Re: Java in Debian advice result
On Mon, Mar 05, 2007 at 01:10:33PM +, Andrew Saunders wrote: On 2/28/07, John Goerzen [EMAIL PROTECTED] wrote: to summarize the situation here. SPI's attorney has asked that his messages not be posted to public mailing lists for reasons of attorney-client privilege. Please could you elaborate on whom this secrecy is intended to protect, and in what way? I thought attorney-client privilege was a mechanism intended to protect sensitive information disclosed by the client to the attorney (facilitating honest and open communication without the client having to worry about information being leaked to enemies, competitors or the authorities). Assuming this is the case, it seems a bit strange that the request for secrecy should be coming from the *attorney*'s side... I could well be talking bollocks here, and I apologise in advance if that's the case, but I have to say that that's the inference I got. Clarification welcome. (Standard IANAL lawyer disclaimers apply) I thought that attorney-client privilege was something invoked (is that the right word?) by the client. The attorney can only invoke it if the information he is being asked to reveal somehow reveals some protected information of the client. I would think that since SPI is the client, they can unilaterally decide to make the information public. Regards, -Roberto -- Roberto C. Sanchez http://people.connexer.com/~roberto http://www.connexer.com signature.asc Description: Digital signature
Re: Java in Debian advice result
On Mon, Mar 05, 2007 at 10:23:40AM -0800, Sean Kellogg wrote: So, from the lawyer's perspective, it is a matter of client-attorney privilege. SPI now has to make the decision that full disclosure to the public via d-l is worth the potential risk of losing that protection. My guess would be the lawyer has done the research on how one could bring suit against Debian/SPI/3rd party and disclosure would be like handing a roadmap to the enemy. You generally want to make the cost of bringing suit against you as high as possible to warred off long-shot litigation. OK. Makes perfect sense to me. Regards, -Roberto -- Roberto C. Sanchez http://people.connexer.com/~roberto http://www.connexer.com signature.asc Description: Digital signature
Re: What should be in debian/copyright when a gpl source now depends on openssl?
On Mon, Feb 26, 2007 at 05:04:24PM +0200, [EMAIL PROTECTED] wrote: I am not sure the subject accurately reflects the body of this message. Narcis Ilisei has the copyright to inadyn. He released it under the gpl. The source that he wrote is an http client of some sort Aand depends only on libc. Now opendns.com offers to download a modified version. Their version adds an https support. I couldn't see any copyright notice for their version. opendns's version depends on -lcurl -lssl -lcrypto -ldl -lz -lkrb5support , where ssl is provided by openssl. Can debian distributes opendns's version? Assuming that opendns wrote their modifications by themselves, What should be put in debian/copyright? Is the following appropriate as debian/copyright: Thu, 22 Feb 2007 06:15:15 -0700 Home page is http://inadyn.ina-tech.net . Upstream Author: Copyright (C) 2003-2005 Narcis Ilisei, [EMAIL PROTECTED] Copyright (C) 2006-2007 http://www.opendns.com License: Copyright (C) 2003-2005 Narcis Ilisei Copyright (C) 2006-2007 http://www.opendns.com This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA On Debian systems, the full text of the GNU General Public License may be found in /usr/share/common-licenses/GPL. That won't work as there is no SSL excpetion for the GPL. You can check the copyright file for the httperf to see how I handled this same issue. There are others, but that is the only one I can think of off the top of my head. Regards, -Roberto -- Roberto C. Sanchez http://people.connexer.com/~roberto http://www.connexer.com signature.asc Description: Digital signature
Re: [OT] mailing list subjects
On Fri, Feb 09, 2007 at 10:32:43AM +0100, Daniele Micci wrote: Hi, just a suggestion. Why don't you (the ML admins) tag each email in the ML inserting in its subject some prefix (something like: [Debian-legal] subject of email)? This could help those of us who often read emails using a web interface. Thank you for reading, and forgive me for the OT. Because it waste's space? That's what server-side filtering is for. If you read mail in an 80 character wide terminal, then you will know that many subject lines already get truncated. Regards, -Roberto -- Roberto C. Sanchez http://people.connexer.com/~roberto http://www.connexer.com signature.asc Description: Digital signature
Re: creative commons
