Re: BSD license + should

[Hendrik Weimer]

Michael Banck  writes:

> If not, can you suggest a rephrasing of this clause that would make it
> DFSG-free, but be similar in spirit (i.e. nudge the user to cite the
> package if they publish results based on its use)?

, 12.g.

Hendrik

Re: JPL Planetary Ephemeris DE405

[Hendrik Weimer]

Ole Streicher  writes:

> I think that these files are public domain: First, they are originated
> by nasa.gov, which is a U.S. governmental institution, and so they are
> PD by law.

This is only true within the United States. Internationally, U.S. govt
works are still protected and distribution requires a valid license.

Hendrik

Re: EADL license

[Hendrik Weimer]

Walter Landry  writes:

> Florian Weimer  wrote:
>> 
>> Debian is also available in Europe, where the U.S. government is not
>> barred by U.S. law from obtaining and enforcing copyright of its
>> works.  Europeanl law also has copyright-like protections for certain
>> collections of facts.
>
> In practice, Debian already distributes these kinds of works.

Sure, but this is not necessarily an active decision, it could also
result from a lack of awareness of the legal situation.

Hendrik

Re: Status of US Government Works in foreign countries

[Hendrik Weimer]

Charles Plessy  writes:

> so you wrote on your blog six years ago that distributing works done by US
> government institutions is "a trap".  Do you have concrete examples of cases
> where people fell in that trap and got hurt since then ?

The "trap" is a reference to the similar situation in Java back then,
i.e., you might have to invest more work to get rid of tainted
code/content than it would have been to use properly licensed stuff to
begin with.

Actually, I find it quite remarkable that at least some US agencies have
now started to put in explicit warnings into their works that all
overseas rights are being reserved. This certainly shows they are aware
of the situation, with actual enforcement being the next logical step.

Hendrik

Re: Status of US Government Works in foreign countries

[Hendrik Weimer]

Rytis  writes:

> US Goverment public domain issue has been discussed a few times in this
> mailing list [1]. According to the interpretation by [2], this would
> fall into public domain abroad as well and second part of the above
> licence snippet may be unenforceable.

Unfortunately, this interpretation is wrong. I wrote about this some
time ago when there was yet another discusion on debian-legal:


> I wonder therefore whether it is legally sound to state licence as
> 'public-domain' for the package and include the licence and disclaimer
> text from the website. Would the package under this license qualify as
> free, non-free or should be outside Debian?

In my opinion, such software should not be distributed by Debian
because it puts mirror operators located outside of the US at risk.

Hendrik

Citation requirements

[Hendrik Weimer]

Hello,

I've come across a piece of software that has a requirement in its
license text mandating to cite a certain set of works in scientific
publications for which the software has been used.

I vaguely remember that such citation requirement clauses were generally
considered to be non-free (see, e.g., [1]), but I have trouble to come
up with a reason for this assessment. Essentially, such a requirement is
nothing but an obnoxious advertising clause, which of course is widely
regarded to be DSFG-free (but GPL-incompatible). One could even argue
that the citation requirement is less severe, as it only asks you to do
what many of the potential users are required by law to do anyway.

Can works with a citation requirement go into main? If you're interested
in the specific case, the actual license text is available at [2].

Hendrik

[1] 
[2] 


-- 
To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/878ukm7ci2@mid.gienah.enyo.de

Re: Winetricks may be inciting copyright infringement

[Hendrik Weimer]

Nick Oosterhof  writes:

> Winetricks is part of contrib, and the debian website states "Every
> package in contrib must comply with the DFSG." [1].
>
> If winetricks turns out to be DFSG incompatible (the requirement of
> having a MS Windows license suggests that is the case), maybe it
> should be moved to non-free?

winetricks is licensed under the LGPL, which is a DFSG-compatible
license. Some of the external components that can be installed using
winetricks may or may not have tricky licensing terms, but this is
perfectly acceptable for a package in contrib.

Hendrik


-- 
To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/87lhqteuj6@mid.gienah.enyo.de

Re: Winetricks may be inciting copyright infringement

[Hendrik Weimer]

Ricardo Mones  writes:

> On Tue, Aug 12, 2014 at 02:07:17PM +0200, Hendrik Weimer wrote:
>> Mateusz Jończyk  writes:
>> 
>> > Unfortunately, many libraries that it distributes are illegal to install on
>> > Linux or it is legal to install them under limited circumstances (such as
>> > having a Windows license).
>> 
>> So what? winetricks is not part of main, so it is the responsibility of
>> the user to ensure compliance with the license.
>
> AFAIK, that's always the case, even if they were in main.

Packages in main are expected to conform to the DFSG, which require
that there are no limitations on the use of the software.

Hendrik


--
To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/87ppg5euuv@mid.gienah.enyo.de

Re: Winetricks may be inciting copyright infringement

[Hendrik Weimer]

Mateusz Jończyk  writes:

> Unfortunately, many libraries that it distributes are illegal to install on
> Linux or it is legal to install them under limited circumstances (such as
> having a Windows license).

So what? winetricks is not part of main, so it is the responsibility of
the user to ensure compliance with the license.

Hendrik


--
To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/87tx5hewsq@mid.gienah.enyo.de

Re: Public Domain again

[Hendrik Weimer]

Jérémy Lal  writes:

> Public domain is not a license, its meaning depends
> on the country you're in. What if that country applies
> laws that violate DFSG ?

I think you have to distinguish between two cases.

1.) Someone releases some code that is accompanied with a statement
along the lines of "I hereby dedicate my work to the public
domain". While there is some ambiguity in the term "public domain",
it is clear that by any legal definition, such a statement concludes
a waiver of all exclusive rights to this work. These works are fine
to distribute in Debian, and maintainers and mirror operators should
be safe if they operate in jurisdictions meeting basic international
standards.

2.) The more delicate case is when the work is deemed to be exempt of
copyright by US law, as is the case with works created by the US
government. These works are only in the public domain within the US,
as they are still protected by international copyright law [1].
Historically, Debian has adopted a US-centric point of view and
accepts unlicensed US government works into main, but if you are an
international maintainer, you might want to take additional
precautions if you are dealing with such works.

Hendrik

[1] http://www.quantenblog.net/free-software/us-copyright-international


--
To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/87r4ktiy22@mid.gienah.enyo.de

Re: Fwd: Re: RFS: wmaker

[Hendrik Weimer]

"Bernhard R. Link"  writes:

> * Hendrik Weimer  [15 15:50]:
>> US government works are only in the public domain when distributed
>> within the US. In all other countries that have signed the Berne
>> Convention you still need a license, which should also apply to many
>> Debian mirrors.
>
> It's a bit more complicated. As far as I do understand it, copyright
> treaties mean you have to protect other countries' copyrights in your
> own. But it does not say if you have to apply your rules or their rules
> for what is protected.

As I stated in my blog post, I have discussed this with a paralegal
working in international copyright law. Due to the principle of national
treatment, there is little doubt that you have to apply the rules of
your own country to determine what is eligible for protection.

> So similarily to some piece of work where the author is dead long
> enough for the work to no longer have a copy-monopoly on it in the
> author's home country there are juristdictions where that work is not
> protected (because it no longer is protected "at home") and there are
> jurisdictions where it is still protected (because it needs more years
> there).

All countries signatory to Berne grant monopoly rights at least until 50
years after death, so this point is somewhat academic.

Hendrik


-- 
To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/87d3com6ud@mid.gienah.enyo.de

Re: Fwd: Re: RFS: wmaker

[Hendrik Weimer]

Charles Plessy  writes:

> The public-domain short name is reserved for cases where the work is
> really in the public domain in the strict legal sense of it; this is a
> rare case (for instance, some works of U. S. government employees).

