Hi Gerv, Consider the hapless corporate attorney who is forced to review hundreds of proprietary software licenses when authorizing the distribution or sale/purchase of his company's software products. Each of those proprietary licenses may contain restrictions on transfer; unique indemnity and warranty provisions; attribution requirements or prohibitions; etc.
I consider your task with these BSD/MIT open source variants to be simple in comparison. FOSS is usually simpler than proprietary. But once you've done your variant-gathering, will you recommend that everyone else do the same for their own open source software as Mozilla will do for Firefox OS? That's a lot of work to recommend for others to do. That would seem to be a waste of time considering the infinitesimally tiny risk that one of those "variant" licensors would sue you for breach for taking the easy way out -- such as: "This software includes contributions under one or more variants of the official BSD and MIT license versions published at www.opensource.org. Mozilla has chosen not to publish those individual variant licenses along with this distribution, although we are disclosing its source code as those licenses require." This would be, after all, an entirely reasonable minor breach of what is a weak BSD or MIT license requirement, imposed by unknown contributors long ago, to publish the actual license text somewhere prominently along with the software. Those licensors can't sue you anyway unless they register their copyrights, which is unlikely to have happened for such works. Damages in such a lawsuit would be minimal at worst. For a company that can afford to swat away any such nuisance lawsuits, taking this easy way out may be worth the risk, unless your lawyer tells you that no risk is ever worth taking. I'm quite sanguine about minimal license breaches in open source situations where we can reasonably assume that we're serving the authors' will anyway. Some of those old license requirements are no longer appropriate for modern software delivery mechanisms. Other opinions may vary. /Larry P.S. Egads! A lawyer advising breaches of the express (and unreasonable) terms of very old FOSS licenses!!! Fortunately, this email is not legal advice to you. :-) Lawrence Rosen Rosenlaw & Einschlag, a technology law firm (www.rosenlaw.com) 3001 King Ranch Rd., Ukiah, CA 95482 Office: 707-485-1242 -----Original Message----- From: Gervase Markham [mailto:g...@mozilla.org] Sent: Monday, November 26, 2012 2:55 AM To: license-discuss@opensource.org Subject: [License-discuss] Boilerplate license text for permissive licenses? Dear license-discuss, Short version: can the OSI please consider providing generic, appropriately wrapped, plain-text, copy-and-pasteable versions of the MIT, BSD (2 and 3 clause) and HPND licenses, linked from that license's main license page, to cut down on license proliferation? Long version: I am currently attempting to make sure Firefox OS complies with the open source licenses of all the bits of code we are using. As you can understand, an entire operating system is quite a lot of code. I have written a script to analyse the codebase and extract all of the MIT, BSD and HPND license blocks in it. Each of these licenses requires the license text to be reproduced "in other materials provided with the distribution", or some similar words. My script counts as "the same" the ones where the differences are merely whitespace-based. We were advised that if two license blocks differ by more than that, e.g. if they mention a specific person or organization in the disclaimer, then they are "different" and cannot be merged. Here's a count of the number of different variants in my current draft licensing file, by license type: BSD2Clause: 30 BSD3Clause: 55 BSD4Clause: 12 MIT: 23 HPND: 42 In other words, we will have to reproduce at least 160 different but similar license blocks in the documentation for Firefox OS. Some of this is unavoidable; the MIT and BSD licenses have changed over time, and some of this code is very old. Some of these differences may indeed have some legal effect. However, it seems that sometimes, people might be copying and pasting from the OSI website, but then they have to fill in the blanks and/or replace HTML-based formatting such as bullet points, and everyone does it slightly differently. For example, for bullets, we have "*" vs "a)" vs "1." vs "-" vs " ". I have seen BSD 3-clause variants, otherwise identical to the OSI version, with all of these bullet types. The trouble is, without getting into very detailed heuristics, simple moves like saying "OK, apostrophe, hyphen, period and digits don't count for determining license sameness" start to run the risk of removing significant differences. And the text says you have to reproduce "this license notice", after all. The MIT license on opensource.org is good, because it can simply be copied and pasted as-is: http://opensource.org/licenses/MIT Accordingly, a lot of uses of the MIT license in the codebase are that exact license. However, the BSD3Clause version has a placeholder in clause 3 for <ORGANIZATION>, which means that everyone who copies and pastes it will create a new license variant when they replace that part. http://opensource.org/licenses/BSD-3-Clause Whether there are other variations or not, this is a very common way of creating a whole new license. The BSD2Clause version does not have that, obviously. It's noteworthy that there are 2x as many 3-clause variants in the B2G codebase as there are 2-clause variants. Although it's now deprecated, and so maybe not used much, the HPND is even worse: http://opensource.org/licenses/HPND There are so many optional bits there that anyone attempting to use that license based on the OSI copy is almost bound to produce something unique! We can't prevent people from modifying license texts. But we can avoid _requiring_ them to do so! Can the OSI help with this? Gerv _______________________________________________ License-discuss mailing list License-discuss@opensource.org http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss _______________________________________________ License-discuss mailing list License-discuss@opensource.org http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss