.asc
Description: Digital signature

Re: Bug#686580: netdiag: Strobe license is incorrectly stated as GPL

[Paul Tagliamonte]

On Thu, Oct 18, 2012 at 07:59:17PM +0700, Ivan Shmakov wrote:
  Matthaeus Wander mwan...@swznet.de writes:
 
   Package: netdiag
   Version: 1.0-13
   Severity: minor
 
   AIUI, the Strobe license (as quoted below) fails to meet DFSG 1.
   Therefore, my guess is that the severity of this bug has to be
   raised to ‘grave’.  (Which I'll do unless there be objections.)
 
   TIA.
 
   In doc/netdiag/copyright the license of strobe is stated as GPL and
   claimed to be taken from strobe-1.06.tar.gz.  The upstream archive
   does not mention GPL, instead the manpage and the COPYRIGHT file say:
 
   --copy--
   Copyright (c) Julian Assange 1995-1999, All rights reserved.
 
   This software has only three copyright restrictions. Firstly, this
   copyright notice must remain intact and unmodified. Secondly, the
   Author, Julian Assange, must be appropriately and prominantly
   credited in any documentation associated with any derived work.
   Thirdly unless otherwise negotiated with the author, you may not
   sell this program commercially, reasonable distribution costs
   excepted.
 
   Use and or distribution of this software implies acceptance of the
   above.
   --paste--

This looks very much non-free and should be moved to non-free
immediately, or removed from the archive.

Cranking up severity is a *good* move, I would do it, but I see you
intend to.

Godspeed.

-- 
 .''`.  Paul Tagliamonte paul...@debian.org
: :'  : Proud Debian Developer
`. `'`  4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
 `- http://people.debian.org/~paultag


signature.asc
Description: Digital signature

Re: Bug#686580: netdiag: Strobe license is incorrectly stated as GPL

[Paul Tagliamonte]

On Fri, Oct 19, 2012 at 12:07:38AM +0200, Francesco Poli wrote:
 On Thu, 18 Oct 2012 17:12:40 -0400 Paul Tagliamonte wrote:
 
  On Thu, Oct 18, 2012 at 07:59:17PM +0700, Ivan Shmakov wrote:
Matthaeus Wander mwan...@swznet.de writes:
 [...]
   
 AIUI, the Strobe license (as quoted below) fails to meet DFSG 1.
 Therefore, my guess is that the severity of this bug has to be
 raised to ‘grave’.  (Which I'll do unless there be objections.)
 [...]
 --copy--
 Copyright (c) Julian Assange 1995-1999, All rights reserved.
   
 This software has only three copyright restrictions. Firstly, this
 copyright notice must remain intact and unmodified. Secondly, the
 Author, Julian Assange, must be appropriately and prominantly
 credited in any documentation associated with any derived work.
 Thirdly unless otherwise negotiated with the author, you may not
 sell this program commercially, reasonable distribution costs
 excepted.
   
 Use and or distribution of this software implies acceptance of the
 above.
 --paste--
  
  This looks very much non-free and should be moved to non-free
  immediately, or removed from the archive.
 
 I agree.
 
 In the meanwhile, I recommend getting in touch with the copyright
 holder and trying to persuade him to re-license Strobe under DFSG-free

Mr. Assange is the copyright holder (among a few others), but I get the
impression he's a bit busy at the moment...

 terms (for instance under the terms of the GNU GPL v2, if a copyleft
 license is preferred, or under the terms of the Expat license
 http://www.jclark.com/xml/copying.txt , if a non-copyleft license is
 preferred).
 
  
  Cranking up severity is a *good* move, I would do it, but I see you
  intend to.
 
 I think the correct severity is serious...
 