US government works are only in the public domain when distributed
within the US. In all other countries that have signed the Berne
Convention you still need a license, which should also apply to many
Debian mirrors.

http://www.quantenblog.net/free-software/us-copyright-international

Hendrik


-- 
To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/877h311lv8@mid.gienah.enyo.de

Re: Fwd: Re: RFS: wmaker

[Hendrik Weimer]

Rodolfo kix Garcia  writes:

> Copyright: 1997, Marco van Hylckama Vlieg 
> License: public-domain
>  They may be distributed freely and/or modified as long as the original
>  Author is mentioned!

This is different from public domain. Just use a generic name such as
"attribution" instead for the first line of the License field.

> Copyright: 2000, Banlu Kemiyatorn
> License: public-domain
>  do What The Fuck you want to Public License

This should probably be called "WTFPL-1".

Hendrik


-- 
To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/874ny66sl9@mid.gienah.enyo.de

Re: Bug#639916: spread: license wackiness

[Hendrik Weimer]

Ken Arromdee  writes:

> Unlike the original BSD 4 clause license this adds "or software that uses
> this software".
>
> If I interpret this broadly (all software that uses this software must
> display the sentence) it's non-free, since it imposes conditions on
> non-derived software that happens to use it.  Even if I interpret it
> narrowly (all advertising materials mentioning software that uses this
> software, must display the sentence) it imposes conditions on advertising
> for non-derived software.

But this does not break unrelated software as the code that uses it has
to be inserted deliberately, making it no longer unrelated. In a way,
this is a stronger restriction than the usual linking arguments pushed
by the FSF, but it's not totally crazy. In some jurisdictions even
copying a program into memory by an exec(3) call is an action for which
you need the permission by the rights holder.

Hendrik


-- 
To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/87d3flw1kq@mid.gienah.enyo.de

Re: How to use (free!) sources of other projects without copyright/license information in file?

[Hendrik Weimer]

Michael Tautschnig  writes:

> Both of the packages claim to be GPL'ed as per COPYING, and I wonder whether
> this is acceptable for Debian. Probably it is, as ax25-apps is in
> main.

While the GPL strongly recommends putting copyright notices in each
source file, it does not require to do so. In the case of ax25-apps, the
upstream tarball claims that the work is being licensed under
GPL-2. Unless one has evidence that this claim might not be true, I see
no reason to think otherwise.

Hendrik


-- 
To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/87liy9ercn@mid.gienah.enyo.de

Re: Auto-acceptance of license by download a problem for 'main'?

[Hendrik Weimer]

Michael Hanke  writes:

> | Your contribution of software and/or data to  (including prior
> | to the date of the first publication of this Agreement, each a
> | "Contribution") and/or downloading, copying, modifying, displaying,
> | distributing or use of any software and/or data from 
> | (collectively, the "Software") constitutes acceptance of all of the
> | terms and conditions of this Agreement. If you do not agree to such
> | terms and conditions, you have no right to contribute your
> | Contribution, or to download, copy, modify, display, distribute or use
> | the Software.

I find these terms to be somewhat ambiguous. If the requirement to
accept the license before download applies only to downloads from the
orginal site, I think this is fine. However, when they try to enforce
downstream to present the license as an EULA before downloading, then I
think this is not acceptable. Maybe not as a direct violation of the
DFSG, but Debian provides no option to present an EULA before
downloading packages, so distributing the software might even constitute
contributory copyright infringement.

Hendrik


-- 
To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/87ei4lkg2p@mid.gienah.enyo.de

Re: Lawyer request stop from downloading Debian

[Hendrik Weimer]

Ken Arromdee  writes:

> It's my understanding that in Germany lawyers can do this to copyright
> violators even though they are not the copyright holder.

This is not true. Under German competition law, someone can hire a
lawyer to send a cease-and-desist letter to a competitor if they are
gaining an unfair advantage, say, by infrining on a third party's
copyright. The cost for the laywer then has to be paid by the
perpetrator, but no lawyer may act solely by himself.