On Mon, Jan 08, 2007 at 10:08:19PM -0800, Jeff Carr wrote: On 01/08/07 18:43, Roberto C. Sanchez wrote: On Mon, Jan 08, 2007 at 09:02:02PM -0800, Jeff Carr wrote: That's good, I'm not convinced that CC in any form isn't DFSG. :) It seems to me the CC is written with the same kind of mentality and intentions that the DFSG was written. Well, any non-commercial variant of the CC is a clear violation of DFSG #6 (No Discrimination Against Fields of Endeavor). Yes, I understand that. As a guideline, the DFSG is for the purposes of advancing the free software movement. I don't know why the Creative Commons guys added that option, but perhaps there was some really good reason for when it needs to be used. All I'm saying is that it's use needs to be evaluated when someone might choose to use it. I agree that I can't think of a valid use, but I'm not comfortable saying that I've ruled out the possibility that some valid use exists. Jeff OK. I misread your statement as something akin to all CC variants are DFSG-compliant. On closer inspection, that is clearly not what you said :-) Regards, -Roberto -- Roberto C. Sanchez http://people.connexer.com/~roberto http://www.connexer.com signature.asc Description: Digital signature
Re: creative commons
On Wed, Jan 10, 2007 at 01:34:53AM +0100, Francesco Poli wrote: Hence, I don't know what the lawyers are looking for, but a license that grants too few permissions is not OK to me, even if it does so in a legally perfect manner. It seems to me that you are looking at this as a sort of all or nothing situation. I don't think that is correct. A license that grants what you consider to be too few permissions might be too many for some. Now if we were to rely only standard copyright, then only the original creator would be permitted to distribute his work. Redistribution would be prohibited. Now, if the creator decides that he would like to permit free redistribution as long as the redistributor does not realize a commercial gain, then fine. That is an improvement, because before that the redistributor would not have been permitted to redistribute. Depending on the situation, the creator may have decided to create the work and give it away, as long others did likewise without making money. Now, is this situation perfect? No. I suppose the utopian ideal would be something like ST:TNG, where we all endeavor in a field of our choosing about which we are passionate solely for the purpose of self actualization. All knowledge is shared and there is no impediment to its exchange. Of course, as we live in the real world and are predominantly driven by money as a society, we really can't do as they do in ST:TNG. Regards, -Roberto -- Roberto C. Sanchez http://people.connexer.com/~roberto http://www.connexer.com signature.asc Description: Digital signature
Re: Is this legal? [RFP: djohn -- Distributed password cracker]
On Thu, Jan 04, 2007 at 01:25:08AM -0400, Jose Luis Rivas Contreras wrote: Hi, I was checking some old RFP's and I find this one. Is a little program that distribute the job of cracking passwords using John the Ripper. I think this is not totally legal to be packaged officially for Debian. Some reason why you think it is illegal and *where* you think it is illegal would be important and probably also generate a more fruitful discussion than a simple claim of it's illegal with nothing else. Regards, -Roberto -- Roberto C. Sanchez http://people.connexer.com/~roberto http://www.connexer.com signature.asc Description: Digital signature
Re: PEAR / PHP License status
On Fri, Dec 08, 2006 at 10:05:52PM +0100, Sylvain Beucler wrote: Hi, What is the status of the discussion with PEAR (or PHP Group) about using the PHP license in some of the PEAR packages? [1][2] I'm currently in need of QuickForm (v3) in a GNU GPL'd application, but QuickForm is released under the PHP license, which is incompatible :/ If you are the author of said application, you could release under the MIT or BSD-type license. Regards, -Roberto -- Roberto C. Sanchez http://people.connexer.com/~roberto http://www.connexer.com signature.asc Description: Digital signature
Re: Kernel Firmware issue: are GPLed sourceless firmwares legal to distribute ?
On Tue, Oct 17, 2006 at 11:42:14PM -0700, Thomas Bushnell BSG wrote: Anthony Towns aj@azure.humbug.org.au writes: On Tue, Oct 17, 2006 at 03:49:25PM -0400, Nathanael Nerode wrote: The answer to the question in the subject is simple: NO. Thankyou for your opinion. I note you seemed to neglect to mention that you're not a lawyer. So, do you have anything to say about what Nathanael said? How does his not being a lawyer make his statement false? I don't think the point was that the statement is false, rather that it is unfounded. Regards, -Roberto -- Roberto C. Sanchez http://people.connexer.com/~roberto http://www.connexer.com signature.asc Description: Digital signature
Re: Kernel Firmware issue: are GPLed sourceless firmwares legal to distribute ?
