-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Alexander Cherepanov schrieb:
> Hi Bjørn!
> On Wed, 26 Aug 2009 11:09:35 +0200, Bjørn Mork <bj...@mork.no> wrote:
> 
>>> Somebody would help me contacting and convincing the RIRs about
>>> a free geoIP database?
> 

>> I believe such usage can be considered within the RIRs AUPs, provided
>> that you follow their guidelines for bulk downloads and only
>> redistribute a small subset of the data (i.e. only the country attribute
>> of the inetnum objects).
>>
>> You are aware of the GPLv3 licensed database at
>> http://software77.net/geo-ip/ ?
>>
>> This database is used by Geo::IPfree, and probably other applications
>> already part of Debian.
> 
> There is another geo-ip db packaged in Debian -- tor-geoipdb (used by 
> Tor).
> 
> But the problem described in the original mail is that it's unknown 
> how to derive binary data file from source data, not absence of free 
> data. So available alternatives will not help here.
> 
> But looking into all this led to a bunch of questions for 
> debian-legal.
> 
> 1. maxmind. Web page[1] show that C code is under LGPL but data files 
>    are under Open Data License (BSD-like + fixed text acknowledgment --
>    slightly non-free?). However Debian copyright file lists only LGPL. 
>    Patrick, is it an informed decision or a bug?

I am aware of it, my plan was to fix first the source -> dat problem and
then in the same way the license.

The license for the source database is free.

> 
> 2. tor-geoipdb. First, license[1] is not very clean and also contains 
>    fixed text acknowledgment -- is it free? Second, "Some parts of the 
>    IP-to-Country Database are derived from APNIC, ARIN, LACNIC and RIPE 
>    databases whose copyright details are given below" and lack free 
>    licenses. Undistributable?
> 
>    Debian copyright file doesn't include "RIR Licenses" part for some 
>    reason.
> 
> 3. http://software77.net/geo-ip/ . How is it possible for their data 
>    to be licensed under GPL when the data seems to come directly from 
>    RIRs?

Is this *realy* our job? We do not know from where the data is and if
they come from RIR => maybe there is some silent acknowledgment.

Also someone noted in the thread (I think on devel it was) that the data
may be used in limited editions (e.g. only the associated country, but
not the contact informations).

- --
/*
Mit freundlichem Gruß / With kind regards,
 Patrick Matthäi
 GNU/Linux Debian Developer

E-Mail: pmatth...@debian.org
        patr...@linux-dev.org

Comment:
Always if we think we are right,
we were maybe wrong.
*/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkqVZOQACgkQ2XA5inpabMdjIgCfbhr6LnLrqH3bZo/32LSaN0xS
cawAn3zpNN4/yp9ETLv+Ov0DuJ6sgFiv
=V1wc
-----END PGP SIGNATURE-----


-- 
To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Reply via email to