Re: OSD DFSG - different purposes - constructive suggestion!
On Tue, Mar 11, 2003 at 05:51:35PM +1000, Anthony Towns wrote: Note that you do _not_ get to assume privacy is good and moral and a right of both individuals and corporations. Justify it in other terms, Why? Moral judgements can never be justified ex nihil. Nonsense. I can justify every one of the DFSG's existing requirements from nothing but a technical standpoint. Then they're technical judgements, and morals don't (or at least needn't) come into it *for you*. Other people may feel that the requirements are morally-based, in which case, for those people, he's right. Hope that makes sense. Cheers, Nick -- Nick Phillips -- [EMAIL PROTECTED] Fine day for friends. So-so day for you.
Re: OSD DFSG - different purposes - constructive suggestion!
On Tue, Mar 18, 2003 at 12:44:12PM +1200, Nick Phillips wrote: On Tue, Mar 11, 2003 at 05:51:35PM +1000, Anthony Towns wrote: Note that you do _not_ get to assume privacy is good and moral and a right of both individuals and corporations. Justify it in other terms, Why? Moral judgements can never be justified ex nihil. Nonsense. I can justify every one of the DFSG's existing requirements from nothing but a technical standpoint. Then they're technical judgements, and morals don't (or at least needn't) come into it *for you*. Other people may feel that the requirements are morally-based, in which case, for those people, he's right. No, the DFSG is a set of moral judgements: licenses that do such-n-such are unacceptably bad. Those judgements can be justified in terms of technical benefits they obtain. If you want to say that a particular judgement can have both moral and technical aspects, that's fine; but saying that any judgement which has moral aspects can never be justified by technical means is false, and claiming that any of the DFSG's judgements don't contain technical aspects is simply false. Cheers, aj -- Anthony Towns [EMAIL PROTECTED] http://azure.humbug.org.au/~aj/ I don't speak for anyone save myself. GPG signed mail preferred. ``Dear Anthony Towns: [...] Congratulations -- you are now certified as a Red Hat Certified Engineer!'' pgp6GeKgJEIDG.pgp Description: PGP signature
Re: OSD DFSG - different purposes - constructive suggestion!
On Tue, Mar 18, 2003 at 11:28:25AM +1000, Anthony Towns wrote: If you want to say that a particular judgement can have both moral and technical aspects, that's fine; but saying that any judgement which has moral aspects can never be justified by technical means is false, and claiming that any of the DFSG's judgements don't contain technical aspects is simply false. I think that's clearer and correcter than what either of us said before... Cheers, Nick -- Nick Phillips -- [EMAIL PROTECTED] Keep it short for pithy sake.
Re: OSD DFSG - different purposes - constructive suggestion!
On Tuesday, March 11, 2003, at 05:05 AM, Anthony Towns wrote: Giving away CDs at tradeshows that don't include source comes under 3(b). I suppose you could arrange to give everyone both binary and source CDs, then ask them to give the latter back to you. http://www.gnu.org/licenses/gpl- faq.html#HowCanIMakeSureEachDownloadGetsSource http://www.gnu.org/licenses/gpl-faq.html#SourceAndBinaryOnDifferentSites Given those, and the terms of 3(a), I don't see what'd be wrong with having two piles on the table: Binary CDs and Source CDs. They wouldn't even have to be the same size; so long as there is at least one source CD, you can have binary CDs.
Re: The ASP nightmare: a description (was Re: OSD DFSG - different purposes - constructive suggestion!)
On Wed, Mar 12, 2003 at 07:45:36PM +0100, Bernhard R. Link wrote: If anyone had claimed such any kind of distribution in this area some years ago, I'd taken it for a good joke[1]. [...] [1] compareable to a cat /bin/clear on a Solaris of the right version. I presume this was like Solaris's /bin/true, which was something like this: #!/bin/sh # THIS IS UNPUBLISHED PROPRIETARY SOURCE OF ATT. IF YOU DISTRIBUTE IT # YOU WILL BE LABELLED AN ENEMY COMBATANT, YOUR CONSTITUTIONAL RIGHTS # IGNORED, AND EITHER HELD IN DETENTION IN GUANTANAMO BAY FOR THE REST # OF YOUR LIFE, OR SUMMARILY EXECUTED, AT THE ATTORNEY GENERAL'S # PLEASURE. exit 0 Is that about right? -- G. Branden Robinson|Kissing girls is a goodness. It is Debian GNU/Linux |a growing closer. It beats the [EMAIL PROTECTED] |hell out of card games. http://people.debian.org/~branden/ |-- Robert Heinlein pgpoR6fgeTQe6.pgp Description: PGP signature
Re: The ASP nightmare: a description (was Re: OSD DFSG - different purposes - constructive suggestion!)
Branden Robinson wrote: On Wed, Mar 12, 2003 at 07:45:36PM +0100, Bernhard R. Link wrote: If anyone had claimed such any kind of distribution in this area some years ago, I'd taken it for a good joke[1]. [...] [1] compareable to a cat /bin/clear on a Solaris of the right version. I presume this was like Solaris's /bin/true, which was something like this: #!/bin/sh # THIS IS UNPUBLISHED PROPRIETARY SOURCE OF ATT. IF YOU DISTRIBUTE IT # YOU WILL BE LABELLED AN ENEMY COMBATANT, YOUR CONSTITUTIONAL RIGHTS # IGNORED, AND EITHER HELD IN DETENTION IN GUANTANAMO BAY FOR THE REST # OF YOUR LIFE, OR SUMMARILY EXECUTED, AT THE ATTORNEY GENERAL'S # PLEASURE. exit 0 Is that about right? Sun Microsystems Inc. SunOS 5.7 Generic October 1998 phoenix{mschulth}1: cat /bin/clear #!/usr/bin/sh # Copyright (c) 1984, 1986, 1987, 1988, 1989 ATT # All Rights Reserved # THIS IS UNPUBLISHED PROPRIETARY SOURCE CODE OF ATT # The copyright notice above does not evidence any # actual or intended publication of such source code. #ident @(#)clear.sh 1.8 96/10/14 SMI /* SVr4.0 1.3 */ # Copyright (c) 1987, 1988 Microsoft Corporation # All Rights Reserved # This Module contains Proprietary Information of Microsoft # Corporation and should be treated as Confidential. # clear the screen with terminfo. # if an argument is given, print the clear string for that tty type /usr/bin/tput ${1:+-T$1} clear 2 /dev/null exit phoenix{mschulth}2:
The ASP nightmare: a description (was Re: OSD DFSG - different purposes - constructive suggestion!)
[EMAIL PROTECTED] (Thomas Bushnell, BSG) writes: Jeremy Hankins hasn't explained well enough for me why in that future we would be unable to make the kinds of free software we have now. Ah, I wasn't aware of that. I'll see if I can flesh it out a bit for you. Imagine a world with omnipresent connectivity, and a lot of copylefted software. Someone decides that they could make the browser into a platform (remember Netscape the MS antitrust trial). So they take commonly available Free software packages and stick them behind a web interface. Gcc, tetex, emacs, etc. They lock them down so that no one can access the filesystem of the server directly via these packages (and thus gain access to the binaries, say), and charge a monthly fee for access. Maybe they provide a sort of stripped down client computer with a browser (possibly all proprietary) that is set up to use their server for all your computing needs. Take this to the logical extreme where everybody starts doing this and every Free program has several ASP versions, and you have the ASP nightmare. Personally, I think there are a lot of flaws in this prediction. For one thing it assumes that single organizations would be able to effectively compete with the commons in the development of the software, which I doubt. But it could be argued that whenever Free Software developers add features to their software they'll just be taken proprietary by adding them to the software behind the web interfaces. And they can add features with impunity since, without access to binaries, no one has access to source, so features added to software behind a web interface will never get added to the versions with source available. All it would take is someone like MS deciding they could trust their code to be included in the mix behind the ASP wall and the scenario becomes somewhat (if not completely) believable. In the end, reasonable people can disagree as to how likely this scenario (or one a bit less extreme) is. -- Jeremy Hankins [EMAIL PROTECTED] PGP fingerprint: 748F 4D16 538E 75D6 8333 9E10 D212 B5ED 37D0 0A03
Re: OSD DFSG - different purposes - constructive suggestion!
On Tue, 2003-03-11 at 06:44, Bernhard R. Link wrote: * David Turner [EMAIL PROTECTED] [030311 00:46]: Because the four freedoms do talk about freedom to use the software, but don't say anthing about the freedom to *not* disclose source code under certain conditions. I may not talk about freedom, but it talks about: * The freedom to study how the program works, and adapt it to your needs. Having to distribute one's modifications heavily limits this freedom. I see a problem with having to distribute modifications in the general case, but not in the only-to-users case. Having to distribute (or offer) the source code together with the binaries one distributes is not only a much more minor requirement (as it just increases the things to distribute, not forces an act of its own), but also aims to keeping the freedom of the receivers of the binary. Actually, the intent of AGPL's (2)(d) (if not its actual implementation, which is a minor point) is that people running the program in an ordinary fashion don't need to do anything -- they're already providing some software which uses a browser as its interface, and now the software happens to provide source code. Even http://www.fsf.org/philosophiy/free-sw.html, where the four freedoms are written, talks about: #You should also have the freedom to make modifications and use them #privately in your own work or play, without even mentioning that they #exist. If you do publish your changes, you should not be required to #notify anyone in particular, or in any particular way. # #The freedom to use a program means the freedom for any kind #of person or organization to use it on any kind of computer #system, for any kind of overall job, and without being required to #communicate subsequently with the developer or any other specific entity. The current discussion tends a bit to much to discuss, if a clause forcing the users of the program to give the people interacting with its output access to it, can be beneficial to free software in general. Even if such a clause would be benefical (though I really doubt it, as it has huge practical impacts, as many on this list noted), this would still be no justification to remove such elementary freedom. I think the above can and should be read to allow the AGPL. Providing a web service to the public goes beyond using modifications privately. -- -Dave Turner Stalk Me: 617 441 0668 On matters of style, swim with the current, on matters of principle, stand like a rock. -Thomas Jefferson
Re: The ASP nightmare: a description (was Re: OSD DFSG - different purposes - constructive suggestion!)
Jeremy Hankins said: Imagine a world with omnipresent connectivity, and a lot of copylefted software. Someone decides that they could make the browser into a platform (remember Netscape the MS antitrust trial). So they take commonly available Free software packages and stick them behind a web interface. Gcc, tetex, emacs, etc. They lock them down so that no one can access the filesystem of the server directly via these packages (and thus gain access to the binaries, say), and charge a monthly fee for access. Maybe they provide a sort of stripped down client computer with a browser (possibly all proprietary) that is set up to use their server for all your computing needs. This world can be here today. Think thin client or X station. Take this to the logical extreme where everybody starts doing this and every Free program has several ASP versions, and you have the ASP nightmare. How is this different (from a licensing perspective) from a publicly-accessible shell server? Assume for a minute that all the GPL'd binaries on the server are chmod a-r, so no user can make a copy of the binaries (just to avoid the distribution issue). This is exactly the line of thinking that caused problems with the LPPL 1.2 (where their definition of distribution included making software available on a shared system) If I set up a server that listens for simple TCP connections and searches for joe in the data stream (with the following in /etc/inetd.conf): 255 stream tcp wait nobody /usr/bin/grep /usr/bin/grep -i joe does that mean that a shell script that includes | netcat $host -p 255 | is linked to a GPL app? Or does it just mean that netcat is linked to a GPL app? (If the latter is true, then any network-aware program may be a GPL violation) --Joe
Re: The ASP nightmare: a description (was Re: OSD DFSG - different purposes - constructive suggestion!)
* Jeremy Hankins [EMAIL PROTECTED] [030312 18:53]: [EMAIL PROTECTED] (Thomas Bushnell, BSG) writes: So they take commonly available Free software packages and stick them behind a web interface. Gcc, tetex, emacs, etc. They lock them down so that no one can access the filesystem of the server directly via these packages (and thus gain access to the binaries, say), and charge a monthly fee for access. Maybe they provide a sort of stripped down client computer with a browser (possibly all proprietary) that is set up to use their server for all your computing needs. I think there is also a more simple situation to think about. Consider a university has a computer lab for the students with some software installed. If the software is GPLed, do the students have a right to get the source of the programs? And if yes, why? If anyone had claimed such any kind of distribution in this area some years ago, I'd taken it for a good joke[1]. Today more and more people seem to even see remotely interacting with software as something a licence can cope with. (I somehow like when my freedom to own paper-scissors got abandowned as people feel the right of people to no been hurt is more important is this area). Hochachtungsvoll, Bernhard R. Link [1] compareable to a cat /bin/clear on a Solaris of the right version. -- Sendmail is like emacs: A nice operating system, but missing an editor and a MTA.
Re: OSD DFSG - different purposes - constructive suggestion!
On Mon, Mar 10, 2003 at 02:08:58PM +0100, Henning Makholm wrote: Scripsit Anthony Towns aj@azure.humbug.org.au it's about privacy, it's about the freedom to keep things private, it's about not fundamental rights 'til you're blue in the face, and even though every word of it's completely true, it's *not relevant*. You're wrong. It is relevant. It's one of the freedoms we're protecting. No. It's not one of the freedoms we're protecting since we've already let things like the QPL into the distribution. It's one of the things that *you* would *like* to protect. It's not necessarily one of the things I would like to protect. It's not one of the things that Debian is protecting. Note that you do _not_ get to assume privacy is good and moral and a right of both individuals and corporations. Justify it in other terms, Why? Moral judgements can never be justified ex nihil. Nonsense. I can justify every one of the DFSG's existing requirements from nothing but a technical standpoint. Cheers, aj -- Anthony Towns [EMAIL PROTECTED] http://azure.humbug.org.au/~aj/ I don't speak for anyone save myself. GPG signed mail preferred. ``Dear Anthony Towns: [...] Congratulations -- you are now certified as a Red Hat Certified Engineer!'' pgpxwrIiPqhFy.pgp Description: PGP signature
Re: OSD DFSG - different purposes - constructive suggestion!
On Mon, Mar 10, 2003 at 09:16:08PM -0800, Thomas Bushnell, BSG wrote: Note Barak Perlmutter's newly proposed tentacles of evil test: 3. The Tentacles of Evil test. [...] The license cannot allow even the author to take away the required freedoms! The license doesn't have to -- at least in Australia, castlaw allows you to do this. Cheers, aj -- Anthony Towns [EMAIL PROTECTED] http://azure.humbug.org.au/~aj/ I don't speak for anyone save myself. GPG signed mail preferred. ``Dear Anthony Towns: [...] Congratulations -- you are now certified as a Red Hat Certified Engineer!'' pgpTp88hMMQPa.pgp Description: PGP signature
Re: OSD DFSG - different purposes - constructive suggestion!
On Mon, Mar 10, 2003 at 12:15:13PM -0800, Thomas Bushnell, BSG wrote: Anthony Towns aj@azure.humbug.org.au writes: Consider Frank the lawyer who takes some nice source code from a GPLed project, and adds some code his friend was telling him under NDA. He puts it up on the web, and suddenly gets demands for source code from the original author. What does he do, violate the NDA, or the copyright license??? What does he do?!? The GPL doesn't have such a rule. He puts the program up on the web. As in http://www.frankcorp.com/foo.exe. People then download it. They then demand the source. Yeesh. Cheers, aj -- Anthony Towns [EMAIL PROTECTED] http://azure.humbug.org.au/~aj/ I don't speak for anyone save myself. GPG signed mail preferred. ``Dear Anthony Towns: [...] Congratulations -- you are now certified as a Red Hat Certified Engineer!'' pgpx620Yi89LP.pgp Description: PGP signature
Re: OSD DFSG - different purposes - constructive suggestion!