On Tue, Oct 17, 2006 at 07:07:00PM -0700, Don Armstrong wrote: On Tue, 17 Oct 2006, Roberto C. Sanchez wrote: So what? Distributing GPL works *with* sources is also not clear of legal liability. Those liabilities occur in either case, so they're not particularly interesting to discuss. Doing something that is against the letter and spirit of a software license is just not a position that we should put ourselves in. But they are interesting. The original argument was about sourceless firmware. Consider these two cases: 1. distributing firmware without corresponding sources 2. distributing packages and source code to a patented implementation of something In case 1, it depends on whether or not you consider (firmware == software) to be true. If yes, then it is against the letter and the spirit of the GPL. That may require an actual court case to figure out. If no, it is just against the spirit, but still legal. In case 2, there is no disputing that it is illegal, if software patents are indeed legal in $jurisdiction. Now, in such a case, it is agianst the spirit of the GPL, while still in complete compliance with the letter of the GPL and generally still illegal. Regards, -Roberto -- Roberto C. Sanchez http://people.connexer.com/~roberto http://www.connexer.com signature.asc Description: Digital signature
Re: Kernel Firmware issue: are GPLed sourceless firmwares legal to distribute ?
On Wed, Oct 18, 2006 at 02:16:04AM -0700, Don Armstrong wrote: Regardless, that distribution in compliance with relevant licenses doesn't necessarily absolve you of all liabilities is well known, and not an issue I'm terribly intersted in discussing in the abstract. [And if for some reason it was readable into my initial response, that was definetly not the intention.] OK. I'll drop it then. Regards, -Roberto -- Roberto C. Sanchez http://people.connexer.com/~roberto http://www.connexer.com signature.asc Description: Digital signature
Re: Kernel Firmware issue: are GPLed sourceless firmwares legal to distribute ?
On Tue, Oct 17, 2006 at 03:35:26PM -0700, Don Armstrong wrote: On Wed, 18 Oct 2006, Anthony Towns wrote: On Tue, Oct 17, 2006 at 03:49:25PM -0400, Nathanael Nerode wrote: The answer to the question in the subject is simple: NO. Thankyou for your opinion. I note you seemed to neglect to mention that you're not a lawyer. That should be abundantly apparent to anyone who has been paying attention. Regardless, it doesn't dismiss the crux of the argument: baring competent legal advice to the contrary,[1] distributing sourceless GPLed works is not clear of legal liability. Doing otherwise may put ourselves and our mirror operators in peril. So what? Distributing GPL works *with* sources is also not clear of legal liability. Regards, -Roberto -- Roberto C. Sanchez http://people.connexer.com/~roberto http://www.connexer.com signature.asc Description: Digital signature
Re: Are source packages required to be DFSG-free? (was: Re: New bugs filed regarding non-free IETF RFC/I-Ds)
On Tue, Oct 03, 2006 at 04:59:03PM +0200, Simon Josefsson wrote: There is some discussion in one of the bug reports: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=390664 (please read it first) The problem is essentially, if I understood it correctly, whether Debian source packages [in main] must be DFSG-free or not, or whether it is sufficient that Debian binary packages [in main] must be DFSG-free and that the source package is legally distributable. I'm not sure what the policy is here. I thought the Debian Policy was that source packages must be DFSG-free too, but I can't find a precise quotation in the Debian Policy Manual and point to it. IIRC, the rule is that sources and binaries must be DFSG free. Otherwise, source CDs would fall under different rules than binary CDs. Regards, -Roberto -- Roberto C. Sanchez http://people.connexer.com/~roberto http://www.connexer.com signature.asc Description: Digital signature
Re: License review request: LinuxMagic FSCL
On Tue, Sep 26, 2006 at 10:04:28PM -0700, Ryan Finnie wrote: Greetings, I responded to an RFP[0] for packaging magic-smtpd[1], and need some help on the legal side. I see 3 issues here: 1. The license[2], also included below, has not been reviewed by the OSI, and is not used in any existing Debian package. The company itself considers it open source, but I feel I am not qualified to make a determination. 2. The software is designed to replace certain components of qmail, which is wholly non-free. Even if the license is clean, does this make the software part of the non-free archive as well? I guess theoretically you could write Free software that would interface with magic-smtpd... Maybe contrib. If it is deemed to be free and then depends on non-free software to be functional, it would go into contrib. 