However, this is definitely not what has happened here. In this case, a
Dutch company claimed that they were having exclusive distribution
rights on squeeze, which rather seems to be an attempt at fraud to me.

On the other hand, ensuring GPL compliance for torrent distribution
seems to be a good idea.

Hendrik


-- 
To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/874o5ntz8s@mid.gienah.enyo.de

Re: Question about the criteria for a library to be in contrib

[Hendrik Weimer]

Michael Wild  writes:

> So, this means that ViennaCL must Depends: on some OpenCL
> implementation. Currently the only one packaged in Debian (still in
> experimental) I can find is the one from NVIDIA. So, this probably means
> then that it really has to go into contrib, right?

Unfortunately, yes. It is really sad that there is currently no usable free
GPGPU solution available.

Hendrik


-- 
To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/87vcys3ixt@mid.gienah.enyo.de

Re: Question about the criteria for a library to be in contrib

[Hendrik Weimer]

Michael Wild  writes:

> On 04/05/2011 03:23 AM, Hendrik Weimer wrote:
>> Michael Wild  writes:
>> 
>>> I find this hard to believe, since the package only uses the free
>>> and publicly available API defined by the Khronos group and it is
>>> up to the user of the package against which implementation of
>>> OpenCL he wishes to link.
>> 
>> How is this different from Java before OpenJDK was released?
>
> I think it is different because the package will only contain source
> code. It hasn't been processed by or linked against any proprietary,
> non-free software. Of course, one could argue that it is implicitly tied
> to non-free software since there is currently no alternative. So, for
> me, this is kind of a conundrum :-)

The question is whether one can use ViennaCL without an OpenCL
implementation. If not, then the ViennaCL package must depend on an
OpenCL package, no matter whether it is source code only or not.

> BTW, there is a free implementation of OpenCL in the works in Mesa,
> called Clover [1]. However, I'm not sure how far along it is and how
> active it is, the last commit is from late November, last year.

If Clover gets packaged and you can use ViennaCL with it, I see no
problem for the latter to go into main.

Hendrik


-- 
To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/87zko43l36@mid.gienah.enyo.de

Re: Question about the criteria for a library to be in contrib

[Hendrik Weimer]

Michael Wild  writes:

> I find this hard to believe, since the package only uses the free and
> publicly available API defined by the Khronos group and it is up to the
> user of the package against which implementation of OpenCL he wishes to
> link.

How is this different from Java before OpenJDK was released?

Hendrik


-- 
To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/87ei5hij8v@mid.gienah.enyo.de

Re: scientific paper in package only in postscript form non-free?

[Hendrik Weimer]

Noel David Torres Taño  writes:

>> Sure, it should be - what happens if it no longer exists?  That seems
>> quite possible for a years-old journal paper.
>
> It can happen that the scientific paper has non-free copyright: it
> uses to be attributed to the journal where first published.

Not the case here: the paper (actually a book chapter) was prepared by
US govt employees so there is no (US) copyright to start with.

Hendrik


--
To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/87aags1rsg@mid.gienah.enyo.de

Re: distributing a restricted branding icon OK?

[Hendrik Weimer]

Gabriel Burt  writes:

> Is changing http://www.emusic.com/favicon.ico to a PNG "modifying" it?
>
> Assume it's not, would we be OK including that image in our Debian
> package of Banshee?

The way iceweasel handles non-free search engine logos is to download
them into the user's local profile when needed.

Hendrik


-- 
To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/878vwgvtph@mid.gienah.enyo.de

Re: data "copyright" or not -- what is Debian's take?

[Hendrik Weimer]

Yaroslav Halchenko  writes:

> Should I advise to blindly attach a copyright  statement and
> license, possibly copyrighting non-copyrightable, thus committing
> "Copyfraud" in some jurisdictions?

Probably not, as this would be illegal in said jurisdictions.