On Mon, Mar 10, 2003 at 05:59:19PM -0500, David Turner wrote: On Sun, 2003-03-09 at 18:18, Anthony Towns wrote: In the dissident case, we're trying to protect the people from having to reveal their changes to the government they're protesting. But this just doesn't make any real sense: the code they're hacking on is the least of their worries - it's the contents of their databases, not their bugfix to select query processing that they need to keep private; and furthermore What about DeCSS? What about it? Nobody was trying to keep DeCSS private. Nobody's trying to keep quiet the existance of steganographic of cryptographic software that might help reporters send out articles that haven't been edited or censored by the Palestinian Authority. Some people might be trying to keep the fact that _they_ use it quiet, but that's a different matter. it's the government's laws that will put them most at risk here -- of being accused of spying, eg -- not the copyright license. So from what I can see, we're protecting something of little value, and then doing a bad job of it. But in order that users may evade the government's laws, Uh, Debian's not here to help people evade their government's laws. For instance, consider a binary which is a game, unless it's called with the --dissident command-line option, in which case, it's DeCSS (or GPG). Were the source code to this game revealed, it would show clearly the nature of the program. But the gov't doesn't have time to reverse engineer the binaries (and anyway, DMCA2 prohibits it). They do have the time, however, to follow up on GPL (3)(b) offers. Can dissidents distribute binaries to everyone, and source code only to those they trust? Not according to many Free Software licenses. And I think the Dissident test as it now stands is clear on the above. It's not dispositive on every issue, as the debate shows. I have no idea what you're trying to say here. Cheers, aj -- Anthony Towns [EMAIL PROTECTED] http://azure.humbug.org.au/~aj/ I don't speak for anyone save myself. GPG signed mail preferred. ``Dear Anthony Towns: [...] Congratulations -- you are now certified as a Red Hat Certified Engineer!'' pgpi6hAhtQZ3E.pgp Description: PGP signature
Re: OSD DFSG - different purposes - constructive suggestion!
On Mon, Mar 10, 2003 at 09:15:22PM -0800, Thomas Bushnell, BSG wrote: Sample onerous conditions: 1) Pay money. 2) Send your changes back always. 3) Pay money on request. I'm broke and on a desert island, I can't do any of these. 4) Send your changes back on request. I'm broke and on a desert island, but I can do this if you cover my costs. We already reject (1), (2), and (3). Why is (4) suddenly not rejected as onerous? Because it's not onerous if someone else covers your costs. In the same way You must give me your sources at cost if you give me your binaries isn't onerous. As the case of Fred the Lawyer makes clear, however, there are real people for which it is a real burden. There are real people for whom the GPL is a real burden. Cheers, aj -- Anthony Towns [EMAIL PROTECTED] http://azure.humbug.org.au/~aj/ I don't speak for anyone save myself. GPG signed mail preferred. ``Dear Anthony Towns: [...] Congratulations -- you are now certified as a Red Hat Certified Engineer!'' pgp5BDvBAl5tb.pgp Description: PGP signature
Re: Barriers to an ASP loophole closure (was Re: OSD DFSG - different purposes - constructive suggestion!)
On Mon, Mar 10, 2003 at 02:27:44PM -0500, Jeremy Hankins wrote: Anthony Towns aj@azure.humbug.org.au writes: Basically, as far as I can see, the dissident test is exactly equivalent to saying we don't want to close this ASP loophole thing. I don't think this is true, if you accept the substitution of users for copy holders. Well, dissidents supposedly want to be able to keep their changes private to a small group from among all the people who have any knowledge of their software. ASP folks want to keep their software private to themselves. One possiblity would be to change the distribute-to-author requirement to be something like If the author is aware of your modifications, and requests them, you are required to provide them at cost, and require the author to somehow positively demonstrate his awareness. If you're only using the software locally, or amongst a few friends, the author can't demonstrate any such awareness; if you provide a subscription service to the public, one of your subscribers can mail the author and tell him about it though. Cheers, aj -- Anthony Towns [EMAIL PROTECTED] http://azure.humbug.org.au/~aj/ I don't speak for anyone save myself. GPG signed mail preferred. ``Dear Anthony Towns: [...] Congratulations -- you are now certified as a Red Hat Certified Engineer!'' pgpNrQNCuVy3V.pgp Description: PGP signature
Re: OSD DFSG - different purposes - constructive suggestion!
On Tue, Mar 11, 2003 at 06:31:05PM +1000, Anthony Towns wrote: On Mon, Mar 10, 2003 at 09:15:22PM -0800, Thomas Bushnell, BSG wrote: We already reject (1), (2), and (3). Why is (4) suddenly not rejected as onerous? Because it's not onerous if someone else covers your costs. In the same way You must give me your sources at cost if you give me your binaries isn't onerous. Actually, I think the GPL would have serious problems if it didn't have 3(a). Having to keep the source around for three years would be a significant burden. What keeps the GPL free is that you have the option to offer sources and binaries together and be done with it, even if the recipient elects to take only the binaries. So yes, You must give me your sources at cost if you give me your binaries is onerous. Richard Braakman
Re: OSD DFSG - different purposes - constructive suggestion!
On Tue, Mar 11, 2003 at 11:46:03AM +0200, Richard Braakman wrote: Actually, I think the GPL would have serious problems if it didn't have 3(a). Having to keep the source around for three years would be a significant burden. What keeps the GPL free is that you have the option to offer sources and binaries together and be done with it, even if the recipient elects to take only the binaries. So yes, You must give me your sources at cost if you give me your binaries is onerous. Why wouldn't you include the cost of the source in the fee you charge for including it? Requiring you to keep the sources for three years is onerous, yes. And the GPL specifically says you have to *accompany* your binaries with the complete machine-readable source code. You can't offer it, and hope they don't accept; you have to *give* it to them. Giving away CDs at tradeshows that don't include source comes under 3(b). I suppose you could arrange to give everyone both binary and source CDs, then ask them to give the latter back to you. Cheers, aj -- Anthony Towns [EMAIL PROTECTED] http://azure.humbug.org.au/~aj/ I don't speak for anyone save myself. GPG signed mail preferred. ``Dear Anthony Towns: [...] Congratulations -- you are now certified as a Red Hat Certified Engineer!'' pgpuBM23thqou.pgp Description: PGP signature
Re: OSD DFSG - different purposes - constructive suggestion!
* David Turner [EMAIL PROTECTED] [030311 00:46]: Because the four freedoms do talk about freedom to use the software, but don't say anthing about the freedom to *not* disclose source code under certain conditions. I may not talk about freedom, but it talks about: * The freedom to study how the program works, and adapt it to your needs. Having to distribute one's modifications heavily limits this freedom. Having to distribute (or offer) the source code together with the binaries one distributes is not only a much more minor requirement (as it just increases the things to distribute, not forces an act of its own), but also aims to keeping the freedom of the receivers of the binary. Even http://www.fsf.org/philosophiy/free-sw.html, where the four freedoms are written, talks about: #You should also have the freedom to make modifications and use them #privately in your own work or play, without even mentioning that they #exist. If you do publish your changes, you should not be required to #notify anyone in particular, or in any particular way. # #The freedom to use a program means the freedom for any kind #of person or organization to use it on any kind of computer #system, for any kind of overall job, and without being required to #communicate subsequently with the developer or any other specific entity. The current discussion tends a bit to much to discuss, if a clause forcing the users of the program to give the people interacting with its output access to it, can be beneficial to free software in general. Even if such a clause would be benefical (though I really doubt it, as it has huge practical impacts, as many on this list noted), this would still be no justification to remove such elementary freedom. Hochachtungsvoll, Bernhard R. Link -- Sendmail is like emacs: A nice operating system, but missing an editor and a MTA.
Re: OSD DFSG - different purposes - constructive suggestion!
Glenn Maynard [EMAIL PROTECTED] writes: On Mon, Mar 10, 2003 at 03:46:57PM -0500, Brian T. Sniffen wrote: As I said: existing mechanisms of licensing Free Software (e.g. GNU GPL and MIT/X11) provide an impetus for improvement. A compulsory-sharing license, as might bring us closer to BrinWorld, removes much of the financial incentive for such improvement. In such a world, the changes made, used, and later released by IBM, Red Hat, Akamai, Apple... all wouldn't have been made, and our software technology would be that much more primitive. The GPL removes much of the financial incentive for such improvement. After all, you have to provide source and you can't restrict people you sell copies to from giving it away for free, so the entire sales model of selling individual programs on the shelf, and licensing software per-seat, goes completely out the window. I disagree with this argument, of course (as everyone here probably does: it's true that the same sales model doesn't work, but it certainly hasn't stopped innovation), but your argument seems to be exactly the same. Why is this argument valid for web applications where it's clearly wrong for other software? Two reasons: First, because the argument about web applications is a reduction in the marginal use value of a software improvement, not in its sale value. Second, this can be taken out of the realm of theory: in practice, private companies make improvements to software they have under the GPL, keep some of those improvements secret, and release others. Those same companies pass up the opportunity to improve software where they do not have the option of keeping their improvements secret. (Admittedly, I've seen short-sighted companies scrambling for profitability start rewriting their code so they could sell licenses, excising all the GPL'd bits). (To be clear, I'm firmly against forced-sharing; the GPL goes far enough. I just don't think this particular argument is valid.) -- Glenn Maynard -- Brian T. Sniffen[EMAIL PROTECTED] http://www.evenmere.org/~bts/
Re: Barriers to an ASP loophole closure (was Re: OSD DFSG - different purposes - constructive suggestion!)
On Tue, 2003-03-11 at 11:58, Steve Langasek wrote: I find this an acceptable compromise. The GPL already implements something very close to this: if you give someone a copy, they're able to pass it on to a third party who in some cases then has grounds for demanding source from the author. Extending that to letting a PCH demand access to changes if someone tells him about them doesn't seem too much of a stretch. Close; the case in question for the GPL only arises in the case where someone actually makes a written offer valid for at least three years. Have you *ever* seen such an offer? I haven't. Was the entity making that offer still around three years later? Further, it would seem that anyone making such an offer would know about it, since they do have to write it down, and that explicitly states that the offer is valid to any third party. In other words, I can only be screwed over by that clause if I agree to it in writing. Extending to the case where that's a mandatory part of the license is a rather different story. I've been trying to write down my objections to re-classifying public performance (a.k.a. ordinary use w.r.t. server type software) as distribution, and I'm beginning to conclude that GPL'd software is inappropriate for casual copying, even without the added burden imposed by closing the ASP loophole. 3a) requires that I give the complete copy of the source along with the binary; if public performance is classified as distribution, I'd be forced to ship the complete source code for the Linux kernel, Apache, PHP, and who knows what all else with every web page so as to be clearly in compliance with this section. Adding a link to the source on someone else's site would be very hard to defend in court as falling under this section; hosting the source code myself means I've just agreed to become a kernel.org mirror. As an aside, this might mean that binary-only mirrors are in technical violation of the GPL, because the source code must be distributed with the binaries, and distribution of the source code by a different entity probably doesn't count (in the same place, from the comments after section ). 3b) requires that I make a multi-year commitment to being reachable *and* agreeable to working without profit during that time period. I have no control over how far my written offer will be propagated without my knowledge, yet I must honor that written offer, as any weakening of this clause will lead to even larger loopholes than the ASP loophole. If the at cost clause is interpreted strictly, then I'm unwilling to make such an offer, since it means that I have to do charity work while the bank comes in to foreclose on my house. If it is interpreted loosely, then someone from the music or movie industry comes in and says that their costs are very high, and that you'll have to pay a million dollars for the source code. Per file. Either way, I've never seen such an offer, and there's no way that I'll ever agree to make such an offer without having enough cash in hand to ensure that I can survive those three years on at cost work. 3c) requires that some other sucker has agreed to 3b) *and* that that offer has been either made to me or relayed to me. Furthermore, even if I do have such an offer, I may not take advantage of it if I happen to be engaged in commercial activity related to the distribution. Right now, I don't think that's much of a problem, but if public performance is classified as distribution, then I think that it would be far too easy to be engaged in commercial distribution -- e.g., any business web site would be engaged in commercial distribution of Apache under that definition. I haven't yet gotten everything together in my head yet, but I'm afraid that closing the ASP loophole will result in the possibility of being in violation of the GPL-v3 simply by making a machine with too much software on it accessible from the net. Furthermore, if such a change is sloppily written, too much software might mean a bare-bones bootable system, as responding to pings is a service, too, and is hard to distinguish from software-that-cures-cancer as an ASP (technically, that is; both receive network packets and respond to them with other network packets; I am sure that there are other protocols that aren't quite as trivial as ping but still far less than something we'd actually call an ASP that could be used as an example as well). -- Stephen RyanDebian Linux 3.0 Technology Coordinator Center for Educational Outcomes at Dartmouth College
Re: OSD DFSG - different purposes - constructive suggestion!
Anthony Towns aj@azure.humbug.org.au writes: On Mon, Mar 10, 2003 at 09:15:22PM -0800, Thomas Bushnell, BSG wrote: Sample onerous conditions: 1) Pay money. 2) Send your changes back always. 3) Pay money on request. I'm broke and on a desert island, I can't do any of these. 4) Send your changes back on request. I'm broke and on a desert island, but I can do this if you cover my costs. We already reject (1), (2), and (3). Why is (4) suddenly not rejected as onerous? Because it's not onerous if someone else covers your costs. In the same way You must give me your sources at cost if you give me your binaries isn't onerous. It has been pointed out that the true costs are sometimes much higher than the cost of media.
Re: OSD DFSG - different purposes - constructive suggestion!
Anthony Towns aj@azure.humbug.org.au writes: On Mon, Mar 10, 2003 at 12:15:13PM -0800, Thomas Bushnell, BSG wrote: Anthony Towns aj@azure.humbug.org.au writes: Consider Frank the lawyer who takes some nice source code from a GPLed project, and adds some code his friend was telling him under NDA. He puts it up on the web, and suddenly gets demands for source code from the original author. What does he do, violate the NDA, or the copyright license??? What does he do?!? The GPL doesn't have such a rule. He puts the program up on the web. As in http://www.frankcorp.com/foo.exe. People then download it. They then demand the source. Why does he put it on the web? *THAT* was already violating the NDA.
Re: OSD DFSG - different purposes - constructive suggestion!
On Tue, 2003-03-11 at 11:33, Henning Makholm wrote: Scripsit David Turner [EMAIL PROTECTED] On Mon, 2003-03-10 at 08:04, Henning Makholm wrote: In that case you can simply choose to distribute the program only to people you trust. You can't do this if the license carries an obligation to distribute to a fixed third party, too. Interesting! I am inclined to agree with this, and point out that the AGPL basically puts users in the category of people you have to trust. Yes - and we don't want to accept licenses that do not allow people the freedom to chose who they want to trust. You choose your users. Sniffen (who secretely wants to write proprietary software) I think you just lost your credibility in this discussion. I hope not! I'm going by his comments in another part of this thread (or was it another thread), which you described as arguments against Free Software (rather than arguments against AGPL-like licensing). -- -Dave Turner Stalk Me: 617 441 0668 On matters of style, swim with the current, on matters of principle, stand like a rock. -Thomas Jefferson
Re: OSD DFSG - different purposes - constructive suggestion!
On Tue, 2003-03-11 at 00:11, Thomas Bushnell, BSG wrote: David Turner [EMAIL PROTECTED] writes: On Mon, 2003-03-10 at 16:00, Walter Landry wrote: Anthony Towns aj@azure.humbug.org.au wrote: Arguments about practicality, that this makes doing legitimate things harder or impossible in some situations for purely technical reasons (the stranded on an island test does this), are valid, but I haven't really seen any. What about an ATM machine? If the ATM machine communicated with the central database using code with this enforced distribution clause, then you have to distribute to the users of the ATM. Modifying an ATM to distribute code in addition to cash seems rather onerous. Print a link on the reciepts. The license doesn't say that is sufficient, does it? I don't know. Maybe. But certainly, a better-written version might, hence why I keep asking for comments. -- -Dave Turner Stalk Me: 617 441 0668 On matters of style, swim with the current, on matters of principle, stand like a rock. -Thomas Jefferson
Re: Barriers to an ASP loophole closure (was Re: OSD DFSG - different purposes - constructive suggestion!)
On Tue, 2003-03-11 at 14:51, Stephen Ryan wrote: On Tue, 2003-03-11 at 11:58, Steve Langasek wrote: I find this an acceptable compromise. The GPL already implements something very close to this: if you give someone a copy, they're able to pass it on to a third party who in some cases then has grounds for demanding source from the author. Extending that to letting a PCH demand access to changes if someone tells him about them doesn't seem too much of a stretch. Close; the case in question for the GPL only arises in the case where someone actually makes a written offer valid for at least three years. Have you *ever* seen such an offer? I haven't. I've seen tons of them in my work in the GPL compliance lab. Lots of companies who make firewall appliances prefer (3)(b) compliance to (3)(a) compliance. I will point you to an example of one which was *not* from a compliance lab client: ftp://ftp.symantec.com/public/english_us_canada/products/symantec_gateway_security/manuals/sgs_install_config.pdf Quote is: The Excluded Software consists of the open source code software known as Linux included with the Appliance. All Excluded Software is licensed under the GNU General Public License, Version 2, June 1991, a copy of which is included with the user documentation for the Appliance. The license entitles You to receive a copy of the source code for Linux only upon request at a nominal charge. If you are interested in obtaining a copy of such source code, please contact Symantec Customer Service at one of the above addresses for further information. -- -Dave Turner Stalk Me: 617 441 0668 On matters of style, swim with the current, on matters of principle, stand like a rock. -Thomas Jefferson
Re: OSD DFSG - different purposes - constructive suggestion!