13.6 Dispute Resolution. Any litigation or other dispute resolution between You and THE WIZARDS relating to this License shall take place in the Province of British Columbia, and You and THE WIZARDS hereby consent to the personal jurisdiction of, and venue in, the state and federal courts within that Province with respect to this License. The application of the United Nations Convention on Contracts for the International Sale of Goods is expressly excluded. 13.7 Entire Agreement; Governing Law. This License constitutes the entire agreement between the parties with respect to the subject matter hereof. This License shall be governed by the laws of Canada and the Provncie of British Columbia, except that body of British Columbia law concerning conflicts of law. Where You are located in the province of Quebec, Canada, the following clause applies: The parties hereby confirm that they have requested that this License and all related documents be drafted in English. Les parties ont exigé que le présent contrat et tous les documents connexes soient rédigés en anglais. I'm no legal expert, but I seem to recall that these type of venue selection clauses make the licenses non-free. Regards, -Roberto -- Roberto C. Sanchez http://people.connexer.com/~roberto http://www.connexer.com signature.asc Description: Digital signature
Re: public domain, take ?$B!g
On Mon, Sep 25, 2006 at 10:56:27AM -0700, Daniel Gimpelevich wrote: Greetings! I'm fully aware that the opinions stated on this list have no bearing on anything, but I would still like to ask whether anyone here might have any ideas for improving the wording of the following license header: #!bin/bash # # Let this be known to all concerned: It is the specific intent of the # author of this script that any party who may have access to it always # treat it and its contents as though it were a work to which any and all # copyrights have expired. # I thought about s/author/sole author/ but decided against it as not generic enough. I can see how deciding against it may make it rather unclear as to whose intent is being expressed, but I think that would be rather moot anyway in the event of any dispute. I now cut the ribbon opening this to the free-for-all of opinions... What about: The author(s) of this script expressly place it into the public domain. Regards, -Roberto -- Roberto C. Sanchez http://people.connexer.com/~roberto http://www.connexer.com signature.asc Description: Digital signature
Re: selling web application access
On Wed, Sep 20, 2006 at 02:46:35PM +0200, Ottavio Campana wrote: Hi everybody, I'm writing here because I'm having a doubt on the GPL and I'd like to discuss it with you. Scenario: a software house develops a web application based on GPL software. It doesn't sell the application to customers, it sells the access to the application, which is installed, run and is maintained on the software house's server. Question: can the users ask for the application's source code? I mean, in the GPL only the case of software distribution is covered. But in this case the software isn't distributed, it remains in the software house's servers. Probably not under GPL 2 or earlier. Selling access to an application is the same as distributing the application? It is not the same thing. One is a product (the code), the other is a service (the access to it). This is supposed to be specifically addressed by GPL 3. Thank you for your answers. PS:I know it is not polite, but can you please CC: me? I did not subscribe the list. Regards, -Roberto -- Roberto C. Sanchez http://people.connexer.com/~roberto http://www.connexer.com signature.asc Description: Digital signature
Re: Sun Java available from non-free
Olaf van der Spek wrote: I guess the conclusion is that being a Debian developer means you're right and not being one means you're wrong? More like, being a Debian developer means your arguments are ignored and not being a Debian developer means your arguments are ignored (for a completely different reason). -Roberto -- Roberto C. Sanchez http://familiasanchez.net/~roberto signature.asc Description: OpenPGP digital signature
KJV Bible - Crown Copyright in UK [was: Bug#338077: ITP: sword-text-kvj -- King James Version with Strongs Numbers and Morphology]