> What would be the take of Debian ftpmasters whenever they receive a
> package shipping data without clean copyright/license statement and 
> something like this instead:
>
>This data has been collected 2010 by Author1, Author2.
>Please recognise the substantial effort that went into the
>collection of this data by attributing the authors.
>Attribute by citing the original publication:
>Author1, Author2, Title of the paper, where published, 2010,
>URL: http://

This is also problematic. First, it does not grant the necessary
permissions for DSFG-freeness in jurisdictions where this would be
needed (e.g., all EU member countries). Second, it imposes a citation
requirement, which is generally regarded as discriminating against field
of endeavor, thus failing DSFG § 3. It is much better to mention the
relevant publication in a note outside the license text. And third, in
jurisdictions where the database creator does not hold any rights to
the database contents, trying to impose such a requirement might again
be regarded as copyfraud.

> Or should I advise to use the text of MIT license, verbally and
> explicitly describing possible uses and disclaiming any warranty?
> but once again without any copyright statement.

I think the best thing would be to use the Open Data Commons PDDL [1],
which was explicitly created for such situations.

Hendrik

[1] http://www.opendatacommons.org/licenses/pddl/1.0/


--
To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/87wrlu5kol@mid.gienah.enyo.de

Re: situation of imapsync and Debian

[Hendrik Weimer]

[ Recipients stripped to debian-legal ]

Gergely Risko  writes:

> I do not have the legal skills to discuss wether your webpage and your
> distribution policy of imapsync
> (http://www.linux-france.org/prj/imapsync/) is compatible or not with
> the debian social contract.  I will leave this to the debian-legal
> people.

According to the author, imapsync continues to be available under the
WTFPL [1]. So from the license point of view this is not a problem, no
matter whether he charges for the copies or not. I doubt, however, that
there is precedent for the Debian project paying for the code in such a
situation, but I might be wrong.

Hendrik

[1] http://www.linux-france.org/prj/imapsync_list/msg00732.html


-- 
To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/87r5c35gwn@mid.gienah.enyo.de

Re: Providing an openssl-linked pycurl

[Hendrik Weimer]

MJ Ray  writes:

> I think the suggestion is that software using python-pycurl would not
> change if they were using openssl or gnutls.  I don't understand how
> the GPL'd software is derived from openssl if it works interchangably
> with gnutls on the other side of pycurl.  Can you explain?

Even if it was legal, I would strongly object against replacing
python-pycurl with the OpenSSL version. In that case one would have to
comply to different license requirements depending on the functions one
uses within pycurl. Even if properly documented, this is asking for
undistributable code to be written, which might take ages to resolve.

Hendrik


-- 
To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/86tyojhf2b@mid.gienah.enyo.de

Re: LGPL code that includes files licensed under Sun Public License 1.0 - DFSG-free?

[Hendrik Weimer]

tony mancill  writes:

> I'm not saying that they are unchanged in the source distribution of libjxp,
> but that the upstream author says that the files that were released as part
> of JavaCC under the SPL license are the same files (meaning they have the
> same content) as the files now under the BSD-like license.

Sorry, I must have missed this point.

> That is, it seems like it makes a difference that the code used to
> create the derived work is the same under both licenses.  Otherwise,
> the derived work is still derived from code that has only been
> distributed under the SPL, and it seems like the upstream author would
> need to "re-derive" the work from the BSD-licensed file.

Exactly. However, you cannot simply replace the SPL license text as the
modified version is still SPLed. You need to get permission from
upstream to use the modifications under BSD-3 as well. I hope this
answers your questions.

Hendrik


-- 
To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: LGPL code that includes files licensed under Sun Public License 1.0 - DFSG-free?

[Hendrik Weimer]

Tony Mancill  writes:

> We've requested that the upstream author release a new upstream version
> with the updated license, and are waiting for his reply.  But I wanted
> to ask the list if that is strictly necessary, given that we know the
> contents of the files, save for the license, haven't changed.

Are you sure the files are unchanged? The file shipped with jxp says
"Altered by Tiong Lee ([..]) extensive to be a JJTree grammar".