On Tue, 2003-03-11 at 00:10, Thomas Bushnell, BSG wrote: David Turner [EMAIL PROTECTED] writes: Because the four freedoms do talk about freedom to use the software, but don't say anthing about the freedom to *not* disclose source code under certain conditions. Why is this different from: Because the four freedoms do talk about freedom to use the software, but don't say anything about the freedom to *not* disclose your IRS tax records? The license could say: You may copy this software, provided that you provide a true copy of your tax returns upon request by the original author of the software. We would reject that as nonfree, right? Hm. Yes. So, I think we have to go back to looking at which restrictions we allow. For instance, we allow the GPL's section 4, which prohibits certain people (on account of their past actions) from copying, modifying, or distributing GPL'd software. Why? One answer is that it's the only way the GPL can be reasonably enforced. In Jeremy Hankins's suggested possible future, some AGPL-like (but better drafted) license is the only way we can keep Free Software as Free Software. So, let's move to that thread. -- -Dave Turner Stalk Me: 617 441 0668 On matters of style, swim with the current, on matters of principle, stand like a rock. -Thomas Jefferson
Re: OSD DFSG - different purposes - constructive suggestion!
David Turner [EMAIL PROTECTED] writes: So, I think we have to go back to looking at which restrictions we allow. For instance, we allow the GPL's section 4, which prohibits certain people (on account of their past actions) from copying, modifying, or distributing GPL'd software. Why? One answer is that it's the only way the GPL can be reasonably enforced. In Jeremy Hankins's suggested possible future, some AGPL-like (but better drafted) license is the only way we can keep Free Software as Free Software. So, let's move to that thread. Um, but this is a trick! Suppose I became convinced that I needed to know the tax returns of the leaders of IBM; in that way I might be able to exert pressure on them to release more of IBM's code as free software. Then it might be that the only way to keep Free Software is to require the disclosure of tax returns. Indeed, the people who want to ban flag burning see flag burning as such a threat to the Republic, that they say the only way to to keep free speech is to ban flag burning. Ludicrous! Section 4 has never been invoked (though it has been threatened), but more to the point, it acts almost entirely to allow a court to give *injunctive* relief for future acts. Jeremy Hankins hasn't explained well enough for me why in that future we would be unable to make the kinds of free software we have now.
Re: OSD DFSG - different purposes - constructive suggestion!
On Tue, Mar 11, 2003 at 12:00:38PM -0800, Thomas Bushnell, BSG wrote: Anthony Towns aj@azure.humbug.org.au writes: Because it's not onerous if someone else covers your costs. In the same way You must give me your sources at cost if you give me your binaries isn't onerous. It has been pointed out that the true costs are sometimes much higher than the cost of media. Yes. Tools, media, postage, and your time (to a reasonable extent) are all legitimate things to claim as part of your costs. If someone's being overly obscene in their cost analysis, you can take them to court and get an enforcable second opinion on what's reasonable. Cheers, aj -- Anthony Towns [EMAIL PROTECTED] http://azure.humbug.org.au/~aj/ I don't speak for anyone save myself. GPG signed mail preferred. ``Dear Anthony Towns: [...] Congratulations -- you are now certified as a Red Hat Certified Engineer!'' pgpmVCVCp5z89.pgp Description: PGP signature
Re: OSD DFSG - different purposes - constructive suggestion!
On Tue, Mar 11, 2003 at 12:02:06PM -0800, Thomas Bushnell, BSG wrote: Anthony Towns aj@azure.humbug.org.au writes: On Mon, Mar 10, 2003 at 12:15:13PM -0800, Thomas Bushnell, BSG wrote: Anthony Towns aj@azure.humbug.org.au writes: Consider Frank the lawyer who takes some nice source code from a GPLed project, and adds some code his friend was telling him under NDA. He puts it up on the web, and suddenly gets demands for source code from the original author. What does he do, violate the NDA, or the copyright license??? What does he do?!? The GPL doesn't have such a rule. He puts the program up on the web. As in http://www.frankcorp.com/foo.exe. People then download it. They then demand the source. Why does he put it on the web? *THAT* was already violating the NDA. Lots of people distribute binaries that encode NDAed technologies. Windows, etc. Maybe it was a special case of some clever new advance in AI that looks for flaws in contracts, and he only gives away copies to his clients after getting $50 via paypal, which he splits 50:50 with his friend. Cheers, aj -- Anthony Towns [EMAIL PROTECTED] http://azure.humbug.org.au/~aj/ I don't speak for anyone save myself. GPG signed mail preferred. ``Dear Anthony Towns: [...] Congratulations -- you are now certified as a Red Hat Certified Engineer!'' pgpggiazA1HnJ.pgp Description: PGP signature
Re: OSD DFSG - different purposes - constructive suggestion!
On Tue, Mar 11, 2003 at 12:44:15PM +0100, Bernhard R. Link wrote: Even http://www.fsf.org/philosophiy/free-sw.html, where the four freedoms are written, talks about: #You should also have the freedom to make modifications and use them #privately in your own work or play, without even mentioning that they #exist. If you do publish your changes, you should not be required to #notify anyone in particular, or in any particular way. # #The freedom to use a program means the freedom for any kind #of person or organization to use it on any kind of computer #system, for any kind of overall job, and without being required to #communicate subsequently with the developer or any other specific entity. Thanks for the cite; hopefully Mr. Turner will get that Ashcroft stuff out of his system now. ;-) -- G. Branden Robinson| I came, I saw, she conquered. Debian GNU/Linux | The original Latin seems to have [EMAIL PROTECTED] | been garbled. http://people.debian.org/~branden/ | -- Robert Heinlein pgpHXvaBUGQc4.pgp Description: PGP signature
Re: OSD DFSG - different purposes - constructive suggestion!
On Mon, Mar 10, 2003 at 06:14:44PM -0500, David Turner wrote: Thomas, I'm responding to your questions, but I'm actually directing my response to Branden Robinson, since I don't know your position on his DFSG-interpretation proposal. Branden, if the FSF's four freedoms are the consitution to DFSG's case law, they have a lot in common with the US constitution, in that they don't explicitly guarantee a right to privacy. So, see below. See my remark elsewhere about Debian possibly having Five Freedoms. Reading the Ninth Amendment as meaningless because it doesn't enumerate any rights is not a good way to score rhetorical points with me. The enumeration in the Constitution, of certain rights, shall not be construed to deny or disparage others retained by the people. Modern jurisprudence appears to read this as follows: The enumeration in the Constitution, of certain rights, shall be construed to mean that the people have no others. Because the four freedoms do talk about freedom to use the software, but don't say anthing about the freedom to *not* disclose source code under certain conditions. [...] Interestingly, neither the FSF's four freedoms, nor FDR's four freedoms (wink) include privacy. I don't think this is interesting at all. It's a thoughtless oversight. -- G. Branden Robinson|Freedom is kind of a hobby with me, Debian GNU/Linux |and I have disposable income that [EMAIL PROTECTED] |I'll spend to find out how to get http://people.debian.org/~branden/ |people more of it. -- Penn Jillette pgpt978GxS1lf.pgp Description: PGP signature
Re: OSD DFSG - different purposes - constructive suggestion!
Anthony Towns aj@azure.humbug.org.au writes: Sure. Compare this to some code using the GPL; same sort of information, same problem with it: their trade secrets are woven into the functionality of the code itself. If one of your customers is a competitor, or a competitor buys out a user, any requirement to distribute source to your users makes it non-viable to use the software for certain applications which are, eg, protected by BSD-style licenses. Except the GPL doesn't force you to share your secrets, ever. You can share them with exactly the people you want to share them with, and you are never obligated to share them with person X just because you shared them with person Y. Arguments about practicality, that this makes doing legitimate things harder or impossible in some situations for purely technical reasons (the stranded on an island test does this), are valid, but I haven't really seen any. It's not about practicality; it's about freedom. The question is: should I get to control the behavior of that other person in the way they modify and copy the software? The default answer is no, and any deviation from that needs defense. Some deviations can be defended as an augment to freedom (required change notices like those the GPL has; requirement to distribute source with binarie). Other deviations cannot be defended as an augment to freedom. Forcing the distribution to any third party, it seems to me, is a deviation of the latter sort. At least, I haven't heard of any defense of such a deviation, on any other principle than it makes sure that they contribute back. But free software was never about forcing people to contribute back. That was always a happily hoped for by-product of the system. Indeed, the whole genius of the system is the way that it produces unforced contributions back. Another possibility is that getting such clauses *right*, in a way that can't be abused by the author to harass the user, or otherwise create an undue burden on the user, is impossible -- that we haven't seen any examples which do this remotely well; but that the possibility remains that one day we would, and we'd be willing to accept that license into main. That is, there isn't anything fundamentally wrong with this, as long as the user's costs can be minimised [0]. For the time being, I think debating the details of wording is not worth it, because I think there is a problem with the basic concept. So let's talk about the basic concept. (And yes, I do realise I was arguing the other side of this just a day or two ago) Aw, heck, once I was defending the GNU FDL. We all learn and change. :)
Re: OSD DFSG - different purposes - constructive suggestion!
On Mon, 10 Mar 2003, Anthony Towns wrote: Is there a _fundamental_ difficulty with such licenses? I'm beginning to think that there is, as it restricts the use that an individual can put a given bit of source to in his or her own home. First, does that cause any problems for Debian? I don't think it would cause a problem with the majority of people who are using or modifying Free Software, as (I would imagine) most of them don't have anything to hide... but to someone who does? As a mental exercise, try replacing The Chinese Dissident Test with The Al Qa'ida Terrorist Test Heh. It's funny that you mentioned this, as originally I was going to use The Base instead of the proto anarchist of raisethefist,[1] but decided that it would merely cloud the issue. The companies who want to include NDA'ed, patented or secret technology in programs have pretty much the same problem they'd have if they were using the GPL, and needed to distribute such programs to their customers; True, but the knowledge that they can't distribute is a certainty. I see that this could force people in such a situation to spend the time that they might spend improving GPLed tools (whilst keeping the NDAed portions secret) extending other tools instead. [Of course, you could extend the same argument to distribute as well, but it seems that experience has taught us that extenders of BSD code don't often contribute their changes to the community.] A number of companies, and the FSF, want to see this loophole removed; I think we should be _very_ sure of our reasons before dismissing their attempts. I agree completely, and I'm glad that we're discussing it as thoroughly as possible. Regardless of the our eventual consensus, the discussion will make the logic behind the eventual change (if any) that much stronger. Don Armstrong 1: http://www-2.cs.cmu.edu/~dst/raisethefist/ -- Filing a bug is probably not going to get it fixed any faster. -- Anthony Towns http://www.donarmstrong.com http://www.anylevel.com http://rzlab.ucr.edu pgpTJxl7DhuOG.pgp Description: PGP signature
Re: OSD DFSG - different purposes - constructive suggestion!
Don Armstrong [EMAIL PROTECTED] writes: I don't think it would cause a problem with the majority of people who are using or modifying Free Software, as (I would imagine) most of them don't have anything to hide... but to someone who does? I thought of a scenario, which seems entirely plausible, all above board, and should give pause to any kind of forced publication requirement. No anarchists or terrorists, no repressive governments. Consider Fred the Lawyer. He has a number of clients, for whom he drafts contracts. The contracts are sensitive, and the Fred has a legal obligation to preserve confidentiality in all his dealings with his clients. They have the right to tell people what goes on between him and them, but he has no such right: he has, by contrast, an ironclad obligation *not* to disclose any material fact about his relationship with his clients. The clients do complicated business and financial deals, which depend on this secrecy. Now some of his clients need to have a bunch of similar contracts. Joe's Sheet Rock Company needs to write order contracts for materials, and because of the tight competition in the sheet rock industry, the details of the contracts he works out with his suppliers are kept tightly guarded. Similarly, Al's Brick Works and Dave's Lumber Supply. They all are in highly competitive fields, where they need to have purchase contracts with suppliers, and the details of these contracts are extremely sensitive. Now Joe's Sheet Rock Company needs to be flexible in the deals it makes with suppliers, but the contracts all fall into similar patterns. So the Fred the Lawyer thinks of a method for helping Joe's while keeping unnecessary legal expenses down. He'll write a computer program, tailored specially for Joe's Sheet Rock; Joe can then input the details of the particular arrangement, and most of the time, the program can churn out a reliable contract for Joe and his supplier. What a great system! Fred wants to use a popular free software package which almost does just the job: QNU Madlibs. But QNU Madlibs is distributed under the QPL. What the Fred would like to do is make a special version of QNU Madlibs for Joe, with the special details of Joe's contracts. And this is not mere change of data: Fred has a good programming staff, and the logic of Joe's business practices is deeply embedded in the logic of the program that the Fred's firm writes. So the Fred modifies QNU Madlibs. He gives Joe the program, along with the source, and thinks wow, free software really is cool. But alas, he was using something under the QPL. One day the author of QNU Madlibs goes through the server logs for downloads, thinking I wonder if anyone has any cool improvements on my program. For each download, he sends a formal request to give back their changes to the sysadmin of the systed who downloaded. Won't get perfect response, but that's OK; he's just casting a wide net. And the Fred the Lawyer has a talented technical staff. They get the request, and it lands on Fred's desk the next day. If Fred complies with the demand, he violates a duty of confidentiality. Whoops! Fred was entirely happy to play by what he thought were the rules of free software; he gave Joe's Sheet Rock the source to the program (indeed, Joe is a programmer himself, and has been working together with Fred on possible improvements: Joe is also delighted at the requirements that source be given to him). But alas, since QNU Madlibs is distributed under the QPL, Fred and Joe are out of luck. If there were no copyrights, Joe and Fred would not be stuck. But the licensor has decided to use copyright restrictions to enforce a you must share limitation on their freedom, which has materially hurt them. Thomas
Re: OSD DFSG - different purposes - constructive suggestion!
On Sun, Mar 09, 2003 at 09:48:22PM -0800, Thomas Bushnell, BSG wrote: Anthony Towns aj@azure.humbug.org.au writes: Sure. Compare this to some code using the GPL; same sort of information, same problem with it: their trade secrets are woven into the functionality of the code itself. If one of your customers is a competitor, or a competitor buys out a user, any requirement to distribute source to your users makes it non-viable to use the software for certain applications which are, eg, protected by BSD-style licenses. Except the GPL doesn't force you to share your secrets, ever. Yes, it does: it's quite possible to write code in such a way that when compiled, it's near impossible to work out exactly what's going. There's a whole swath of research on obfuscation. The GPL says well, sure, go ahead, but you have to include the source code anyway, so you're not going to succeed at hiding anything. It certainly does force you to share your secrets. It forces you to share your secrets only with your customers, though. Arguments about practicality, that this makes doing legitimate things harder or impossible in some situations for purely technical reasons (the stranded on an island test does this), are valid, but I haven't really seen any. It's not about practicality; it's about freedom. That's great, Thomas, but you're missing the point. You can say it's about privacy, it's about the freedom to keep things private, it's about not fundamental rights 'til you're blue in the face, and even though every word of it's completely true, it's *not relevant*. We don't guarantee every freedom we can, we guarantee the one's that are important and useful. The question is: should I get to control the behavior of that other person in the way they modify and copy the software? The default answer is no, Copyright law says that if you're the author, then the answer's yes. The GPL says that abdicating too much of that control can be harmful. At least, I haven't heard of any defense of such a deviation, on any other principle than it makes sure that they contribute back. It closes a loophole; that is, it means companies can't maliciously take free GPLed software, make changes to it that they don't release, and then cause users to rely on that software. But free software was never about forcing people to contribute back. No, but the GPL is about forcing people to pass the freedoms they have onto their users. Maybe try it this way: why is privacy a win? Imagine I'm from an alternate universe, which we shall call BrinWorld [0] where we don't have IP or privacy laws as such at all, and snooping technology exists to the point where there's no point obfuscating your source, because I can just lookup google or world.archive.org to find someone who flew a microcam into your office as you were writing your code, and OCR an MPEG of your monitor's image as you were hacking away. Okay, maybe that was too much background, but imagine I'm from a world that doesn't bother with privacy and copyright, and manages to allow universal access to pretty much everything, and that still functions as a society. Convince me that in this imperfect world, as we try to make things more transparent, and give people more control and access over the software that affects them, that being able to get access to the sourcecode for www.wherever.com whether they want me to or not is a *bad* thing. Note that you do _not_ get to assume privacy is good and moral and a right of both individuals and corporations. Justify it in other terms, Cheers, aj [0] _The Transparent Society_, David Brin; very interesting book -- Anthony Towns [EMAIL PROTECTED] http://azure.humbug.org.au/~aj/ I don't speak for anyone save myself. GPG signed mail preferred. ``Dear Anthony Towns: [...] Congratulations -- you are now certified as a Red Hat Certified Engineer!'' pgp4oBqlsbaZE.pgp Description: PGP signature
Re: OSD DFSG - different purposes - constructive suggestion!