 
 -- 
  http://www.inventati.org/frx/frx-gpg-key-transition-2010.txt
  New GnuPG key, see the transition document!
 . Francesco Poli .
  GnuPG key fpr == CA01 1147 9CD2 EFDF FB82  3925 3E1C 27E1 1F69 BFFE

-- 
 .''`.  Paul Tagliamonte paul...@debian.org
: :'  : Proud Debian Developer
`. `'`  4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
 `- http://people.debian.org/~paultag


signature.asc
Description: Digital signature

Re: dissident test has been proven wrong and should not be used any more

[Paul Tagliamonte]

On Mon, Sep 24, 2012 at 10:04:22PM +0900, Osamu Aoki wrote:
 Hi,
 
 On Mon, Sep 17, 2012 at 09:18:42AM +0900, Charles Plessy wrote:
  Le Sun, Sep 16, 2012 at 01:25:21PM +0100, Steve McIntyre a écrit :
   Chris wrote:
   
   I think this clause in the license absolutely fails the dissident test
   
   Please point to the DFSG section that mentions the dissident test.
  
  Hi Steve,
  
  I think that the dissident test and others are indirectly mentionned to
  everyone who wants to join Debian:
  
  http://anonscm.debian.org/viewvc/nm/trunk/nm-templates/nm_pp1.txt?revision=1246view=markup
  
  60  PH7. How do you check if a license is DFSG-compatible?
  61  
  62  PH8. There are a few tests for this purpose, based on (not really) 
  common
  63  situations. Explain them to me and point out which common problems can
  64  be discovered by them.
 
 Agh ... who added this ... test should be done only to DFSG.  The
 proposed dissident test does not work and is proven to be wrong in
 some cases already.

DFSG 5, No Discrimination Against Persons or Groups

If I'm a freedom fighter (or, political activist in the middle east
right exactly now), I want to be able to use Debian to help work with my
other freedom fighters, without the gov't knowing I even have such
software.

If I change Tor slightly for our use, and distribute it as TorForkOne, I
don't want to have to put my real name, real anything.

If it just needs any name, fine, but not my real one.

It's not wrong, I think this is a perfectly great application of DFSG
point 5.

More simply, it checks for license that discriminates against people who
wish to not use their real name, for privacy or otherwise.

 
  I do not find these tests particularly useful, but as long as they are 
  promoted
  this way, we are likely to see people using them on this lit.
 
 Some people (Henning Makholm et al.) were on debian-legal around 2003
 using this dissident tests to shoot down many non-GLP/BSD licenced
 packages.  Please note some of the casualities such as ipadic were later
 accepted to Debian main with some efforts.
 
   http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=641070
   http://lists.debian.org/debian-legal/2011/09/msg00010.html
 
 I hope my summary page gives good idea what has been. 
 
   http://wiki.debian.org/IpadicLicense
 
 As I noted there, such extreme interpretation of license text can yield
 GPL2.0 to violate DFSG #5.
 
 I think after he failed to shootdown OpenOffice for its licence, he
 became quiet.  If we followed such tests by him, we would not have
 LibreOffice either now.
 
  If you think they create more noise than signal, perhaps you or others can
  consider asking for a change to the NM templates via a bug reported to
  nm.debian.org.
 
 I agree.
 
 I think we should clean some wiki-pages holding such extreme positions.
 
 Osamu
 

kbai,
  Paul

-- 
 .''`.  Paul Tagliamonte paul...@debian.org
: :'  : Proud Debian Developer
`. `'`  4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
 `- http://people.debian.org/~paultag


signature.asc
Description: Digital signature

Re: New package algol68toc: terms of the copyright.

[Paul Tagliamonte]

On Wed, Sep 12, 2012 at 01:59:13PM +0100, Sian Mountbatten wrote:
 Dear List
 
 Please find attached a copy of the copyright in all the source files
 of the algol68toc compiler.
 You will note that the licence accords with the DFSG. I am of the
 opinion that the compiler
 package could go into the main Debian distribution.
 
 Please confirm.

Sadly, I don't think we can :)

INAL, so someone feel free to call me wrong. Comments inline.

 
 -- 
 Sian Mountbatten
 Specialisto pri Algol 68
 

 
 This Program is the property of the Secretary of State for Defence
 (United Kingdom) acting through the Defence Research Agency (DRA). Use,
 reproduction, production of amended versions and/or transfer of this
 Program is permitted provided that:
 
   (a)  this legend be preserved on any such reproduction and amended version,
   (b)  any amended version of this Program be clearly marked to show the
nature of the amendment and of the name of the amending organisation,

 ^ IMHO this really fails the The Dissident test.