Hendrik


-- 
To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: RFS: ognl

[Hendrik Weimer]

Matthew Johnson  writes:

> I don't like:
>
> * 5. Products derived from this software may not be called
> * "OpenSymphony"
> *or "OGNL", nor may "OpenSymphony" or "OGNL" appear in their
> *name, without prior written permission of the OpenSymphony
> *Group.
>
> since we are, arguably, distributing a derivative work and if we ever
> patch it then we certainly are.

Like it or not, but it seems to be fine from the DFSG side. If
upstream remains uncooperative the proper way to handle such trademark
hassle is to ship a rebranded version.

Hendrik


-- 
To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: LGPL code that includes files licensed under Sun Public License 1.0 - DFSG-free?

[Hendrik Weimer]

Tony Mancill  writes:

> * The Original Code is JavaCC. The Initial Developer of the Original
> * Code is Sun Microsystems, Inc. Portions Copyright 1996-2002 Sun
> * Microsystems, Inc. All Rights Reserved.

JavaCC (https://javacc.dev.java.net/) seems to have been relicensed
under the revised BSD license. Maybe it helps to ask upstream for the
unmodified files and look for identical files with the new license.

Hendrik


-- 
To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: Using NASA Imagery

[Hendrik Weimer]

"Bernhard R. Link"  writes:

> If this is the case, then I guess we have quite an big problem, as I
> guess such code and especially data is to be found in quite a large
> amount of places.

Actually, I don't think that's much of an issue. Software seems to be
mostly unaffected as US government entities usually properly license
their works, e.g., under the NASA Open Source Agreement in NASA's
case.

When it comes to images and related data I suppose there will be more
problems. FlightGear (the LaRCSim code seems to miss proper licensing
anyway) and VegaStrike are probably affected. Celestia seems to use
ESA data (for which I could not find a license, but that's another
story).

Maybe we also should contact our friends at Wikipedia and other open
content projects. I've documented this issue in a blog post
(http://www.quantenblog.net/free-software/us-copyright-international),
which might be used as a reference.

Hendrik


-- 
To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: Using NASA Imagery

[Hendrik Weimer]

"Bernhard R. Link"  writes:

> * Don Armstrong  [090117 20:01]:
>> Because NASA as a US government agency can't copyright things it
>> produces directly, they're usually DFSG free. (It's the equivalent of
>> public domain in the US.) [Specific examples of work are needed to
>> figure out whether that's the case in a specific instance.]
>
> I know this is general accepted knowledge, but has anyone ever asked
> a layer knowledgable in international copyright law about it?

I just asked someone working on international copyright law. The key
point is that you always have to apply the law of the country where
you want to distribute the work (principle of national treatment,
"Schutzlandprinzip" in German). So, while there is no copyright on
NASA images in the US, it is still protected by the respective laws in
any country that has signed the Berne convention or a similar
international treaty.

I am not sure whether this makes it non-free, though. The DSFG do not
mention that the rules have to apply worldwide. Also, the GPLv2
explicitely allows geographical limitations.

Hendrik


-- 
To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: enabling transport and on storage encryption in bacula on debian build

[Hendrik Weimer]

Josselin Mouette  writes:

> Le dimanche 11 janvier 2009 à 21:25 +0100, Hendrik Weimer a écrit :
>> The only
>> case I am aware of where another distro refuses to distribute a
>> package found in Debian is Fedora's stance on afio. If you know of
>> other cases, I would be interested to learn about them.
>
> There’s also the case of MP3 decoders in Red hat.

That's patents rather than copyright. When it comes to patent issues I
agree that Debian has a fairly lax (and informal) policy.

Hendrik


--
To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: enabling transport and on storage encryption in bacula on debian build

[Hendrik Weimer]

MJ Ray  writes:

> Hendrik Weimer  wrote:
>> It is a fact that Debian more often rejects packages present in other
>> distros than the other way around. Which I believe is a good sign,
>> BTW.
>
> Is that a fact?  Where's the evidence?  A quick web search didn't find
> a good study, but it might exist.  I found some evidence that Debian
> rejects packages present in Ubuntu, but that's a special case and only
> one related distribution.