On Sun, Mar 09, 2003 at 10:53:28PM -0800, Thomas Bushnell, BSG wrote: Consider Fred the Lawyer. [...] He'll write a computer program, tailored specially for Joe's Sheet Rock; Joe can then input the details of the particular arrangement, [...] Fred wants to use a popular free software package which almost does just the job: QNU Madlibs. But QNU Madlibs is distributed under the QPL. What the Fred would like to do is make a special version of QNU Madlibs for Joe, with the special details of Joe's contracts. [...] Unfortunately, he realises he can't. Thus he writes his own program from scratch. Or else he adds a macro facility into QNU Madlibs, or customises it so it'll accept contract texts from a data file rather than hardcoding it and makes sure that he only needs to accompany it with the original contract forms for it to be a useful program. Maybe he does the latter, then contributes the changes back upstream so his programmers don't have to keep supporting it, and can work on other projects. If Fred complies with the demand, he violates a duty of confidentiality. Fred's pretty silly for not having looked into this in the first place. Especially being a lawyer. Consider Frank the lawyer who takes some nice source code from a GPLed project, and adds some code his friend was telling him under NDA. He puts it up on the web, and suddenly gets demands for source code from the original author. What does he do, violate the NDA, or the copyright license??? What does he do?!? If there were no copyrights, Joe and Fred would not be stuck. If there were no copyrights, Frank wouldn't be stuck either. If Fred had spent a minute looking through the license, or even simply practised good programming techniques he wouldn't be stuck, either. Cheers, aj -- Anthony Towns [EMAIL PROTECTED] http://azure.humbug.org.au/~aj/ I don't speak for anyone save myself. GPG signed mail preferred. ``Dear Anthony Towns: [...] Congratulations -- you are now certified as a Red Hat Certified Engineer!'' pgpOkPsLK6CrC.pgp Description: PGP signature
Re: OSD DFSG - different purposes - constructive suggestion!
On Mon, 10 Mar 2003, Anthony Towns wrote: If you have created a modified version of the Work, and receive a request by the Primary Copyright Holder, you must provide a copy of your modifications as at the date of the request in source form, at cost, to the Primary Copyright Holder. I think there's a fundamental problem. I'm leaning toward the opinion that forced distribution is unfree. Forced distribution to users, to viewers, to authors, or to the public. None of it sits right. -- Mark Rafn[EMAIL PROTECTED]http://www.dagon.net/
Re: OSD DFSG - different purposes - constructive suggestion!
Scripsit Anthony Towns aj@azure.humbug.org.au On Sun, Mar 09, 2003 at 10:19:16PM -0600, Steve Langasek wrote: I believe that there IS a fundamental difficulty with such licenses. Consider the case where a company's modifications encode certain business logic details. =20 This doesn't make something more difficult; it makes you likely to choose not to base your work on that piece of software. Yes, and that means that software licensed in that way should not be considered DFSG-free. It's part of what we promise our users: You can take software in Debian main and modify it to include your business secrets, and - if we on d-l have done our job properly - not risk being legally compelled to disclosing those secrets to someone you don't want to disclose them to. Sure. Compare this to some code using the GPL; same sort of information, same problem with it: their trade secrets are woven into the functionality of the code itself. In that case you can simply choose to distribute the program only to people you trust. You can't do this if the license carries an obligation to distribute to a fixed third party, too. What's the difference? Why should Debian choose to ensure one company can merge in their trade secrets into any part of Debian, but not ensure the other company can do likewise? Your analogy is flawed, that's the difference. The argument not requiring public access is important because privacy is important is circular, so invalid. Privacy is important is not an argument - it's an axiom. -- Henning Makholm Det är alldeles för ansvarsfullt att skaffa en flickvän. Det är ju som att skaffa en hundvalp.
Re: OSD DFSG - different purposes - constructive suggestion!
Scripsit Anthony Towns aj@azure.humbug.org.au It certainly does force you to share your secrets. It forces you to share your secrets only with your customers, though. Nonsense. It is perfectly possible to use a modified GPLed program internally and never tell one's customers about it. That's great, Thomas, but you're missing the point. You can say it's about privacy, it's about the freedom to keep things private, it's about not fundamental rights 'til you're blue in the face, and even though every word of it's completely true, it's *not relevant*. You're wrong. It is relevant. It's one of the freedoms we're protecting. We don't guarantee every freedom we can, we guarantee the one's that are important and useful. And privacy is an important and useful freedom. But free software was never about forcing people to contribute back. =20 No, but the GPL is about forcing people to pass the freedoms they have onto their users. No. The GPL is about forcing people to pass the freedoms they have onto the ones they give the program. If you don't give the program away, or decide only to give it to your brother, you don't have to give the freedoms to anyone else. Note that you do _not_ get to assume privacy is good and moral and a right of both individuals and corporations. Justify it in other terms, Why? Moral judgements can never be justified ex nihil. -- Henning Makholm Jeg mener, at der eksisterer et hemmeligt selskab med forgreninger i hele verden, som arbejder i det skjulte for at udsprede det rygte at der eksisterer en verdensomspændende sammensværgelse.
Re: OSD DFSG - different purposes - constructive suggestion!
Scripsit Nick Phillips [EMAIL PROTECTED] Were you to say that the teachers may only take the software under the terms of the BSD license, and that everyone else may only take it under the terms of the GPL, then I don't believe we would have such a clear consensus. It would make me uneasy, at least. Me too. I think our principle is that we're happy if there is *some* set of free terms that apply to *everyone*. Otherwise it would be discriminating IMO. -- Henning Makholm That's okay. I'm hoping to convince the millions of open-minded people like Hrunkner Unnerby.
Re: OSD DFSG - different purposes - constructive suggestion!
Anthony Towns aj@azure.humbug.org.au writes: It certainly does force you to share your secrets. It forces you to share your secrets only with your customers, though. I don't believe this is the case: I have code which is a proprietary typesetting package based on GPL'd works. My customers give me paper and I give them paper back; sometimes i give them PDF files for proofing. These files contain *their* proprietary information. It closes a loophole; that is, it means companies can't maliciously take free GPLed software, make changes to it that they don't release, and then cause users to rely on that software. One of the advantages I've seen in the GPL is that it promotes the use-value of software over its sale-value. This sort of change -- requirements that an author distribute his changes more widely than he wishes -- seems to remove much of the use value as well. Convince me that in this imperfect world, as we try to make things more transparent, and give people more control and access over the software that affects them, that being able to get access to the sourcecode for www.wherever.com whether they want me to or not is a *bad* thing. * It makes certain kinds of crimes easier to commit, though much harder to conceal. * Identity theft, in particular, becomes much easier. * There's less incentive to develop new changes: unless you can afford a stable of developers large enough to deploy new features faster than your competitors can copy them, you gain no competitive advantage from innovation. Software gets developed only to scratch personal itches. -Brian -- Brian T. Sniffen[EMAIL PROTECTED] http://www.evenmere.org/~bts/
Re: OSD DFSG - different purposes - constructive suggestion!
On Mon, Mar 10, 2003 at 11:23:26AM -0500, Brian T. Sniffen wrote: Convince me that in this imperfect world, as we try to make things more transparent, and give people more control and access over the software that affects them, that being able to get access to the sourcecode for www.wherever.com whether they want me to or not is a *bad* thing. * There's less incentive to develop new changes: unless you can afford a stable of developers large enough to deploy new features faster than your competitors can copy them, you gain no competitive advantage from innovation. Software gets developed only to scratch personal itches. This sure sounds like a (poor) argument against open source in general. -- Glenn Maynard
Re: OSD DFSG - different purposes - constructive suggestion!
Glenn Maynard [EMAIL PROTECTED] writes: On Mon, Mar 10, 2003 at 11:23:26AM -0500, Brian T. Sniffen wrote: * There's less incentive to develop new changes: unless you can afford a stable of developers large enough to deploy new features faster than your competitors can copy them, you gain no competitive advantage from innovation. Software gets developed only to scratch personal itches. This sure sounds like a (poor) argument against open source in general. Not at all. Open-source is great for infrastructure software -- Linux, Apache, Emacs. Many companies have private modifications to Linux or Apache which they use internally; some of these get released, some don't. Everybody benefits by contributing to the common good. For example, several network infrastructure companies use Linux on their embedded devices, release kernel changes and improvements, and keep their core technology in-house. It's not that it's under a proprietary license, just that it's not distributed at all. This model works wonderfully for the free software community and for those companies. -Brian -- Brian T. Sniffen[EMAIL PROTECTED] http://www.evenmere.org/~bts/
Re: OSD DFSG - different purposes - constructive suggestion!
Thomas Bushnell, BSG said: Anthony Towns aj@azure.humbug.org.au writes: Sure. Compare this to some code using the GPL; same sort of information, same problem with it: their trade secrets are woven into the functionality of the code itself. If one of your customers is a competitor, or a competitor buys out a user, any requirement to distribute source to your users makes it non-viable to use the software for certain applications which are, eg, protected by BSD-style licenses. Except the GPL doesn't force you to share your secrets, ever. You can share them with exactly the people you want to share them with, and you are never obligated to share them with person X just because you shared them with person Y. I don't quite understand how you get this from the GPL. (Assumption: you give binaries to Y, but only a written offer for source, since it's your secret. You'll give them to Y if they ask for them) The offer to any third party in Clause 3 seems to mean that if Y gives your binaries to X (in a non-commercial manner), you must give the source to X (sharing your secrets) If you try to restrict Y's freedom to give the binaries away, then you run afoul of Clause 6 (no other restrictions) --Joe
Barriers to an ASP loophole closure (was Re: OSD DFSG - different purposes - constructive suggestion!)
Anthony Towns aj@azure.humbug.org.au writes: This detailed wrangling is really missing the point that I'm interested in, though. Is there a _fundamental_ difficulty with such licenses? Is it users of programs or owners of copies of programs that should have freedom? As far as I can see the answer is clearly users. Currently those two groups are roughly the same, and the second group is *much* easier to draw a line around. So we use ownership of a copy to pin freedoms to. But if we imagine a world out of an ASP nightmare we're no longer giving users freedoms because there's no distribution of software to those who use the software. Say someone makes a version of latex that will transparently read and reproduce Word documents (substitute whatever killer feature you like). They put it behind a web interface that allows you to edit documents and save them on their server, and outputs obfuscated postscript so you can print them out. This is pretty clearly not the intention of the copyright holders, and it's clear that a standard copyleft license wont help them. I hope this world (where most software use follows the pattern of the latex example above) doesn't happen, and I honestly don't think it will. But reasonable people can and do disagree. If they can find a way to tie the freedoms of the DFSG to users of software rather than possessors of copies of software, should that make their software non-DFSG-free? It's clear that's hard, and it may be so hard it's not possible in a free license. But if someone could jump all the hurdles: * Find a way of laying out who the users of software are that matches our intuitions on the subject (we'd have to think very carefully about edge cases here), * Find a way of safeguarding the important freedoms (including access to source) for these users, * And do all this without increasing the burden on the distributor (or software provider) beyond that which the GPL already places (e.g., passes the dissident test, no restrictions on modification, etc). If all of this could be done, would the license be DFSG free? For what it's worth, I don't think AJ's snippet does it (for reasons others have enumerated). I think the answer is yes. It's *users*, not copies, that should have freedoms. But I admit I'm not clear how it could be done. But plenty of people are going to continue to try to close the ASP loophole. And that's not a bad thing -- the community's simply working in parallel. But in the process they're going to come up with a lot of bad, non-DFSG-free licenses. So we have three meta-options: * Decide that freedoms *should* attach to copies rather than users * Decide that there's no way over the hurdles I listed above, so we should just hope (and maybe do more than hope) that the ASP nightmare never happens. * Think about how or whether the hurdles could be jumped. If we can come up with a way, we should tell folks about it. Otherwise we should be prepared to look at the licenses that attempt it on a case-by-case basis. I'm for option 3, or possibly option 3 followed by 2. [snip] Basically, as far as I can see, the dissident test is exactly equivalent to saying we don't want to close this ASP loophole thing. I don't think this is true, if you accept the substitution of users for copy holders. With the GPL distributors have an obligation to people they've given a copy to. With an ASP-loophole-closing license that worked, copy holders, or folks that make their software available for others to use, would have an obligation to people that use their software (on their server, not the same software on some other server, of course). But they would have no obligation to folks who use software provided by someone else's server, or don't use the software at all, nor would they have an obligation to let anybody use the software on their server. -- Jeremy Hankins [EMAIL PROTECTED] PGP fingerprint: 748F 4D16 538E 75D6 8333 9E10 D212 B5ED 37D0 0A03
Re: OSD DFSG - different purposes - constructive suggestion!
On Mon, Mar 10, 2003 at 01:37:54PM -0500, Brian T. Sniffen wrote: * There's less incentive to develop new changes: unless you can afford a stable of developers large enough to deploy new features faster than your competitors can copy them, you gain no competitive advantage from innovation. Software gets developed only to scratch personal itches. This sure sounds like a (poor) argument against open source in general. Not at all. Open-source is great for infrastructure software -- Linux, Apache, Emacs. Many companies have private modifications to Linux or Apache which they use internally; some of these get released, some don't. Everybody benefits by contributing to the common good. For example, several network infrastructure companies use Linux on their embedded devices, release kernel changes and improvements, and keep their core technology in-house. It's not that it's under a proprietary license, just that it's not distributed at all. This model works wonderfully for the free software community and for those companies. I'm not disagreeing with this. I'm saying that your argument (top quote) can be applied to open source in general, and we all know it to be false in that case; so how are web apps so different? -- Glenn Maynard
Re: OSD DFSG - different purposes - constructive suggestion!
Anthony Towns aj@azure.humbug.org.au writes: Fred's pretty silly for not having looked into this in the first place. Especially being a lawyer. That's not the point. The point is that demanding disclosure is like demanding payment: it's NOT FREE. The point is not that Fred is trapped; it's that he *would* be trapped, he's NOT FREE, he is *BOUND*. Consider Frank the lawyer who takes some nice source code from a GPLed project, and adds some code his friend was telling him under NDA. He puts it up on the web, and suddenly gets demands for source code from the original author. What does he do, violate the NDA, or the copyright license??? What does he do?!? The GPL doesn't have such a rule. The GPL doesn't force him to honor such a demand. The GPL is a free software license.
Re: OSD DFSG - different purposes - constructive suggestion!
Joe Moore [EMAIL PROTECTED] writes: I don't quite understand how you get this from the GPL. (Assumption: you give binaries to Y, but only a written offer for source, since it's your secret. You'll give them to Y if they ask for them) The offer to any third party in Clause 3 seems to mean that if Y gives your binaries to X (in a non-commercial manner), you must give the source to X (sharing your secrets) Right, but you aren't ever required to use that clause. If you don't want to have to worry about the offer to any third party clause, then you just give the actual source, and not just the written offer.
Re: OSD DFSG - different purposes - constructive suggestion!
Anthony Towns aj@azure.humbug.org.au writes: Yes, it does: it's quite possible to write code in such a way that when compiled, it's near impossible to work out exactly what's going. There's a whole swath of research on obfuscation. The GPL says well, sure, go ahead, but you have to include the source code anyway, so you're not going to succeed at hiding anything. It certainly does force you to share your secrets. It forces you to share your secrets only with your customers, though. No. It forces you to share *with the person who gets the program*. That's it, and the point is to preserve *THAT* person's right to modify the program which they have. That's great, Thomas, but you're missing the point. You can say it's about privacy, it's about the freedom to keep things private, it's about not fundamental rights 'til you're blue in the face, and even though every word of it's completely true, it's *not relevant*. We don't guarantee every freedom we can, we guarantee the one's that are important and useful. The point is that it is about *freedom*. You are saying that this restriction is ok. Why then is not a restriction this software cannot be used by bigots not OK? Why should we prohibit that restriction in free software? No, but the GPL is about forcing people to pass the freedoms they have onto their users. No, not to the users, but to the people who have the program. They may be a different set from the users. Note that you do _not_ get to assume privacy is good and moral and a right of both individuals and corporations. Justify it in other terms, That's not the assumption. I'm not saying privacy is good, so we should make room for it. We should make room for bigots too, but they aren't good. I'm saying privacy is an aspect of freedom, and so we should make room for it.