I quoth:

| Consider a dissident in a totalitarian state who wishes to share a
| modified bit of software with fellow dissidents, but does not wish to
| reveal the identity of the modifier, or directly reveal the
| modifications themselves, or even possession of the program, to the
| government. [snip]


   and
   (c)  any recipient  of such reproduction or amended version accept the
conditions set out in this legend.
 
  Crown Copyright, (c)   1994
 
  All rights reserved.
 
 The Secretary of State for Defence (United Kingdom) acting through his
 Defence Research Agency (DRA) gives no warranty that any element of the
 Software is suitable for any purpose and he shall not be liable for any
 loss or damage including loss or damage resulting in injury or death
 howsoever caused which results from the use of the Software, or any
 developments adaptions modifications translations and enhancements
 thereof.
 
 The original authors may be contacted via email on e...@dra.hmg.gb or by
 writing to ELLA Office, DRA, St Andrews Road, Malvern, Worcs WR14 3PS, UK.
 
 

Cheers,
  Paul

-- 
 .''`.  Paul Tagliamonte paul...@debian.org
: :'  : Proud Debian Developer
`. `'`  4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
 `- http://people.debian.org/~paultag


signature.asc
Description: Digital signature

Re: New package algol68toc: terms of the copyright.

[Paul Tagliamonte]

On Wed, Sep 12, 2012 at 09:44:17AM -0400, Paul Tagliamonte wrote:
 On Wed, Sep 12, 2012 at 01:59:13PM +0100, Sian Mountbatten wrote:
  Dear List
  
  Please find attached a copy of the copyright in all the source files
  of the algol68toc compiler.
  You will note that the licence accords with the DFSG. I am of the
  opinion that the compiler
  package could go into the main Debian distribution.
  
  Please confirm.
 
 Sadly, I don't think we can :)
 
 INAL, so someone feel free to call me wrong. Comments inline.

I'll call me wrong:

09:31  Ganneff svuorela: name the/a organisation, not your name. org:
 freedom fighters, inc. done. :)

09:31  Ganneff it doesnt want YOUR name, it wants A name for changes.
 i dont see a problem in that. just make it consistent

Comments retracted.

 
  
  -- 
  Sian Mountbatten
  Specialisto pri Algol 68
  
 
  
  This Program is the property of the Secretary of State for Defence
  (United Kingdom) acting through the Defence Research Agency (DRA). Use,
  reproduction, production of amended versions and/or transfer of this
  Program is permitted provided that:
  
(a)  this legend be preserved on any such reproduction and amended 
  version,
(b)  any amended version of this Program be clearly marked to show the
 nature of the amendment and of the name of the amending organisation,
 
  ^ IMHO this really fails the The Dissident test.
 
 I quoth:
 
 | Consider a dissident in a totalitarian state who wishes to share a
 | modified bit of software with fellow dissidents, but does not wish to
 | reveal the identity of the modifier, or directly reveal the
 | modifications themselves, or even possession of the program, to the
 | government. [snip]
 
 
and
(c)  any recipient  of such reproduction or amended version accept the
 conditions set out in this legend.
  
   Crown Copyright, (c)   1994
  
   All rights reserved.
  
  The Secretary of State for Defence (United Kingdom) acting through his
  Defence Research Agency (DRA) gives no warranty that any element of the
  Software is suitable for any purpose and he shall not be liable for any
  loss or damage including loss or damage resulting in injury or death
  howsoever caused which results from the use of the Software, or any
  developments adaptions modifications translations and enhancements
  thereof.
  
  The original authors may be contacted via email on e...@dra.hmg.gb or by
  writing to ELLA Office, DRA, St Andrews Road, Malvern, Worcs WR14 3PS, 
  UK.
  
  
 
 Cheers,
   Paul
 
 -- 
  .''`.  Paul Tagliamonte paul...@debian.org
 : :'  : Proud Debian Developer
 `. `'`  4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
  `- http://people.debian.org/~paultag



-- 
 .''`.  Paul Tagliamonte paul...@debian.org
: :'  : Proud Debian Developer
`. `'`  4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
 `- http://people.debian.org/~paultag


signature.asc
Description: Digital signature

Re: Bug#678746: desktop-base: Joy theme is a mix of incompatibly-licensed works

[Paul Tagliamonte]

On Sun, Jun 24, 2012 at 11:13:31AM +0200, Francesco Poli (wintermute) wrote:
 Package: desktop-base
 Version: 7.0.0~exp2
 Severity: serious
 Justification: Policy 2.3
 
 Hello,
 I read about the new Joy theme [1][2].
 