A list of packages that have or had license issues from the top of my
head: gnucash (HBCI support), kmymoney2 (HBCI support),
ttf-liberation, bacula (encryption), libapache-mod-security. The only
case I am aware of where another distro refuses to distribute a
package found in Debian is Fedora's stance on afio. If you know of
other cases, I would be interested to learn about them.

> Even if so, how does one get from that fact to "Debian's policy on
> licensing usually involves taking the high road..."?

I would claim that said fact presents evidence that this statement is
true. But again, I do not see a problem with this.

Hendrik


-- 
To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: enabling transport and on storage encryption in bacula on debian build

[Hendrik Weimer]

MJ Ray  writes:

> Everyone is entitled to their opinion, but please don't state it as
> fact.  I believe that Debian's policy on licensing is generally to try
> to do what we think the software and licence authors intended, but to
> be fairly cautious because we don't have big money or fast lawyers and
> it really sucks if you're a maintainer who gets a complaint from the
> copyright holder.

It is a fact that Debian more often rejects packages present in other
distros than the other way around. Which I believe is a good sign,
BTW.

Hendrik


-- 
To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: enabling transport and on storage encryption in bacula on debian build

[Hendrik Weimer]

Kern Sibbald  writes:

> I personally don't believe that such distribution is a problem --
> after all Debian does distribute pure GPLv2 code and OpenSSL source
> code on the same ISO image.

This should not be a problem anyway as it falls under the "mere
aggregation" clause.

> Problems of mismatched licenses apparently occur when forming and
> distributing a "mixed" binary program or when mixing different
> licenced source code in the same file and distributing it.  As far
> as I know Bacula 2.4.x does not mix source code with different
> licenses in the same source file (we simply call libraries that when
> executed are incompatible), and Debian as well as its derivatives
> have decided not to form a Bacula binary using the offending
> libraries.

I see what you mean, but I think there is a problem with this
reasoning. If you redistribute GPLv2ed sources you must ensure that
all recipients of the code enjoy the rights granted to you the license
(6.). One such right is the distribution of the software as a binary
(3.), which you may not without satisfying OpenSSL's advertizing
clause. Which in turn means you may not distribute the software at all
(7.).

> In any case, there are many other programs that have far worse
> problems than the old Bacula code.  Most of the Bacula problems
> involve code copyrighted by FSF, and the FSF is very well aware of
> the Bacula problem all the way up to RMS.  They are also very well
> aware that I take those problems seriously and fixed them a long
> time ago.  For these kinds of "technical" problems, I certainly hope
> that no one would not want to simply stop supplying the source code
> -- that would likely hurt the users far more than helping the Free
> Software movement, and so far none of the authors of the pure GPLv2
> code have complained.

I fully agree here. I don't think the FSF(E) will go berzerk for
someone distributing Bacula. However, Debian's policy on licensing
usually involves taking the high road rather than doing what you can
get away with. Moreover, the belief that distributing software in
source form magically frees you from your obligations under the GPL
seems rather mystical to me.

Hendrik


-- 
To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: enabling transport and on storage encryption in bacula on debian build

[Hendrik Weimer]

Kern Sibbald  writes:

> 1. Build it from source yourself (perfectly legal -- only distribution 
> violates the GPL license).

The question is whether it is legal to distribute the Bacula sources
(including parts depending on OpenSSL) to begin with. These are
uncertain legal grounds to say the least.

> 2. Wait for version 3.0.0 (currently in Beta testing as version
> 2.5.28-b1).  This version has no licensing problems (pointer to
> details for version 2.4.x provided by John) and so Debian will be
> able to release it with OpenSSL compiled in.

Ah, that's good to hear!