Re: Barriers to an ASP loophole closure (was Re: OSD DFSG - different purposes - constructive suggestion!)
Jeremy Hankins [EMAIL PROTECTED] writes: Is it users of programs or owners of copies of programs that should have freedom? As far as I can see the answer is clearly users. Currently those two groups are roughly the same, and the second group is *much* easier to draw a line around. So we use ownership of a copy to pin freedoms to. What about my list of software that I am a user of? The software my dentist uses to track patient records? The software the University uses to track my grades? The software that Congress uses to track legislation? I'm a user of all of that, at least, to the extent that I'm a user of the software that implements a web site I visit. I hope this world (where most software use follows the pattern of the latex example above) doesn't happen, and I honestly don't think it will. But reasonable people can and do disagree. If they can find a way to tie the freedoms of the DFSG to users of software rather than possessors of copies of software, should that make their software non-DFSG-free? Because we have traditionally thought that the freedom attaches to the possessor, and you would be reducing that freedom, in order to increase the freedom of users. Nor would it work! Remember RMS's little printer software story about how he first realized the importance of free software? I *cannot* change the program that implements my dentist's billing records, or the software that backs a popular web site: I *cannot*. EVEN if I have the source. This is because I'm merely the user, and not the possessor. Free software preserves the possessor's legal liberty to change the software, something that only legal limitation was previously blocking him in. But forced publication at all: how does this increase the user's liberty to change the software? I think the answer is yes. It's *users*, not copies, that should have freedoms. But I admit I'm not clear how it could be done. Even if there were *no* legal limitations of any kind on the copying and modification of any software, there would *still* be no way to give that liberty to users, since (when user and possessor are different folks), the user is not the one who decides what software to use (paradoxically). The user can't change the software at all.
Re: OSD DFSG - different purposes - constructive suggestion!
Glenn Maynard [EMAIL PROTECTED] writes: On Mon, Mar 10, 2003 at 01:37:54PM -0500, Brian T. Sniffen wrote: * There's less incentive to develop new changes: unless you can afford a stable of developers large enough to deploy new features faster than your competitors can copy them, you gain no competitive advantage from innovation. Software gets developed only to scratch personal itches. This sure sounds like a (poor) argument against open source in general. Not at all. Open-source is great for infrastructure software -- Linux, Apache, Emacs. Many companies have private modifications to Linux or Apache which they use internally; some of these get released, some don't. Everybody benefits by contributing to the common good. For example, several network infrastructure companies use Linux on their embedded devices, release kernel changes and improvements, and keep their core technology in-house. It's not that it's under a proprietary license, just that it's not distributed at all. This model works wonderfully for the free software community and for those companies. I'm not disagreeing with this. I'm saying that your argument (top quote) can be applied to open source in general, and we all know it to be false in that case; so how are web apps so different? As I said: existing mechanisms of licensing Free Software (e.g. GNU GPL and MIT/X11) provide an impetus for improvement. A compulsory-sharing license, as might bring us closer to BrinWorld, removes much of the financial incentive for such improvement. In such a world, the changes made, used, and later released by IBM, Red Hat, Akamai, Apple... all wouldn't have been made, and our software technology would be that much more primitive. -Brian -- Brian T. Sniffen[EMAIL PROTECTED] http://www.evenmere.org/~bts/
Re: OSD DFSG - different purposes - constructive suggestion!
Anthony Towns aj@azure.humbug.org.au wrote: Arguments about practicality, that this makes doing legitimate things harder or impossible in some situations for purely technical reasons (the stranded on an island test does this), are valid, but I haven't really seen any. What about an ATM machine? If the ATM machine communicated with the central database using code with this enforced distribution clause, then you have to distribute to the users of the ATM. Modifying an ATM to distribute code in addition to cash seems rather onerous. Regards, Walter Landry [EMAIL PROTECTED]
Re: Barriers to an ASP loophole closure (was Re: OSD DFSG - different purposes - constructive suggestion!)
On Mon, Mar 10, 2003 at 12:25:02PM -0800, Thomas Bushnell, BSG wrote: [ more good argument snipped] Even if there were *no* legal limitations of any kind on the copying and modification of any software, there would *still* be no way to give that liberty to users, since (when user and possessor are different folks), the user is not the one who decides what software to use (paradoxically). The user can't change the software at all. I think you may be spot-on. -- Nick Phillips -- [EMAIL PROTECTED] Don't tell any big lies today. Small ones can be just as effective.
Re: OSD DFSG - different purposes - constructive suggestion!
On Mon, Mar 10, 2003 at 03:46:57PM -0500, Brian T. Sniffen wrote: As I said: existing mechanisms of licensing Free Software (e.g. GNU GPL and MIT/X11) provide an impetus for improvement. A compulsory-sharing license, as might bring us closer to BrinWorld, removes much of the financial incentive for such improvement. In such a world, the changes made, used, and later released by IBM, Red Hat, Akamai, Apple... all wouldn't have been made, and our software technology would be that much more primitive. The GPL removes much of the financial incentive for such improvement. After all, you have to provide source and you can't restrict people you sell copies to from giving it away for free, so the entire sales model of selling individual programs on the shelf, and licensing software per-seat, goes completely out the window. I disagree with this argument, of course (as everyone here probably does: it's true that the same sales model doesn't work, but it certainly hasn't stopped innovation), but your argument seems to be exactly the same. Why is this argument valid for web applications where it's clearly wrong for other software? (To be clear, I'm firmly against forced-sharing; the GPL goes far enough. I just don't think this particular argument is valid.) -- Glenn Maynard
Re: OSD DFSG - different purposes - constructive suggestion!
On Mon, Mar 10, 2003 at 05:39:40PM +1000, Anthony Towns wrote: On Sun, Mar 09, 2003 at 10:53:28PM -0800, Thomas Bushnell, BSG wrote: Fred wants to use a popular free software package which almost does just the job: QNU Madlibs. But QNU Madlibs is distributed under the QPL. What the Fred would like to do is make a special version of QNU Madlibs for Joe, with the special details of Joe's contracts. [...] Unfortunately, he realises he can't. Thus he writes his own program from scratch. Or else he adds a macro facility into QNU Madlibs, or customises it so it'll accept contract texts from a data file rather than hardcoding it and makes sure that he only needs to accompany it with the original contract forms for it to be a useful program. Maybe he does the latter, then contributes the changes back upstream so his programmers don't have to keep supporting it, and can work on other projects. If he should have just used software with a different license instead[1], then perhaps we should be asking ourselves what is valuable about the licensing of the alternative. I am not sure there is anyway to reconcile the difference of opinion in this thread. Most people appear to be clinging to privacy as a right, and you don't. You don't perceive a freedom where other people do, and thus it is going to be impossible at a philosophical to justify a defense of that freedom via the DFSG. For me, _The Transparent Society_ might more closely resemble a dystopian novel than a utopian one. I acknowledge that your mileage may vary. ;-) (Maybe Debian needs a Fifth Freedom.) [1] or written his own, or written his patches more cleverly, etc. -- G. Branden Robinson| No math genius, eh? Then perhaps Debian GNU/Linux | you could explain to me where you [EMAIL PROTECTED] | got these... PENROSE TILES! http://people.debian.org/~branden/ | -- Stephen R. Notley pgpVgP8Ub9Z0D.pgp Description: PGP signature
Re: OSD DFSG - different purposes - constructive suggestion!
On Sat, Mar 08, 2003 at 07:46:18PM -0700, Barak Pearlmutter wrote: I've edited that nascent DFSG FAQ and put it at http://www-bcl.cs.unm.edu/~bap/dfsg-faq.html I'd appreciate comments. Especially from the OSD/DFSG WE MUST UNIFY folks, who might perhaps be able to use some of this material to clarify their OSD into conformance with Debian practice, ie to reject licenses they previously felt obliged to accept but which Debian rejects. Also, should this go somewhere on the Debian web site? (If someone thinks it should please just take it over from me and put it up.) Wow, great work, thanks. I've been wanting to write a DFSG FAQ myself for a long time (remember my proposed interpretive guidelines? :) ), and now you've gone and saved me the trouble. If you run out of time to maintain this I'd be delighted to host it at. http://people.debian.org/~branden/ Thanks again for assembling this document. -- G. Branden Robinson| Why do we have to hide from the Debian GNU/Linux | police, Daddy? [EMAIL PROTECTED] | Because we use vi, son. They use http://people.debian.org/~branden/ | emacs. pgpLYmI1kOiVf.pgp Description: PGP signature
Re: OSD DFSG - different purposes - constructive suggestion!
Scripsit Branden Robinson [EMAIL PROTECTED] For me, _The Transparent Society_ might more closely resemble a dystopian novel than a utopian one. Perhaps Yevgeny Zamyatin's We, wherein the perfect number-citizens of a future totalitarian world-state live in apartment blocks with completely transparent (inner and outer) walls? -- Henning Makholm*Her* sidder jaj har *ild* bå cigarren *imens* Pelle Jönsson i Nordnorge har mavepine.
Re: OSD DFSG - different purposes - constructive suggestion!
On Sun, 2003-03-09 at 18:18, Anthony Towns wrote: In the dissident case, we're trying to protect the people from having to reveal their changes to the government they're protesting. But this just doesn't make any real sense: the code they're hacking on is the least of their worries - it's the contents of their databases, not their bugfix to select query processing that they need to keep private; and furthermore What about DeCSS? it's the government's laws that will put them most at risk here -- of being accused of spying, eg -- not the copyright license. So from what I can see, we're protecting something of little value, and then doing a bad job of it. But in order that users may evade the government's laws, Free Software must allow certain freedoms (although Thomas Bushnell and I may disagree on what they are). But the dissident test require licenses to allow every possible tactic for evading laws which restrict certain activities. For instance, consider a binary which is a game, unless it's called with the --dissident command-line option, in which case, it's DeCSS (or GPG). Were the source code to this game revealed, it would show clearly the nature of the program. But the gov't doesn't have time to reverse engineer the binaries (and anyway, DMCA2 prohibits it). They do have the time, however, to follow up on GPL (3)(b) offers. Can dissidents distribute binaries to everyone, and source code only to those they trust? Not according to many Free Software licenses. And I think the Dissident test as it now stands is clear on the above. It's not dispositive on every issue, as the debate shows. -- -Dave Turner Stalk Me: 617 441 0668 On matters of style, swim with the current, on matters of principle, stand like a rock. -Thomas Jefferson
Re: OSD DFSG - different purposes - constructive suggestion!
On Mon, 2003-03-10 at 08:04, Henning Makholm wrote: Sure. Compare this to some code using the GPL; same sort of information, same problem with it: their trade secrets are woven into the functionality of the code itself. In that case you can simply choose to distribute the program only to people you trust. You can't do this if the license carries an obligation to distribute to a fixed third party, too. Interesting! I am inclined to agree with this, and point out that the AGPL basically puts users in the category of people you have to trust. The question is, who needs to be in this category? Do users? Sniffen (who secretely wants to write proprietary software) and Bushnell (whose heart is in the right place) say no. I think Towns says yes (as do I). -- -Dave Turner Stalk Me: 617 441 0668 On matters of style, swim with the current, on matters of principle, stand like a rock. -Thomas Jefferson
Re: OSD DFSG - different purposes - constructive suggestion!
On Mon, 2003-03-10 at 16:00, Walter Landry wrote: Anthony Towns aj@azure.humbug.org.au wrote: Arguments about practicality, that this makes doing legitimate things harder or impossible in some situations for purely technical reasons (the stranded on an island test does this), are valid, but I haven't really seen any. What about an ATM machine? If the ATM machine communicated with the central database using code with this enforced distribution clause, then you have to distribute to the users of the ATM. Modifying an ATM to distribute code in addition to cash seems rather onerous. Print a link on the reciepts. -- -Dave Turner Stalk Me: 617 441 0668 On matters of style, swim with the current, on matters of principle, stand like a rock. -Thomas Jefferson
Re: OSD DFSG - different purposes - constructive suggestion!
Thomas, I'm responding to your questions, but I'm actually directing my response to Branden Robinson, since I don't know your position on his DFSG-interpretation proposal. Branden, if the FSF's four freedoms are the consitution to DFSG's case law, they have a lot in common with the US constitution, in that they don't explicitly guarantee a right to privacy. So, see below. On Mon, 2003-03-10 at 15:17, Thomas Bushnell-san wrote: That's great, Thomas, but you're missing the point. You can say it's about privacy, it's about the freedom to keep things private, it's about not fundamental rights 'til you're blue in the face, and even though every word of it's completely true, it's *not relevant*. We don't guarantee every freedom we can, we guarantee the one's that are important and useful. The point is that it is about *freedom*. You are saying that this restriction is ok. Why then is not a restriction this software cannot be used by bigots not OK? Why should we prohibit that restriction in free software? Because the four freedoms do talk about freedom to use the software, but don't say anthing about the freedom to *not* disclose source code under certain conditions. I'm saying privacy is an aspect of freedom, and so we should make room for it. Interestingly, neither the FSF's four freedoms, nor FDR's four freedoms (wink) include privacy. -- -Dave Turner Stalk Me: 617 441 0668 On matters of style, swim with the current, on matters of principle, stand like a rock. -Thomas Jefferson
Re: OSD DFSG - different purposes - constructive suggestion!
David Turner [EMAIL PROTECTED] writes: On Mon, 2003-03-10 at 16:00, Walter Landry wrote: Anthony Towns aj@azure.humbug.org.au wrote: Arguments about practicality, that this makes doing legitimate things harder or impossible in some situations for purely technical reasons (the stranded on an island test does this), are valid, but I haven't really seen any. What about an ATM machine? If the ATM machine communicated with the central database using code with this enforced distribution clause, then you have to distribute to the users of the ATM. Modifying an ATM to distribute code in addition to cash seems rather onerous. Print a link on the reciepts. The license doesn't say that is sufficient, does it?
Re: OSD DFSG - different purposes - constructive suggestion!
David Turner [EMAIL PROTECTED] writes: But in order that users may evade the government's laws, Free Software must allow certain freedoms (although Thomas Bushnell and I may disagree on what they are). But the dissident test require licenses to allow every possible tactic for evading laws which restrict certain activities. No. It simply says that the *software license* may not infringe my copying of the license by attaching to it onerous conditions. Sample onerous conditions: 1) Pay money. 2) Send your changes back always. 3) Pay money on request. 4) Send your changes back on request. We already reject (1), (2), and (3). Why is (4) suddenly not rejected as onerous? Perhaps because it wasn't realized that real people might find it a real burden, as opposed to a trivial requirement. As the case of Fred the Lawyer makes clear, however, there are real people for which it is a real burden. For instance, consider a binary which is a game, unless it's called with the --dissident command-line option, in which case, it's DeCSS (or GPG). Were the source code to this game revealed, it would show clearly the nature of the program. But the gov't doesn't have time to reverse engineer the binaries (and anyway, DMCA2 prohibits it). They do have the time, however, to follow up on GPL (3)(b) offers. Can dissidents distribute binaries to everyone, and source code only to those they trust? Not according to many Free Software licenses. Right. The dissident test does *not* require licenses to allow every possible tactic; you have mischaracterized my objection quite seriously. Thomas
Re: OSD DFSG - different purposes - constructive suggestion!
David Turner [EMAIL PROTECTED] writes: On Mon, 2003-03-10 at 08:04, Henning Makholm wrote: Sure. Compare this to some code using the GPL; same sort of information, same problem with it: their trade secrets are woven into the functionality of the code itself. In that case you can simply choose to distribute the program only to people you trust. You can't do this if the license carries an obligation to distribute to a fixed third party, too. Interesting! I am inclined to agree with this, and point out that the AGPL basically puts users in the category of people you have to trust. The question is, who needs to be in this category? Do users? Sniffen (who secretely wants to write proprietary software) and Bushnell (whose heart is in the right place) say no. I think Towns says yes (as do I). Note Barak Perlmutter's newly proposed tentacles of evil test: 3. The Tentacles of Evil test. Imagine that the author is hired by a large evil corporation and, now in their thrall, attempts to do the worst to the users of the program: to make their lives miserable, to make them stop using the program, to expose them to legal liability, to make the program non-free, to discover their secrets, etc. The same can happen to a corporation bought out by a larger corporation bent on destroying free software in order to maintain its monopoly and extend its evil empire. The license cannot allow even the author to take away the required freedoms!
Re: OSD DFSG - different purposes - constructive suggestion!