 [1] 
 http://blog.pault.ag/post/25614704596/my-quest-to-get-desktop-base-set-before-wheezy
 [2] 
 http://blog.pault.ag/post/25747178764/debian-desktop-7-0-0-exp2-in-experimental
 
 It looks nice, but it seems to have licensing issues.
 In the debian/copyright file [3] I read:
 
 | The Joy theme is © 2012 Adrien Aubourg and released under the CC-BY-SA 3.0
 | license.
 | 
 | The Joy plymouth theme is Copyright © 2009 Canonical Ltd.,
 | Copyright © 2010 Aurélien COUDERC and Copyright © 2012 Jonathan Carter under
 | the GPLv2+, with work from Adrien Aubourg under the CC-BY-SA 3.0 License.
 | 
 | The Joy KDM, GDM and KSplash grub theme are © 2012 Paul Tagliamonte and 
 released
 | under the CC-BY-SA 3.0 license, with work from all the previous authors, and
 | Adrien Aubourg.
 
 [3] 
 http://packages.debian.org/changelogs/pool/main/d/desktop-base/desktop-base_7.0.0~exp2/copyright
 
 First of all, these debian/copyright paragraphs fail to acknowledge that
 the Joy theme is based on the Debian “Open Use” (without “Debian” word)
 logo. But this may be fixed easily.

ACK'd. I'll fix this tonight. Thank you!

 
 
 The major issue seems to be that the Joy plymouth theme mixes parts
 released under CC-by-sa-v3.0 and parts released under GPLv2+.
 Since CC-by-sa-v3.0 is incompatible with GPLv2+, I would say that the
 resulting work is legally undistributable.

This *might* be true if it was two bits of code that get linked
together, but since Plymouth (and the plugin, which is GPLv2) only
render the CC-BY-SA 3.0 work, it should be fine.

I'll CC debian-leagl for comment

If this was the case, a lot of games would have to be removed from the
archive.

 
 The same issue seems to hold for the Joy KDM, GDM and KSplash grub theme,
 since it said to incorporate work from all the previous authors.
 If all the previous authors includes Aurélien COUDERC and/or
 Jonathan Carter, it seems that their work is under GPLv2+ and thus
 the incompatibility of CC-by-sa-v3.0 again kicks in.

Johnathan Carter contributed to the Plymouth script, not the artwork.
The artwork is still the same.

In this case, I'll modify this line to show the files that I edited are
still GPLv2, and the images it's self is CC-BY-SA 3.0. No problem, no
big deal.

 
 
 (For the record, I am also convinced that CC-by-sa-v3.0 fails to
 meet the DFSG, but that's another story, since FTP masters disagree
 with me, unfortunately).
 
 
 I hope the incompatibility issue may be fixed soon for the Joy theme.

Not such a big deal :)

 
 Since everything else in the desktop-base package is GPL-compatible,
 I strongly recommend to persuade Adrien Aubourg and Paul Tagliamonte

I'm fine with whatever license comes up. I just wanted to keep
consistancy.

 to re-license their work under the terms of the GNU GPL v2 or later.
 Or, at least, to dual-license it under CC-by-sa-v3.0 and GPLv2+.
 (In the latter case, the complete text of CC-by-sa-v3.0 should be
 included in the debian/copyright file, though.)
 
 
 Bye and thanks for your time.

Thank you,
 Paul

 
 
 


signature.asc
Description: Digital signature

Re: Bug#678746: desktop-base: Joy theme is a mix of incompatibly-licensed works

[Paul Tagliamonte]

severity 678746 normal
retitle 678746 debian/copyright is worded poorly
tags 678746 + pending
thanks

On Sun, Jun 24, 2012 at 07:03:01PM +0200, Francesco Poli wrote:
 reopen 678746
 thanks
 
 
 On Sun, 24 Jun 2012 18:43:12 +0200 Julien Cristau wrote:
 
  On Sun, Jun 24, 2012 at 07:34:50 -0400, Paul Tagliamonte wrote:
  
The major issue seems to be that the Joy plymouth theme mixes parts
released under CC-by-sa-v3.0 and parts released under GPLv2+.
Since CC-by-sa-v3.0 is incompatible with GPLv2+, I would say that the
resulting work is legally undistributable.
   