Hendrik


-- 
To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: Liberation Font License revisited

[Hendrik Weimer]

Francesco Poli <[EMAIL PROTECTED]> writes:

> On Sat, 26 Apr 2008 21:41:08 +0200 Hendrik Weimer wrote:
>
>> Francesco Poli <[EMAIL PROTECTED]> writes:
> [...]
>> > Did you point RMS' message [4] out to the FSF when you contacted them?
>> 
>> I did.
>
> And how did they explain the difference in their conclusions?!?

They didn't. However, I am not sure whether RMS's message can be
considered as official position of the FSF.

>> As far as I can see, the main argument against this license here on
>> debian-legal was that the FSF (or RMS) had considered such licenses to
>> be invalid.
>
> I don't think this is an accurate summary of the debian-legal
> discussion on the topic.
>
> The main argument was that the license (GPLv2 + restrictions) is
> self-contradictory and thus invalid.
> This conclusion was *confirmed* by RMS, who basically brought the same
> argument.  However, I think the argument holds even if RMS and/or the
> FSF change(s) his/their mind(s) afterwards, unless he/they bring(s) new
> data to support his/their new opposite conclusion...

As was already pointed out in the previous thread, this interpretation
relies on that the "no further restrictions" clause applies to GPLv2 +
restrictions, not to GPLv2 alone.

I fully agree with you that the Liberation Font license is
sub-optimal, however I do not see a scenario where distribution of the
fonts by Debian led to legal trouble or a violation of the DFSG. Can
you think of such a situation?

Hendrik


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Liberation Font License revisited

[Hendrik Weimer]

Francesco Poli <[EMAIL PROTECTED]> writes:

> I think they are applying a double standard here: when the authors of a
> teTeX package add a restriction to the GNU GPL v2 [3], RMS says it
> can't be done because it's self-contradictory [4]; when Red Hat do the
> same, "they are within their rights to do it the way they did"...
>
> [3] http://lists.debian.org/debian-legal/2006/05/msg00298.html
> [4] http://lists.debian.org/debian-legal/2006/05/msg00303.html
>
> Did you point RMS' message [4] out to the FSF when you contacted them?

I did.

>> This should make this license acceptable for Debian, right?
>
> This makes this license acceptable for the *FSF*, which is a different
> organization.

As far as I can see, the main argument against this license here on
debian-legal was that the FSF (or RMS) had considered such licenses to
be invalid. However, this seems not to be the case now, no matter
whether the FSF changed their mind or not.

Hendrik

-- 
*** OS Reviews: Free and Open Source Software for GNU/Linux and more ***
*** http://www.osreviews.net/    ***
*** OS Reviews * Hendrik Weimer  Phone: +49-711-81041666 ***
*** Tiroler Str. 70 * 70329 Stuttgart * GERMANY  [EMAIL PROTECTED]  ***


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Liberation Font License revisited

[Hendrik Weimer]

Hello,

I've spent some time on the Liberation font license mess [1], here are
my results. Red Hat's Tom Callaway (who is responsible for dealing
with such licensing issues) stated that according to the FSF the
license was "free but GPL-incompatible" [2]. I contacted the FSF to
further clarify on the alleged contradiction in the terms. The reply I
got says that the FSF considers this to be a valid license:

'We believe it would have been far clearer if Red Hat had created,
say, the "Liberation Font License" with their extra conditions.
However, since they are the copyright holders, they are within their
rights to do it the way they did.'

This should make this license acceptable for Debian, right?

Best regards,

Hendrik Weimer

[1] http://www.mail-archive.com/debian-legal@lists.debian.org/msg36584.html
[2] https://bugzilla.redhat.com/show_bug.cgi?id=253774#c7

-- 
*** OS Reviews: Free and Open Source Software for GNU/Linux and more ***
*** http://www.osreviews.net/        ***
*** OS Reviews * Hendrik Weimer  Phone: +49-711-81041666 ***
*** Tiroler Str. 70 * 70329 Stuttgart * GERMANY  [EMAIL PROTECTED]  ***


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]