Richard Braakman [EMAIL PROTECTED] writes: On Sat, Mar 08, 2003 at 07:46:18PM -0700, Barak Pearlmutter wrote: I've edited that nascent DFSG FAQ and put it at http://www-bcl.cs.unm.edu/~bap/dfsg-faq.html I'd appreciate comments. It seems a bit eager about the GPL. I'd much prefer if it gave equal time to the GPL and the BSD camps. Better yet, recommend the two licenses without trying to summarize them (people ARE supposed to read licenses before applying them, after all!), and just state the advantages of using standard licenses: they're better understood by the community, they've been written by actual lawyers, people don't have to spend time figuring them out before using the program or helping with development, and they make it easier to share code between your project and others. Yes, I agree. I'm an unashamed total GPL fan, but I think this document might give a very brief description of the basic merits and then leave it at that.
Re: OSD DFSG - different purposes - constructive suggestion!
Scripsit Glenn Maynard [EMAIL PROTECTED] On Fri, Mar 07, 2003 at 05:49:28PM -0500, Joe Moore wrote: It has been suggested that this test be referred to as simply as the Dissident test. /me grumbles about wasting time with excessive PC noises, rejects this suggestion and continues to call it the same thing Ditto. If and when it so happens that the Chinese people achieves freedom of speech and thought, we can always start looking for another totalitarian regime to use in the test. If at that point we find none available, we'll hold a party and worry about rewording the test afterwards. -- Henning Makholm I know how to apply drugs which shall have either a heating or a cooling effect, and I can give a vomit and also a purge, and all that sort of thing.
Re: OSD DFSG - different purposes - constructive suggestion!
Scripsit Richard Braakman [EMAIL PROTECTED] It seems a bit eager about the GPL. I'd much prefer if it gave equal time to the GPL and the BSD camps. Yes. In particular the reasons for choosing BSD are not limited to I want people to be able to take my software proprietary. In the free software world, I think a more common reason would be, for example, I want my code to be reuseable in all free software projects, no matter which license they use, and I'm willing to accept as a necessary evil the risk that somebody takes it proprietary. (people ARE supposed to read licenses before applying them, after all!), I agree completely. The emphasized part If you want your software to be as successful... should definitely go away. We should *not* encourage people to use GPL (or any license) without worrying about it. Severe difficulties for all the parties involved could result if the author later decides that he don't want, say, people to use the program in a business - and then feel cheated because he assumed that our advise took care of whatever his expectations were. -- Henning Makholm So? We're adaptable. We'll *switch missions*!
Re: OSD DFSG - different purposes - constructive suggestion!
Scripsit Barak Pearlmutter [EMAIL PROTECTED] I've edited that nascent DFSG FAQ and put it at http://www-bcl.cs.unm.edu/~bap/dfsg-faq.html I'd appreciate comments. Cool. I like question 5 especially. :-) Add to the desert island test that it also explains why postcardware (or emailware) is non-free. Some time ago I started working on a FAQ but never got it beyond the doodling stage. You can find my abandoned draft at http://www.diku.dk/~makholm/whatnot.html. It's mosty a list of frequently committed errors that I think should be described in such a FAQ. Feel free to borrow descriptions or one of the few explanations I've had time to write yet. -- Henning Makholm Larry wants to replicate all the time ... ah, no, all I meant was that he likes to have a bang everywhere.
Re: OSD DFSG - different purposes - constructive suggestion!
On Sun, Mar 09, 2003 at 07:20:36PM +0100, Henning Makholm wrote: Scripsit Glenn Maynard [EMAIL PROTECTED] It has been suggested that this test be referred to as simply as the Dissident test. /me grumbles about wasting time with excessive PC noises, rejects this suggestion and continues to call it the same thing Ditto. If and when it so happens that the Chinese people achieves freedom of speech and thought, [...] Personally, if we're going to document this and use it as an official test rather than a helpful rule of thumb, I don't think we need to be insulting a country that's potentially going all pro-Linux while we need to do it. Correcting it is a five word change that loses no meaning: b. The Dissident test. Consider a dissident in a totalitarian country who wishes to share a modified bit of software with other dissidents, but does not wish to reveal his own identity as the modifier, or directly reveal the modifications themselves, to the government. Any requirement for sending source modifications to anyone other than the recipient of the modified binary---in fact any forced distribution at all, beyond giving source to those who receive a copy of the binary---would put the dissident in danger. For Debian to consider software free it must not require any such excess distribution. I'm inclined to wonder about the point of this test anyway; in such a regime, the government's going to be in a stronger position to demand access to the modifications than the copyright holder anyway, so the license conditions seem a bit irrelevant. The FSF's privacy freedom is: You should also have the freedom to make modifications and use them privately in your own work or play, without even mentioning that they exist. If you do publish your changes, you should not be required to notify anyone in particular, or in any particular way. which doesn't imply the dissident test. The key point's always been not having to go to any effort just to use the program, and not having to go to too much effort just to pass it around to some friends; so is the QPL's clause really that evil? Would a clause in the RPSL to the effect of: (a) If this program generates HTML pages, they must include a comment in the HTML source that they were generated by this program and include its copyright notice. (b) If asked by the authors, you must provide them with a copy of your changes to the source code changes at cost. really be that evil? I can't see how it would put a significant burden on people using the code, and with some care, it could solve the ASP loophole. Cheers, aj -- Anthony Towns [EMAIL PROTECTED] http://azure.humbug.org.au/~aj/ I don't speak for anyone save myself. GPG signed mail preferred. ``Dear Anthony Towns: [...] Congratulations -- you are now certified as a Red Hat Certified Engineer!'' pgpiqEoewvvem.pgp Description: PGP signature
Re: OSD DFSG - different purposes - constructive suggestion!
Anthony Towns aj@azure.humbug.org.au writes: Personally, if we're going to document this and use it as an official test rather than a helpful rule of thumb, I don't think we need to be insulting a country that's potentially going all pro-Linux while we need to do it. So what you're saying is, as long as China claims to stand for free software, it doesn't much matter to you how many people they kill and jail for actually trying to exercise any freedom? The PRC has an extraordinarily repressive attitude towards the use of computers; they want the technology but they don't want to be told that their citizens might have a natural human right to read what they wish and write what they wish, and they stamp out those who try to assert and use either of those rights. It shames me no end that the United States will play ball with China and turn a blind eye to such gross and immoral violations of freedom, provided only there's a buck to be made. When I get upset that France will support any repressive regime, provided only they promise to keep speaking French, the words choke in my throat, since my own country will tolerate such horrid abuses as long as we make a buck. Now you're saying that we must be nice and polite to the PRC. Let's all be friends! (And not pay attention to the people crushed by the tanks.) I remember Tianenmen Square; it seems that the world has mostly forgotten. I'm inclined to wonder about the point of this test anyway; in such a regime, the government's going to be in a stronger position to demand access to the modifications than the copyright holder anyway, so the license conditions seem a bit irrelevant. Sure, and the desert island test also is kind of silly and extreme. I don't know if we need to codify them in a FAQ or not; Barak seemed to think it was a good idea, and I don't see any reason to think it's a bad idea. The FSF's privacy freedom is: You should also have the freedom to make modifications and use them privately in your own work or play, without even mentioning that they exist. If you do publish your changes, you should not be required to notify anyone in particular, or in any particular way. which doesn't imply the dissident test. The key point's always been not having to go to any effort just to use the program, and not having to go to too much effort just to pass it around to some friends; so is the QPL's clause really that evil? Would a clause in the RPSL to the effect of: Well, the FSF's privacy freedom *does* seem to imply the Chinese Dissident test, to me. (a) If this program generates HTML pages, they must include a comment in the HTML source that they were generated by this program and include its copyright notice. Such a forced publication requirement doesn't violate the Chinese Dissident test; it's a problem for an entirely different reason: it outright prohibits certain kinds of modification, which isn't at all connected with maintaining the copyright and license status of the program. (b) If asked by the authors, you must provide them with a copy of your changes to the source code changes at cost. If you do publish your changes, you should not be required to notify anyone in particular. Thomas
Re: OSD DFSG - different purposes - constructive suggestion!
On Sun, Mar 09, 2003 at 12:46:39PM -0800, Thomas Bushnell, BSG wrote: Anthony Towns aj@azure.humbug.org.au writes: Personally, if we're going to document this and use it as an official test rather than a helpful rule of thumb, I don't think we need to be insulting a country that's potentially going all pro-Linux while we need to do it. So what you're saying is, as long as China claims to stand for free software, it doesn't much matter to you how many people they kill and jail for actually trying to exercise any freedom? No, I'm saying Debian's about free software, not about your favourite set of politics. We don't have a problem with the United States using Debian to aim their nuclear weapons, nor China using Debian to track down the Falun Gong. I'm inclined to wonder about the point of this test anyway; in such a regime, the government's going to be in a stronger position to demand access to the modifications than the copyright holder anyway, so the license conditions seem a bit irrelevant. Sure, and the desert island test also is kind of silly and extreme. The whole point is to make the test be extreme, that's how you get clarity. But it still has to make sense. It's entirely plausible that me and a friend could be stuck with our solar powered laptops on a desert island, and get bored and decide to hack on some free software. Not _likely_, maybe, but believable, and a generalisation of a lot of similar situations. The FSF's privacy freedom is: You should also have the freedom to make modifications and use them privately in your own work or play, without even mentioning that they exist. If you do publish your changes, you should not be required to notify anyone in particular, or in any particular way. which doesn't imply the dissident test. The key point's always been not having to go to any effort just to use the program, and not having to go to too much effort just to pass it around to some friends; so is the QPL's clause really that evil? Would a clause in the RPSL to the effect of: Well, the FSF's privacy freedom *does* seem to imply the Chinese Dissident test, to me. It doesn't: a dissident can quite happily not mention that their software exists, and not notify anyone about any changes or publication that they're undertaking; and _still_ be required to give up their changes when someone (whether it be the police, the government, or the original author). (a) If this program generates HTML pages, they must include a comment in the HTML source that they were generated by this program and include its copyright notice. Such a forced publication requirement doesn't violate the Chinese Dissident test; it's a problem for an entirely different reason: it outright prohibits certain kinds of modification, which isn't at all connected with maintaining the copyright and license status of the program. Uh, it's exactly equivalent to the GPL's interactivity requirement; except it applies to HTML generation, not interactive programs, and that it's less in your face when you're using it. (b) If asked by the authors, you must provide them with a copy of your changes to the source code changes at cost. If you do publish your changes, you should not be required to notify anyone in particular. Yes. Are you misunderstanding what the word notify means? Cheers, aj -- Anthony Towns [EMAIL PROTECTED] http://azure.humbug.org.au/~aj/ I don't speak for anyone save myself. GPG signed mail preferred. ``Dear Anthony Towns: [...] Congratulations -- you are now certified as a Red Hat Certified Engineer!'' pgpeBmDclU6l2.pgp Description: PGP signature
Re: OSD DFSG - different purposes - constructive suggestion!
Thomas Bushnell, BSG [EMAIL PROTECTED]: Now you're saying that we must be nice and polite to the PRC. Let's all be friends! (And not pay attention to the people crushed by the tanks.) I remember Tianenmen Square; it seems that the world has mostly forgotten. Worse things have happened since, and will happen soon. The trouble with talking about Chinese dissidents rather than just dissidents in general is that by targeting a particular regime you distract people from the general principle of freedom of speech. It would be similar if we were to talk just about Saudi Arabian and Egyptian dissidents, for example. I liked the sound of Chinese dissident test (it sounds a bit like the Chinese Room argument) but on balance I think it's better to be regime-neutral. Edmund
Re: OSD DFSG - different purposes - constructive suggestion!
Anthony Towns aj@azure.humbug.org.au writes: No, I'm saying Debian's about free software, not about your favourite set of politics. We don't have a problem with the United States using Debian to aim their nuclear weapons, nor China using Debian to track down the Falun Gong. China is opposed to *free software*. Didn't you know that? The whole point is to make the test be extreme, that's how you get clarity. But it still has to make sense. It's entirely plausible that me and a friend could be stuck with our solar powered laptops on a desert island, and get bored and decide to hack on some free software. Not _likely_, maybe, but believable, and a generalisation of a lot of similar situations. Sure! But those people on the island: if they disregard the license, nothing bad will happen. It's the converse to your point about the Chinese Dissident test: that the copyright owner's license is the least of the dissidents' worries. Sure, no argument from me there! The point is that there are plenty of less extreme cases which have the same problems. Our tests have generally been framed in the most extreme terms, precisely because in that way we know we are including all the less extreme (but more likely, and more relevant) cases. So the question is: when that dissident visits the US, are they going to be liable for copyright infringement? We want to make sure the answer is no. And there *are* dissidents in China, using free software *right now*. Which makes that test a whole lot more actually relevant than the desert island test, where I'm willing to say that I don't think there is anybody lost on a desert island sharing software with their friends. Well, the FSF's privacy freedom *does* seem to imply the Chinese Dissident test, to me. It doesn't: a dissident can quite happily not mention that their software exists, and not notify anyone about any changes or publication that they're undertaking; and _still_ be required to give up their changes when someone (whether it be the police, the government, or the original author). I think my intuition behind the test is that the dissident shouldn't be dependent on the good graces of the author. If the author demands the changes, and is then a bastard (say, the PRC offers him a big bribe if he'll spill his secrets---the US seems happy to take such bribes), the users' cooperation with copyright law should not end up getting them killed. Uh, it's exactly equivalent to the GPL's interactivity requirement; except it applies to HTML generation, not interactive programs, and that it's less in your face when you're using it. I'm not entirely happy about the GPL's interactivity requirement, but the only thing that makes me think it's reasonable is that it is (in some places) the only way to have the no-warranty clause be honored by the courts, and the original author should be able to limit his warranty damages. The forced-ad-on-web-pages doesn't meet any purpose except the author's vanity. (b) If asked by the authors, you must provide them with a copy of your changes to the source code changes at cost. If you do publish your changes, you should not be required to notify anyone in particular. Yes. Are you misunderstanding what the word notify means? Under that clause (b), the authors can say to anyone: I hereby request you to provide me the source for any changes you have made or ever make in the future.
Re: OSD DFSG - different purposes - constructive suggestion!
On Sun, Mar 09, 2003 at 01:44:23PM -0800, Thomas Bushnell, BSG wrote: Anthony Towns aj@azure.humbug.org.au writes: The whole point is to make the test be extreme, that's how you get clarity. But it still has to make sense. It's entirely plausible that me and a friend could be stuck with our solar powered laptops on a desert island, and get bored and decide to hack on some free software. Not _likely_, maybe, but believable, and a generalisation of a lot of similar situations. Sure! But those people on the island: if they disregard the license, nothing bad will happen. It's the converse to your point about the Chinese Dissident test: that the copyright owner's license is the least of the dissidents' worries. Sure, no argument from me there! Uh, no. The difference is here that we want to allow the people to do free software development on the island, assuming they already have the abilitiy to. The copyright license is the sole worry we have here -- nothing else affects what they're permitted to do. In the dissident case, we're trying to protect the people from having to reveal their changes to the government they're protesting. But this just doesn't make any real sense: the code they're hacking on is the least of their worries - it's the contents of their databases, not their bugfix to select query processing that they need to keep private; and furthermore it's the government's laws that will put them most at risk here -- of being accused of spying, eg -- not the copyright license. So from what I can see, we're protecting something of little value, and then doing a bad job of it. Uh, it's exactly equivalent to the GPL's interactivity requirement; except it applies to HTML generation, not interactive programs, and that it's less in your face when you're using it. I'm not entirely happy about the GPL's interactivity requirement, but the only thing that makes me think it's reasonable is that it is (in some places) the only way to have the no-warranty clause be honored by the courts, and the original author should be able to limit his warranty damages. The forced-ad-on-web-pages doesn't meet any purpose except the author's vanity. Nonsense: its purpose is to make the following requirement effective in ensuring people contribute their changes back to the community. You know, closing the ASP Loophole, and all that. (b) If asked by the authors, you must provide them with a copy of your changes to the source code changes at cost. If you do publish your changes, you should not be required to notify anyone in particular. Yes. Are you misunderstanding what the word notify means? Under that clause (b), the authors can say to anyone: I hereby request you to provide me the source for any changes you have made or ever make in the future. If you receive a request like that, then you can provide them with a copy of your current changes after receiving payment for your costs in doing so, and you've not only satisfied the license, you've probably successfully confused them so they won't ask you again in future. When you make further changes, you're not obligated to do anything until you receive another request. I can play word games just as easily as you. If you want the possible term defined more precisely, consider something more like: If you have distributed a modified version of The Work, then if you receive a request by the Primary Copyright Holder (named above), you must provide a copy of your modifications as at the time you receive the request, at cost, to the Primary Copyright Holder. Cheers, aj -- Anthony Towns [EMAIL PROTECTED] http://azure.humbug.org.au/~aj/ I don't speak for anyone save myself. GPG signed mail preferred. ``Dear Anthony Towns: [...] Congratulations -- you are now certified as a Red Hat Certified Engineer!'' pgpwVwAg2IiOa.pgp Description: PGP signature
Re: OSD DFSG - different purposes - constructive suggestion!
