I was going to reply in great detail (and may yet) but I think I
should first highlight a general point. There is a tension between a
couple of different potential goals:
* Making exploitation hard for hostile, sophisticated license users.
* Making understanding and compliance easy for well-intentioned license
users.
* Reducing the damage caused by unsophisticated and/or unintentional
license violators.
In particular, the first two points can be in obvious tension: making
things ironclad against hostile exploiters can make the license harder
to understand and/or less flexible for well-intentioned users. Of
course, go too far towards making it easy, and you leave yourself with
no tools to use against unsophisticated violators.
Two data points have informed my (personal) thinking about where to
strike the balance:
* As far as we're aware, sophisticated exploiters appear to have been
rare; violations have instead mainly been very amateurish, making very
obvious mistakes like not putting up any source anywhere. I think the
GPL and CC folks have mostly found the same thing to be true. This
suggests to me that it is most important to cover the common amateurish
cases; the rare sophisticated exploiter should not be ignored but
shouldn't be given undue weight.
* Detailed requirements have proven hard for well-intentioned users to
understand, and easy for them to violate even when acting in good faith.
This suggests to me that we should generally avoid overly-specific
requirements unless there is a very good reason.
Obviously each time we look at language, we do a case-by-case balancing
of the issues, and so what you're telling us is valuable, Ben. I just
thought it might be worthwhile to spell out the background that I'm
operating against.
Luis
On 8/19/10 5:22 PM, Ben Bucksch wrote:
On 19.08.2010 20:09, Luis Villa wrote:
there is now a pretty broad understanding of what 'reasonable'
distribution is for free/open software
I recently found that I don't even agree with other Mozilla people
what "open source project" means (they say license only ala Oracle, I
say open for contribution), so I don't think you can assume a shared
understanding of "reasonable", esp. with a hostile party, at a court.
Why shouldn't you make the source available per download?
Generally, you should; that is 'reasonable' modern open source
practice. But you can imagine situations where it might be hard to
include source through the available technology (e.g., some
application stores);
You can always offer a download on your own server and cite the URL in
the app. All you need to do is guarantee that it stays live (the old
MPL even specced how long).
we'd like to encourage people to be creative there
Frankly, I'd rather have people not be "creative" when it comes to
fulfilling open source license requirements. Companies have been way
too creative in this area.
(Sorry for picking on your word, could not resist :) )
In fact, I'd mandate that it must be available freely to everybody
(not just recipients of the executable) for free per Internet HTTP.
You received free, you shall give free.
That would be broader than any other open source license
MPL 1.1 was very close to that.
generally speaking even GPL only creates obligations to people whom
you've distributed executables to, rather than to the entire world.
Frankly, I don't see why, given that these receivers can then freely
redistribute, so there's little point.
Internal use is not covered anyways, so that's irrelevant.
I don't know what would happen if a company sold commercial software
based on Gecko, and in the license for the software mandated that the
MPL source is not re-distributed. The customer could then get the
source, and the MPL would allow them to give it to me, but the other
contract would forbid it. Essentially close-sourcing the MPL changes.
I don't think we want that.
So, I don't see a point of this loophole "source for customers only".
--
Luis Villa, Mozilla Legal
work email: [email protected] (preferred)
work phone: 650-903-0800 x327
personal: http://tieguy.org/about/
_______________________________________________
legal mailing list
[email protected]
https://lists.mozilla.org/listinfo/legal
