Peter N. M. Hansteen wrote on Fri, Mar 24, 2017 at 03:38:10PM +0100:
> Performing a full license audit of their tree is likely to be time
> consuming (just ask the people who did just that on the OpenBSD
> source and ports trees at least once),
Incidentally, i did a partial license audit of the OpenSSL tree
in the late fall of 2016. It was partial in two respects:
1. I only reviewed the manual pages, not the code itself.
2. My goal was only to list the the main authors and the years
of major changes, not to list everybody who provided
Copyright-worthy contributions.
I started work on November 10, 2016, worked on it during at least
19 different days, completed the work on December 10, 2016, and
added missing copyright notices to 300 files, give or take a handful.
A complete Copyright review trying to identify all owners of Copyright
would be much harder than that.
And it would inevitably end up with mixed results: Some files might
end up Apache 2 only, some would likely have to remain as they are,
and some would probably end up having some parts under one license
and some under the other. Besides, some files already have parts
under two different licenses as we speak.
That might in part explain why Rich Salz finds the idea of ignoring
the law, and brazenly changing license statements without authors'
consent, an attractive idea, but it doesn't explain why he apparently
considers it acceptable.
Yours,
Ingo