Anthony Towns aj@azure.humbug.org.au writes: Uh, no. The difference is here that we want to allow the people to do free software development on the island, assuming they already have the abilitiy to. The copyright license is the sole worry we have here -- nothing else affects what they're permitted to do. Yes, I agree. I'm not saying there is no difference. In the dissident case, we're trying to protect the people from having to reveal their changes to the government they're protesting. But this just doesn't make any real sense: the code they're hacking on is the least of their worries - it's the contents of their databases, not their bugfix to select query processing that they need to keep private; and furthermore it's the government's laws that will put them most at risk here -- of being accused of spying, eg -- not the copyright license. So from what I can see, we're protecting something of little value, and then doing a bad job of it. I don't think we can expect a free software license to fix the world. And it's important to realize that the test is a standin for a less extreme situation. For example, consider the person who doesn't want the fact that they work on free software to be public knowledge for many reasons--perhaps it would be personally or professionally embarrassing. We should not force this person to do the development in the open. It is in this respect that I said the two tests were similar: both use an extreme case, but only really as a stand-in for much more frequent cases. I'm not entirely happy about the GPL's interactivity requirement, but the only thing that makes me think it's reasonable is that it is (in some places) the only way to have the no-warranty clause be honored by the courts, and the original author should be able to limit his warranty damages. The forced-ad-on-web-pages doesn't meet any purpose except the author's vanity. Nonsense: its purpose is to make the following requirement effective in ensuring people contribute their changes back to the community. You know, closing the ASP Loophole, and all that. I overspoke. I should have said that it doesn't meet any purpose that I find is legitimate. Free software does *not* require contributions to the community. It never has in the past, at least. The GPL does *not* require you contribute your changes to the community. I'm all for the community, but free software is about *freedom*, not about communitarianism. Mind you--I'm a great fan of communitarianism. But I want even the nasty evil non-communitarians to have freedom. One can certainly use a license like this to enforce communitarianism, but then one might as well use the license to enforce all the other social goods I care about. We could require contributions to the Red Cross, or prohibit the use of the software by racial bigots. But I don't want that in a free software license, because it would impinge freedom, even though the end sought is a good end. In other words, even things which might promote the cause of free software can still be impingements on freedom. It happens that one very happy by-product of free software licensing has been communitarianism, and I'm entirely pleased with that result. But as soon as it becomes an *enforced* result, rather than a byproduct of free software, the software ceases to be free. Rather like free speech: One consequence of free speech is that it's harder to get away with all kinds of lies. But as soon as you prohibit the publication of lies, you no longer have free speech. So we must let the Nazis march in Skokie, not because we like the Nazis, but because if we prohibit them, we have given in to the Nazis. If you receive a request like that, then you can provide them with a copy of your current changes after receiving payment for your costs in doing so, and you've not only satisfied the license, you've probably successfully confused them so they won't ask you again in future. When you make further changes, you're not obligated to do anything until you receive another request. I can play word games just as easily as you. I see nothing in the license that you are entitled to require costs. Nor does the license restrict itself to past changes at the time of the request. If it did, it wouldn't be nearly as problematic--it might even be fine; I haven't thought about that case. But the license as it sits has no such limitation on the original author's right to obtain your changes from you. There is also no limitation how the author makes the request. From the license terms, a publicly posted message directed to the world would be sufficient; as soon as you became aware of the request, you would be obligated to send your changes. (If you didn't know about the request, then it seems to me that you wouldn't have any obligation.) Nothing in the license says that the request has to be individually generated or directed at some specific person. If you want the
Re: OSD DFSG - different purposes - constructive suggestion!
On Mon, 10 Mar 2003, Anthony Towns wrote: If you want the possible term defined more precisely, consider something more like: If you have distributed a modified version of The Work, then if you receive a request by the Primary Copyright Holder (named above), you must provide a copy of your modifications as at the time you receive the request, at cost, to the Primary Copyright Holder. Unfortunatly, this clause has the distribution versus deployment problem, and thus fails to close the ASP loophole. Furthermore, the clause doesn't distinguish between your modifications and the modified version you are distributing. This could allow the following interpretation: I distribute modification set A which I didn't even develop. I generate modification set B which I've merged with proprietary code, or code under NDA, or any other form of non-freely distributable code. The Primary Copyright Holder requires from me modification set B in accordance with the license, even though I haven't distributed that set. Assuming this problem was cleared up, there is still yet another issue: I'm an anarchist dissident (who runs RaiseTheFist), and for reasons known only to me, I have altered a web based forum to encode messages to other dissidents in the source code of the forum software itself. The PCH knows that I am using his software, and requests the modifications for cost. Now the PCH can recover all of the messages I've been sending to other dissidents. It seems to me that compulsory provision of source code to people to whom the modified version has not been distributed, or are not in the distribution path, is wrought with danger. Don't get me wrong, I dislike the idea of seeing GPLed code utilized in ASP where there is little to no contribution of modifications to the community, but perhaps we should concentrate on using social pressure against those who would avoid distributing source versus legal pressure? Don Armstrong -- N: It's a ploy. B: What? N: This drug money funds terror, it's a ploy. B: Ploy? N: A manipulation. I mean why should I believe that? B: Because it's a fact. N: Fact? B: F, A, C, T... fact N: So you're saying that I should believe it because it's true. That's your argument? B: It IS true. -- Ploy http://www.mediacampaign.org/multimedia/Ploy.MPG http://www.donarmstrong.com http://www.anylevel.com http://rzlab.ucr.edu pgpKlalMA6f2r.pgp Description: PGP signature
Re: OSD DFSG - different purposes - constructive suggestion!
On Fri, Mar 07, 2003 at 05:49:28PM -0500, Joe Moore wrote: Q: What about licenses that grant different rights to different groups? Isn't that discrimination, banned by DFSG#5/6? A: For Debian's purposes, if all the different groups can exercise their DFSG rights, it's OK if there are other people who can do more. For example, if a work were licensed under the 3-clause BSD license only to elementary school teachers, but the GPL to everyone else, it would be DFSG-Free. I suggest that you may be mistaken here; in fact what makes the hypothetical package you describe free is that all a free to take the software under the terms of the GPL. The fact that some may choose to use the BSD license is then irrelevant. Were you to say that the teachers may only take the software under the terms of the BSD license, and that everyone else may only take it under the terms of the GPL, then I don't believe we would have such a clear consensus. It would make me uneasy, at least. Any comments, anybody? Cheers, Nick -- Nick Phillips -- [EMAIL PROTECTED] After your lover has gone you will still have PEANUT BUTTER!
Re: OSD DFSG - different purposes - constructive suggestion!
On Sun, Mar 09, 2003 at 08:19:33PM -0500, Don Armstrong wrote: I'm an anarchist dissident (who runs RaiseTheFist), and for reasons known only to me, I have altered a web based forum to encode messages to other dissidents in the source code of the forum software itself. The PCH knows that I am using his software, and requests the modifications for cost. Now the PCH can recover all of the messages I've been sending to other dissidents. Well, you'd be a bloody idiot. And there's no way we can possibly account for everything that every bloody idiot is going to get into trouble with, and nor should we. Cheers, Nick -- Nick Phillips -- [EMAIL PROTECTED] Go to a movie tonight. Darkness becomes you.
Re: OSD DFSG - different purposes - constructive suggestion!
On Sun, Mar 09, 2003 at 08:19:33PM -0500, Don Armstrong wrote: On Mon, 10 Mar 2003, Anthony Towns wrote: If you want the possible term defined more precisely, consider something more like: If you have distributed a modified version of The Work, then if you receive a request by the Primary Copyright Holder (named above), you must provide a copy of your modifications as at the time you receive the request, at cost, to the Primary Copyright Holder. Unfortunatly, this clause has the distribution versus deployment problem, and thus fails to close the ASP loophole. Yes, you're right, that shouldn't've been there. This detailed wrangling is really missing the point that I'm interested in, though. Is there a _fundamental_ difficulty with such licenses? If you have created a modified version of the Work, and receive a request by the Primary Copyright Holder, you must provide a copy of your modifications as at the date of the request in source form, at cost, to the Primary Copyright Holder. Assume that's interpreted in the obvious manner -- I write a program, you use it extensively and generate some local modifications, I come along, give you $100 for the time and materials cost, you give me the changes you've made. Ignoring corner cases, and so forth. First, does that cause any problems for Debian? I think we already satisfy it quite readily. Does it make it anything you might want to do with free software technically any more difficult? I don't think so -- you have to be asked by the original author, and they have to cover your costs in fulfulling the request. It seems to me that compulsory provision of source code to people to whom the modified version has not been distributed, or are not in the distribution path, is wrought with danger. That seems a, uh, somewhat overwrought description. The dissidents can just move their crypto keys to /etc/cryptokey, instead of including it in the source, and simply not have a problem. (As a mental exercise, try replacing The Chinese Dissident Test with The Al Qa'ida Terrorist Test) The companies who want to include NDA'ed, patented or secret technology in programs have pretty much the same problem they'd have if they were using the GPL, and needed to distribute such programs to their customers; so I don't really see that as a big problem either. Don't get me wrong, I dislike the idea of seeing GPLed code utilized in ASP where there is little to no contribution of modifications to the community, but perhaps we should concentrate on using social pressure against those who would avoid distributing source versus legal pressure? A number of companies, and the FSF, want to see this loophole removed; I think we should be _very_ sure of our reasons before dismissing their attempts. Basically, as far as I can see, the dissident test is exactly equivalent to saying we don't want to close this ASP loophole thing. What I'm not seeing is a justification for this; and, generally, I don't see that as being any different to the BSD versus GPL debate. Is the ability to distribute software without letting the recipients modify it important? Maybe, maybe not, either answer is okay. Is the ability to derive from free software and run a business off it, without having any risk of having to contribute your changes back to anyone else important? I can see reasons to say yes, and reasons to say definitely not; I can't see why we can't leave this up to the developers of individual programs. Cheers, aj -- Anthony Towns [EMAIL PROTECTED] http://azure.humbug.org.au/~aj/ I don't speak for anyone save myself. GPG signed mail preferred. ``Dear Anthony Towns: [...] Congratulations -- you are now certified as a Red Hat Certified Engineer!'' pgpe6o2wQjhuH.pgp Description: PGP signature
Re: OSD DFSG - different purposes - constructive suggestion!
Nick Phillips [EMAIL PROTECTED] writes: On Sun, Mar 09, 2003 at 08:19:33PM -0500, Don Armstrong wrote: I'm an anarchist dissident (who runs RaiseTheFist), and for reasons known only to me, I have altered a web based forum to encode messages to other dissidents in the source code of the forum software itself. The PCH knows that I am using his software, and requests the modifications for cost. Now the PCH can recover all of the messages I've been sending to other dissidents. Well, you'd be a bloody idiot. And there's no way we can possibly account for everything that every bloody idiot is going to get into trouble with, and nor should we. I think Don's is an excellent example. What makes it a bloody idiot? The point is that once the PCH asks, the site ends, whether he divulges the secret or not.
Re: OSD DFSG - different purposes - constructive suggestion!
Anthony Towns aj@azure.humbug.org.au writes: This detailed wrangling is really missing the point that I'm interested in, though. Is there a _fundamental_ difficulty with such licenses? If you have created a modified version of the Work, and receive a request by the Primary Copyright Holder, you must provide a copy of your modifications as at the date of the request in source form, at cost, to the Primary Copyright Holder. This is certainly better than the QPL or the Affero thing. But it's not really good enough. It amounts to you may not bury any secrets in this source code, no matter what, and I think that's a problem. Perhaps the anarchist with coded messages example is better here than the Chinese Dissident (thanks go to Don Armstrong for noting it). So the anarchist: are you saying that forced publication is really no big deal to him? It seems to me that saying that the anarchist is obligated to divulge his secrets as a consequence of using the software is an unnacceptible condition. Also, talking about this only if requested part is really a red herring, I think. I do understand the point behind it, but any suitably public announcement will count as a request; indeed, I could simply post spam requests and blather them across the net. Maybe I might miss once in a while, but this is so close to you must divulge the source if you ever read a public network. Thomas
Re: OSD DFSG - different purposes - constructive suggestion!
On Mon, Mar 10, 2003 at 12:52:48PM +1000, Anthony Towns wrote: On Sun, Mar 09, 2003 at 08:19:33PM -0500, Don Armstrong wrote: On Mon, 10 Mar 2003, Anthony Towns wrote: If you want the possible term defined more precisely, consider something more like: If you have distributed a modified version of The Work, then if you receive a request by the Primary Copyright Holder (named above), you must provide a copy of your modifications as at the time you receive the request, at cost, to the Primary Copyright Holder. Unfortunatly, this clause has the distribution versus deployment problem, and thus fails to close the ASP loophole. Yes, you're right, that shouldn't've been there. This detailed wrangling is really missing the point that I'm interested in, though. Is there a _fundamental_ difficulty with such licenses? If you have created a modified version of the Work, and receive a request by the Primary Copyright Holder, you must provide a copy of your modifications as at the date of the request in source form, at cost, to the Primary Copyright Holder. Assume that's interpreted in the obvious manner -- I write a program, you use it extensively and generate some local modifications, I come along, give you $100 for the time and materials cost, you give me the changes you've made. Ignoring corner cases, and so forth. First, does that cause any problems for Debian? I think we already satisfy it quite readily. Does it make it anything you might want to do with free software technically any more difficult? I don't think so -- you have to be asked by the original author, and they have to cover your costs in fulfulling the request. I believe that there IS a fundamental difficulty with such licenses. Consider the case where a company's modifications encode certain business logic details. The information they want to keep secret isn't something that can simply be moved out of the code; their secrets are woven into the functionality of the code itself. If the original author is a competitor, or a competitor buys off the original author, any you must provide your changes when asked condition makes it non-viable to use this software for certain applications which are otherwise protected by current free software licenses. -- Steve Langasek postmodern programmer pgpJYacnoNBXK.pgp Description: PGP signature
Re: OSD DFSG - different purposes - constructive suggestion!
On Mon, Mar 10, 2003 at 03:11:29PM +1300, Nick Phillips wrote: On Fri, Mar 07, 2003 at 05:49:28PM -0500, Joe Moore wrote: Q: What about licenses that grant different rights to different groups? Isn't that discrimination, banned by DFSG#5/6? A: For Debian's purposes, if all the different groups can exercise their DFSG rights, it's OK if there are other people who can do more. For example, if a work were licensed under the 3-clause BSD license only to elementary school teachers, but the GPL to everyone else, it would be DFSG-Free. I suggest that you may be mistaken here; in fact what makes the hypothetical package you describe free is that all a free to take the software under the terms of the GPL. The fact that some may choose to use the BSD license is then irrelevant. Were you to say that the teachers may only take the software under the terms of the BSD license, and that everyone else may only take it under the terms of the GPL, then I don't believe we would have such a clear consensus. It would make me uneasy, at least. Any comments, anybody? I'm having a hard time answering this question for myself, one way or the other. It seems to be a tenet that a license is ok if it provides *additional* freedoms to a limited class of users. Arguably, most licenses give the copyright holder himself preferential treatment, in that he retains certain rights that are not granted to others. If it's ok to give some people more freedom with your license so long as everyone enjoys the freedoms we require, why can't this be done using two separate licenses? Note that the limits you're placing in your example (group x can have this license, group y can have this license) mean that neither the 3-clause BSD nor the GPL is actually in effect -- you've modified both licenses by limiting who's eligible. I'm not sure if this makes it non-free; if the license is worded such that a teacher receiving the source under the BSD license can't redistribute modifications under the BSD license to *non*-teachers, then it's certainly non-free. -- Steve Langasek postmodern programmer pgpIywomsxoCP.pgp Description: PGP signature
Re: OSD DFSG - different purposes - constructive suggestion!