   This *might* be true if it was two bits of code that get linked
   together, but since Plymouth (and the plugin, which is GPLv2) only
   render the CC-BY-SA 3.0 work, it should be fine.
   
  Quite.  Closing.
 
 Please, let's keep this bug report open until each part of it gets
 fixed.
 
 First of all, there is still the issue with the missing acknowledgment
 that the Joy theme is based on the Debian “Open Use” (without “Debian”
 word) logo: Paul Tagliamonte has stated that he'll fix this part
 tonight.

Already fixed in svn :)

 
 Then there's the clarification of the debian/copyright file, which is
 also still to be done.

Fixed the plymouth issue.

 But it already seems that this will have to be done differently, since
 the upstream author of the Joy theme (Adrien Aubourg) has just stated
 that he'll soon re-license his theme under the GPL.

I hate the idea of licensing images under GPL, even though we do have
the preferred form of the work for making modifications to it.

This is another flame-war I won't open, but I hate the idea of
non-software under a software license. This is all moot, since
He said he'd relicense it, so if he does, I'll reflect that. If not, I
have no problems keeping a DFSG free license in this package.

 
 
 Hence I think the debian/copyright file needs some modifications, before
 this bug report may be closed...

It's sitting in svn. I'm waiting for some more patches before I upload.
AFAICT the legal issue is fine, even if the copyright is poorly phrased,
which I admit it is.

I'll wait for the last changes to trickle in and fix this in the
archive.

 
 
 -- 
  http://www.inventati.org/frx/frx-gpg-key-transition-2010.txt
  New GnuPG key, see the transition document!
 . Francesco Poli .
  GnuPG key fpr == CA01 1147 9CD2 EFDF FB82  3925 3E1C 27E1 1F69 BFFE

Thanks again,
  Paul


signature.asc
Description: Digital signature

Re: Bug#678746: desktop-base: Joy theme is a mix of incompatibly-licensed works

[Paul Tagliamonte]

On Sun, Jun 24, 2012 at 12:57 PM, Adrien Aubourg
adrien.aubo...@gmail.com wrote:
 The wiki page now only contain the material used for packaging, with mention 
 of the GPLv2 license.
 The old proposals are still reachable, as the archive is still online.

 The debianart stuff has been partly reuploaded (only the stuff used for 
 packaging is uploaded) to make the re-license appear on the debianart website.

 As I've been asked to write Debian on the installer picture, could be there 
 any license trouble to do so ?

No problem, so long as you don't use the styled Debian text, see
http://www.debian.org/logos/ :)


 Adrien

 Le 24 juin 2012 à 18:50, Francesco Poli a écrit :

 On Sun, 24 Jun 2012 18:31:01 +0200 Adrien Aubourg wrote:


 Le 24 juin 2012 à 14:34, Francesco Poli a écrit :
 [...]
 My recommendation is very much related to consistency.
 Since rest of the package is all GPL-compatible, it would be really
 great if this new theme were GPL-compatible as well.

 Hence, I *still* recommend you to persuade Adrien Aubourg to re-license
 (or dual-license) under GPLv2+ !
 I really hope this may be achieved.

 No need to convince me. Of course I'll re-license my work to GPL. I 
 realised I made a mistake by licensing the work to CC.
 I'll change the Joy wiki page to indicate the licensed, and repost my works 
 on debianart changing the license.

 Hello Adrien!

 Well, what can I say?
 This is *wonderful* news, really!

 It feels like when I receive one of those fake lottery winning
 notifications that pretend I won millions of Dollars or Euros: but this
 time it's for *real*!   ;-)
 I won the re-licensing lottery!  Yay!   :-)

 Thank you so much for your fast and generous reaction!
 Your decision is deeply appreciated, indeed.

 Thanks again and bye.



 --
 http://www.inventati.org/frx/frx-gpg-key-transition-2010.txt
 New GnuPG key, see the transition document!
 . Francesco Poli .
 GnuPG key fpr == CA01 1147 9CD2 EFDF FB82  3925 3E1C 27E1 1F69 BFFE







-- 
All programmers are playwrights, and all computers are lousy actors.

#define sizeof(x) rand()
:wq


--
To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/CAO6P2QQoK0AWmWvUGxdwe=bykbdtc9i5uouek5l1dswjc+a...@mail.gmail.com

Re: Minimized JavaScript in upstream tarball

[Paul Tagliamonte]

On Fri, Apr 27, 2012 at 12:24:50AM -0500, Christofer C. Bell wrote:
 On Thu, Apr 26, 2012 at 1:34 PM, Dmitry Nezhevenko d...@inhex.net wrote:
 
  Upstream distributes in both source and minimized forms:
 
  http://masonry.desandro.com/jquery.masonry.min.js
  https://github.com/desandro/masonry/blob/master/jquery.masonry.js
 
  How this particular file should be handled? The only idea I've is to
  remove this file in my get-git-snapshot-source step and download right
  one instead.
 
 I don't see anything wrong with either file.  It's under an MIT (i.e.;
 free) license and it's human readable source code.  It's not even
 obfuscated -- it's just missing whitespace.  I ran the obfuscated
 version through JSBeautifier[1] and got something that looks like the
 non-obfuscated version[2].
 
 [1] http://jsbeautifier.org/
 [2] http://paste.debian.net/165689/
 
 While it may be ugly, it's certainly easy to clean up.  I don't know
 if there are any pretty printers in Debian for JavaScript but someone
 with a text editor can easily re-insert the whitespace without too
 much trouble.  How does this obfuscation (I use quotes because I
 don't believe it's obfuscated) prevent its inclusion in Debian
 directly?  Why does special consideration need to be made for this
 file?

Regardless, embedded code copies are bad, so the OP shouldn't use it
either way. (see §4.13)

 
 -- 
 Chris
 
 
 -- 
 To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
 with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
 Archive: 
 http://lists.debian.org/caoevnyt2s-be64xfi0-4kue2pat14f7yrdmdj1hxfd6ybg9...@mail.gmail.com
 


signature.asc
Description: Digital signature

Re: Minimized JavaScript in upstream tarball

[Paul Tagliamonte]

INAL, but here's my view:

On Thu, Apr 26, 2012 at 2:34 PM, Dmitry Nezhevenko d...@inhex.net wrote:
 Hi,

 I'm trying to package a web application that contains some
 minimized third-party JavaScript code. It's from JQuery world.

 Anyway I'm going to package git snapshot because latest release needs
 to old versions of dependencies (like django  1.4).

 So I've a target in debian/rules to get tarball with source snapshot. It
 removes all such JavaScript. Later debian/links creates symlinks to files
 from corresponding libjs-* packages.

Actually, the right thing to do here would be to repack a dfsg free
tarball, and use that to build off of, rather then clean out nonfree
stuff at build-time. This still means anyone who downloads the debian
source is getting some nonfree stuff.


 I've faced an issue where one of JS files is obfuscated such way, but
 it's not so populate so it's not in debian now:

 https://github.com/reviewboard/reviewboard/blob/4be2b88fa584d2c958871fce7f9ce20f80b3d7ad/reviewboard/static/rb/js/jquery.masonry.js

 Upstream distributes in both source and minimized forms:

 http://masonry.desandro.com/jquery.masonry.min.js
 https://github.com/desandro/masonry/blob/master/jquery.masonry.js

 How this particular file should be handled? The only idea I've is to
 remove this file in my get-git-snapshot-source step and download right
 one instead.

This should be packaged and pushed to Debian and added as a
dependency, just like anything else :)

It'll make it easier for someone else to use that work as well.

-EPARSE, I might have missed your question due to misreading it, but
that's the best shot at an answer I can rustle up.


 --
 WBR, Dmitry

Fondly,
Paul

-- 
All programmers are playwrights, and all computers are lousy actors.

#define sizeof(x) rand()
:wq


-- 
To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/cao6p2qs7ne3nla5gedcw3ox_vel8tgezqwbdv1h9f+apfh0...@mail.gmail.com