on 9/18/01 2:31 AM, "Brian Behlendorf" <[EMAIL PROTECTED]> wrote:
> On Mon, 17 Sep 2001, Jon Stevens wrote:
>> There is no way in hell that I'm going agree to put the ASF (or myself) in a
>> position to take responsibility for any legal claims that come up as a
>> result of use of this .jar file. Carefully read supplemental section #2 (v).
>
> Commenting here without sufficient context, so apologies if I
> misunderstand the situation...
>
> If this code was committed to Apache CVS by Sun employees, then it was
> done so by the terms of their contributor agreements with Apache, which
> states that all contributed IP becomes property of the ASF, to be
> published under the Apache license.
It is more than just code. It is distribution of binary .jar files which
were made available ONLY via a registration process on Sun's website.
> While we do allow software with different licenses in Apache codebases
> (such as Henry Spencer's regex package in httpd 1.3) those licenses must
> be a rough subset of the Apache license, so that the aggregate license on
> the whole must still be the Apache license.
This is *definitely* not the case with the software that is distributed in
the Tomcat 4.0 Final. There are at least 8 .jar files which are 100% owned
by Sun and under Sun licenses.
> As per our agreement with Sun related to the right to implement the
> servlet API, we do have the right to distribute specific Sun code as a
> convenience to end-users, such as javac.
We do? I thought that javac was a problem and that we couldn't distribute
it.
> We have the right to distribute
> that bytecode under the Apache license, despite not having the actual
> source. That code must be clearly marked as not ASF IP. There is no
> existing agreement covering other jar files.
There is no markings saying that any of the .jar files which have been
distributed with Tomcat 4.0 Final are covered under any license other than
the ASF license. There are links to download the software off of the Sun
website, but there is no mention of licenses.
> It is important that when someone downloads the code from apache.org, they
> don't have to go searching through the source code trying to determine
> what license the code is *actually* under. They have to trust that when
> the top-level COPYRIGHT file (or equivalent) gives them the Apache
> license, that's the license the whole package is actually under.
I would say that is definitely not the case with the Tomcat 4.0 Final
distribution.
thanks,
-jon