On Sun, Mar 09, 2003 at 10:19:16PM -0600, Steve Langasek wrote: Does it make it anything you might want to do with free software technically any more difficult? I don't think so -- you have to be asked by the original author, and they have to cover your costs in fulfulling the request. I believe that there IS a fundamental difficulty with such licenses. Consider the case where a company's modifications encode certain business logic details. This doesn't make something more difficult; it makes you likely to choose not to base your work on that piece of software. Patch clauses and notification clauses make things more difficult. The information they want to keep secret isn't something that can simply be moved out of the code; their secrets are woven into the functionality of the code itself. If the original author is a competitor, or a competitor buys off the original author, any you must provide your changes when asked condition makes it non-viable to use this software for certain applications which are otherwise protected by current free software licenses. Sure. Compare this to some code using the GPL; same sort of information, same problem with it: their trade secrets are woven into the functionality of the code itself. If one of your customers is a competitor, or a competitor buys out a user, any requirement to distribute source to your users makes it non-viable to use the software for certain applications which are, eg, protected by BSD-style licenses. What's the difference? Why should Debian choose to ensure one company can merge in their trade secrets into any part of Debian, but not ensure the other company can do likewise? The argument not requiring public access is important because privacy is important is circular, so invalid. It might be what you think, but it doesn't form an argument, so you're left with reasonable people disagreeing, and given the QPL's set a fairly unsubtle precedent on this, you can't standardise on it just because you feel that it's right. Arguments about practicality, that this makes doing legitimate things harder or impossible in some situations for purely technical reasons (the stranded on an island test does this), are valid, but I haven't really seen any. Arguments that certain people might be forced to choose a different program to work with to protect IP concerns don't seem relevant unless they are clearly worse than the BSD v GPL case. Another possibility is that getting such clauses *right*, in a way that can't be abused by the author to harass the user, or otherwise create an undue burden on the user, is impossible -- that we haven't seen any examples which do this remotely well; but that the possibility remains that one day we would, and we'd be willing to accept that license into main. That is, there isn't anything fundamentally wrong with this, as long as the user's costs can be minimised [0]. Maybe there are other possibilities? (And yes, I do realise I was arguing the other side of this just a day or two ago) Cheers, aj [0] Which is the reason my example limits this to the original author, and only kicks in when the original author specifically asks, and then requires the original author to cover the user's costs. -- Anthony Towns [EMAIL PROTECTED] http://azure.humbug.org.au/~aj/ I don't speak for anyone save myself. GPG signed mail preferred. ``Dear Anthony Towns: [...] Congratulations -- you are now certified as a Red Hat Certified Engineer!'' pgpNSm0NA9rfv.pgp Description: PGP signature
Re: OSD DFSG - different purposes - constructive suggestion!
On Fri, Mar 07, 2003 at 01:38:48PM -0800, Thomas Bushnell, BSG wrote: Joe Moore [EMAIL PROTECTED] writes: 2. the Chinese Dissident. It has been suggested that this test be referred to as simply as the Dissident test. But the suggestion has not been taken. The point isn't to hammer at China--though such hammering seems well warranted--but to point to a *particular* kind of government repression, and not government repression in general. The Soviet Union would do as well. That's silly. I think people understand what a dissident is. For instance, I may decide to join the Posse Comitatus[1] and write some code for them. I probably don't want to release that code so the US government can see it. Or, I may join the anti-Branden-Robinson cabal. It does not matter who the authorities are; the dissident wishes to avoid revealing her plans to them. [1] I have no affinity for their cause, but I know they're active in my area. -- Nathan Norman - Incanus Networking mailto:[EMAIL PROTECTED] A young man wrote to Mozart and said: Q: Herr Mozart, I am thinking of writing symphonies. Can you give me any suggestions as to how to get started? A: A symphony is a very complex musical form, perhaps you should begin with some simple lieder and work your way up to a symphony. Q: But Herr Mozart, you were writing symphonies when you were 8 years old. A: But I never asked anybody how. pgpNQYAT3rzwd.pgp Description: PGP signature
Re: OSD DFSG - different purposes - constructive suggestion!
Nathan E Norman [EMAIL PROTECTED] writes: On Fri, Mar 07, 2003 at 01:38:48PM -0800, Thomas Bushnell, BSG wrote: Joe Moore [EMAIL PROTECTED] writes: 2. the Chinese Dissident. It has been suggested that this test be referred to as simply as the Dissident test. But the suggestion has not been taken. The point isn't to hammer at China--though such hammering seems well warranted--but to point to a *particular* kind of government repression, and not government repression in general. The Soviet Union would do as well. That's silly. I think people understand what a dissident is. For instance, I may decide to join the Posse Comitatus[1] and write some code for them. I probably don't want to release that code so the US government can see it. Or, I may join the anti-Branden-Robinson cabal. It does not matter who the authorities are; the dissident wishes to avoid revealing her plans to them. Of course. But the point is to highlight a case where we are generally in *great support* and *sympathy* with the dissidents, not a case where we would rather they go away, or think it's trivial and unimportant. The point is to highlight a case where you not merely don't want someone to see it, but where you have a significant chance of being *executed* or put in *prison for life* if it gets seen by the wrong people. Like I said, Soviet dissident would do as well; so would dissident in Nazi Germany. But Indian dissident or Posse comitatus dissident just doesn't do the trick. So I use the phrase Chinese dissident, and I think I'm the one to first frame the test in question on debian-legal in these terms at all. Thomas
Re: OSD DFSG - different purposes - constructive suggestion!
I've edited that nascent DFSG FAQ and put it at http://www-bcl.cs.unm.edu/~bap/dfsg-faq.html I'd appreciate comments. Especially from the OSD/DFSG WE MUST UNIFY folks, who might perhaps be able to use some of this material to clarify their OSD into conformance with Debian practice, ie to reject licenses they previously felt obliged to accept but which Debian rejects. Also, should this go somewhere on the Debian web site? (If someone thinks it should please just take it over from me and put it up.)
Re: OSD DFSG - different purposes - constructive suggestion!
On Sat, 08 Mar 2003, Barak Pearlmutter wrote: I've edited that nascent DFSG FAQ and put it at http://www-bcl.cs.unm.edu/~bap/dfsg-faq.html I'd appreciate comments. It seems quite usefull to me, at least for starters. However, if you (or your contributors) could add links to the portions of the debian-legal archive where issues mentioned in the FAQ have been discussed previously, that would also be usefull. This also ties in slightly with a mini-project that I have been considering for a while to sumarize the arguments for or against a specific license as discussed on -legal, and provide links to the original discussion, perhaps in a website or similar. [That way the caselaw of -legal becomes a bit more formal, or at least readily accessible without relying on google to bore through the archives.] Don Armstrong -- If you wish to strive for peace of soul, then believe; if you wish to be a devotee of truth, then inquire. -- Friedrich Nietzsche http://www.donarmstrong.com http://www.anylevel.com http://rzlab.ucr.edu pgpJ2WWmov53n.pgp Description: PGP signature
Re: OSD DFSG - different purposes - constructive suggestion!
On Sat, Mar 08, 2003 at 07:46:18PM -0700, Barak Pearlmutter wrote: I've edited that nascent DFSG FAQ and put it at http://www-bcl.cs.unm.edu/~bap/dfsg-faq.html I'd appreciate comments. It seems a bit eager about the GPL. I'd much prefer if it gave equal time to the GPL and the BSD camps. Better yet, recommend the two licenses without trying to summarize them (people ARE supposed to read licenses before applying them, after all!), and just state the advantages of using standard licenses: they're better understood by the community, they've been written by actual lawyers, people don't have to spend time figuring them out before using the program or helping with development, and they make it easier to share code between your project and others. Richard Braakman
Re: OSD DFSG - different purposes
On Thu, 2003-03-06 at 17:34, Thomas Bushnell, BSG wrote: The difference is that a guideline, as we use the term, is an *internal* tool. We do not pretend that the guideline exhausts the meaning of free, but merely that it is a guideline. A definition, as the OSD is used, is a promise if you satisfy this, we will stamp your license 'free'. I don't want to quibble over semantics, but I don't think the meanings are as you suggest. The difference in meaning between guideline and definition would seem to be one of accuracy or rigorousness. For Debian's purposes I would say that our guideline is used much more like a definition. I can't see many conditions where we would waive *any* of the guideline's premises. It's tests, and our demand of compliance, is rigid and unforgiving. Now, the question of internal or external application is a different matter. Naturally, Debian doesn't want to have anyone mucking about in our processes. We have developed our own flame-rich methods for building agreement and we don't need outside authorities tampering with them. However, at a fundamental level, the tests we apply and the values we hold are intended to be the values of the community whose software we publish. We may not be the absolute picture of that community's values but our size, our internationality and our hands-on relationships with the upstream maintainers make us, in my opinion, the most definitive organization of that type in existence. People recognize this and look to us for guidance... just as OSI looked to us for guidance when they needed a definition for Free Software, erm I mean, Open Source. :) I don't think we can hide our heads under the covers. We are not an island. Debian's role in the world grows with each new user and each new developer we add to our ranks. We have to acknowledge and build agreement with other significant organizations so that our views and values are represented in their world as well as ours. When those organizations have views that make sense in our world (and some of OSI's ideas do make sense) we should seek to integrate them. In those cases where an organization's values conflict with ours and threaten our well-being we should be prepared to fight them in an organized way. -- _ Ean Schuessler [EMAIL PROTECTED] Brainfood, Inc. http://www.brainfood.com
Re: OSD DFSG - different purposes - constructive suggestion!
Barak Pearlmutter said: Here is a rough outline of which I think it could look like: Q: How do you do this? Perhaps: Q: How do you determine if a license is DFSG-Free? (There isn't much context to figure out what this is) A: the process involves human judgment. The DFSG is an attempt to articulate some of our criteria. But the DFSG is not a contract. This means that if you think you found a loophole in the DFSG then you don't really understand how this works. The DFSG is a, potentially imperfect, attempt to express freeness in software. It is not something whose letter we argue about. It is not a law. Rather, it is a set of guidelines. Q: How can I tell if some license is free? A: well, the DFSG is a good start. You might also consider a few thought experiments which we often apply. 1. the desert island scenario. Imagine someone stuck on ... impossible to fulfill ... 2. the Chinese Dissident. It has been suggested that this test be referred to as simply as the Dissident test. Consider a dissident in China who wishes to share a modified bit of software with other dissidents, but does not want to reveal his own identity as the modifier or directly reveal the modifications to the government. Any requirement for ... Q: what does no discrimination mean? Doesn't the GPL discriminate against companies making proprietary software? A: Some more examples (beyond those in the DFSG) are ... The GPL does not discriminate against companies that want to make proprietary software because they are given the same rights to GPLed software that anyone else has. They just happen to also want the right to make the software non-free. No one is given that right, so this is not discrimination. Q: What about licenses that grant different rights to different groups? Isn't that discrimination, banned by DFSG#5/6? A: For Debian's purposes, if all the different groups can exercise their DFSG rights, it's OK if there are other people who can do more. For example, if a work were licensed under the 3-clause BSD license only to elementary school teachers, but the GPL to everyone else, it would be DFSG-Free. --Joe
Re: OSD DFSG - different purposes - constructive suggestion!
Joe Moore [EMAIL PROTECTED] writes: 2. the Chinese Dissident. It has been suggested that this test be referred to as simply as the Dissident test. But the suggestion has not been taken. The point isn't to hammer at China--though such hammering seems well warranted--but to point to a *particular* kind of government repression, and not government repression in general. The Soviet Union would do as well.
Re: OSD DFSG - different purposes - constructive suggestion!
On Fri, Mar 07, 2003 at 05:49:28PM -0500, Joe Moore wrote: 2. the Chinese Dissident. It has been suggested that this test be referred to as simply as the Dissident test. /me grumbles about wasting time with excessive PC noises, rejects this suggestion and continues to call it the same thing -- Glenn Maynard
Re: OSD DFSG - different purposes
On Fri, Mar 07, 2003 at 11:02:41AM -0600, Ean Schuessler wrote: I don't want to quibble over semantics, but I don't think the meanings are as you suggest. The difference in meaning between guideline and definition would seem to be one of accuracy or rigorousness. For Debian's purposes I would say that our guideline is used much more like a definition. I can't see many conditions where we would waive *any* of the guideline's premises. It's tests, and our demand of compliance, is rigid and unforgiving. I think the distinction is in the other direction. What do we do with a license that meets the DFSG in every detail, but is still non-free? Debian would refuse such a license. I asked Russell Nelson what OSI would do in such a case, but I never received an answer. Richard Braakman
Re: OSD DFSG - different purposes - constructive suggestion!
On Fri, 7 Mar 2003, Joe Moore wrote: Q: How can I tell if some license is free? Q: How do you determine if a license is DFSG-Free? An additional point to make is that a license is neither free nor non-free. Packages are judged for freeness, not licenses. Two packages with the same license could be judged differently based on extra-license comments the copyright holder has made regarding intent or interpretation, or based on how the content of the package interacts with license stipulations. -- Mark Rafn[EMAIL PROTECTED]http://www.dagon.net/
Re: OSD DFSG - different purposes - constructive suggestion!
On Fri, 07 Mar 2003, Mark Rafn wrote: An additional point to make is that a license is neither free nor non-free. We've examined licenses before to determine whether they live up to the DFSG in the general sense, although you are correct that such an interpretation doesn't necessarily extend to packages under those licenses with additional stipulations or clarifications. Don Armstrong -- America was far better suited to be the World's Movie Star. The world's tequila-addled pro-league bowler. The world's acerbic bi-polar stand-up comedian. Anything but a somber and tedious nation of socially responsible centurions. -- Bruce Sterling, _Distraction_ p122 http://www.donarmstrong.com http://www.anylevel.com http://rzlab.ucr.edu pgp3zqWpWc398.pgp Description: PGP signature
Re: OSD DFSG - different purposes
On Tue, Mar 04, 2003 at 04:21:37PM -0500, Russell Nelson wrote: No. A license may treat different catagories of people differently so long as each category's freedoms fit under the DFSG. For example, this license abides by the DFSG: This software is licensed under the GPL and the BSD licenses. If you are an educational institution, you may abide solely by the terms of the BSD license. Everyone else must abide by the GPL. It would be ridiculous to say that it didn't. Right, Okay, good. So, we have established and agreed that a license doesn't discriminate under the DFSG even if it treats different parties differently SO LONG as all the treatments comply with the DFSG. That's not quite it; in this case one of the treatments is available to everybody AND meets the DFSG. Cheers, Nick -- Nick Phillips -- [EMAIL PROTECTED] Someone is speaking well of you. How unusual!
Re: OSD DFSG - different purposes
On Wed, 2003-03-05 at 22:27, Thomas Bushnell, BSG wrote: Sure, but so far the OSD has taken a fundamentally different tack from everyone else doing free software. By getting into the game of a definition and a rigid test for what is and is not free, a massive amount of very valuable flexibility was sacrificed. Which is, of course, part of what frightens me about OSI and the OSD in the first place. The fact that someone can actually claim to have the community's definition and be taken seriously is a grave problem. If we can't get rid of that idea then we had better make sure that our views are reflected in it. Of course, I may be completely off-base on how seriously the OSD is taken by the industry at large. If, therefore, OSD-free gets written into some law granting special patent rights to free software, say, then that's something that we can all live with quite happily. You are assuming that the use of the definitions won't be inverted. Suppose that laws, like the DMCA, begin to state that certain licenses that don't have viral properties are OK for free patent use but things like the GPL aren't. It would cause us to have to reevaluate non-free in a radically painful way. That's a far-fetched example but I'm sure someone could create a more frightening and realistic one with some effort. Debian doesn't *have* a definition. Well, we call it a guideline but I'm not sure I see a difference. What is the competing standard, though, to Debian's? Does Red Hat use the OSD? SuSE? I'm not sure that any other major software distributions even *have* something as formal as the DFSG. Yes. I don't believe anyone has the level of committment we have to a Free system. It would be commercial suicide. Happily, the only way we can go out of business is for people to stop volenteering. -- _ Ean Schuessler [EMAIL PROTECTED] Chief Technology Officer 214-720-0700 x 315 Brainfood, Inc. http://www.brainfood.com
Re: OSD DFSG - different purposes
Ean Schuessler [EMAIL PROTECTED] writes: If, therefore, OSD-free gets written into some law granting special patent rights to free software, say, then that's something that we can all live with quite happily. You are assuming that the use of the definitions won't be inverted. Suppose that laws, like the DMCA, begin to state that certain licenses that don't have viral properties are OK for free patent use but things like the GPL aren't. It would cause us to have to reevaluate non-free in a radically painful way. That's a far-fetched example but I'm sure someone could create a more frightening and realistic one with some effort. My sentence said what it said. I spoke of *OSD-free*, which unquestionably includes the GPL. And I spoke of laws which grant special rights, not which restrict them.