On Tue, Nov 08, 2005 at 06:16:52PM +0100, Lionel Elie Mamane wrote: ( Please mail followups to: [EMAIL PROTECTED], debian-legal@lists.debian.org, [EMAIL PROTECTED], [EMAIL PROTECTED] ) On Tue, Nov 08, 2005 at 10:13:42AM -0500, Roberto C. Sanchez wrote: Quoting Lionel Elie Mamane [EMAIL PROTECTED]: On Mon, Nov 07, 2005 at 08:51:26PM -0500, Roberto C. Sanchez wrote: * License : Public Domain Description : King James Version with Strongs Numbers and Morphology This is the King James Version of the Holy Bible (also known as the Authorized Version) with embedded Strong's Numbers. The rights to the base text are held by the Crown of England. What rights are you speaking about? The text certainly is far too old for any copyright to hold and you yourself tag it as public domain. So what right is being spoken of here? Based on my understanding [0], the Crown of England maintains the perogative to authorize printings of the KJV text in Great Britain. It is in the public domain everywhere else. Ain't law fun? grin This makes the KJV of the bible non-free in GB and probably even illegal to distribute at all in GB, unless the Crown gives a blanket license for electronic distribution. Does it? According to the wikipedia article, we can escape this Crown Copyright if what the package will contain is an annotated Study Bible. The question is whether that thing will be annotated enough to be considered as such. Please investigate this before uploading to Debian. [0] http://en.wikipedia.org/wiki/King_James_Version_of_the_Bible#Copyright_status Well, the CrossWire page does not have any warnings about distribution. They are pretty good about putting warnings on texts that may still be copyrighted in certain parts of the world, which is usually only a concern for newer texts. Additionally, the KJV text I downloaded from CrossWire contains all the Strong's Hebrew and Greek numbers cross referenced to the text itself and the sword-text-kjv package I made also suggests the sword-dict-strongs-hebrew and sword-dict-strongs-greek packages the I created. The CrossWire page [0] also caims that their text is a derivative work (probably becase of the integration of the Strong's references) and they place it into the public domain. If there is still an issue, I suppose we could start a non-GB section :-) -Roberto [0] http://www.crosswire.org/sword/modules/ModInfo.jsp?modName=KJV -- Roberto C. Sanchez http://familiasanchez.net/~roberto pgpBJrze4fZIs.pgp Description: PGP signature
Re: KJV Bible - Crown Copyright in UK
On Tue, Nov 08, 2005 at 07:52:26PM +0100, Florian Weimer wrote: * Lionel Elie Mamane: Please investigate this before uploading to Debian. Or alternatively, depend on the bible-kjv-text package, which already is in main. The text included in bible-kjv-text is not SWORD-compatible. I looked :) -Roberto -- Roberto C. Sanchez http://familiasanchez.net/~roberto pgpdkGKrMLokV.pgp Description: PGP signature
Re: Is this OK to get httperf back into main?
[Please CC me, I am not on -legal] On Wed, Jun 29, 2005 at 08:51:12PM -0700, Martin Arlitt wrote: Roberto all of the copyright holders have agreed to the exception. as for the rewording of the exception, I will have to check with the people who provided me with the exception that I sent you. I won't be able to get an answer to you until after July 4th. Martin That's fine. I am more interested in doing this correctly (so the problem does not resurface), rather than quickly. As it stands, httperf is no longer in the stable Debian distribution, so there is no need to rush. -Roberto On Wed, 29 Jun 2005, Roberto C. Sanchez wrote: [Please CC me, I am not on -legal] On Thu, Jun 30, 2005 at 01:10:07AM +0200, Francesco Poli wrote: On Wed, 29 Jun 2005 15:01:51 -0400 Roberto C. Sanchez wrote: Is this OK to get httperf back into main? Assuming that * httperf is currently released under the GNU GPL v2 It is. * the only issue that bans httperf from main is its linking against OpenSSL Aside from OpenSSL, it links to libc6. * every copyright holder has agreed to grant a link exception I believe so. Martin, is this statement true? * httperf does not include or link against any other purely GPL'd work (i.e. with no link exception for OpenSSL) It does not. then yes, it seems that an appropriate link exception would suffice. [...] In addition, as a special exception, the copyright holders give permission to link the code of httperf with the OpenSSL I think that an s/of httperf/of this work/ would improve the exception, as it would apply even to a differently-named modified version of httperf. project's OpenSSL library (or with modified versions of it that use the same license as the OpenSSL library), and distribute the linked executables. Following http://www.fsf.org/licensing/licenses/gpl-faq.html#GPLIncompatibleLibs, the canonical phrasing suggests an s/the linked executables/linked combinations including the two/ Martin, would you consider the suggested changes? You must obey the GNU General Public License in all respects for all of the code used other than OpenSSL. If you modify this file, you may extend this exception to your version of the file, but you are not obligated to do so. If you do not wish to do so, delete this exception statement from your version. -Roberto -- Roberto C. Sanchez http://familiasanchez.net/~sanchezr -- Roberto C. Sanchez http://familiasanchez.net/~sanchezr pgpvs8QdGN8hu.pgp Description: PGP signature
Is this OK to get httperf back into main?
Is this OK to get httperf back into main? -Roberto - Forwarded message from [EMAIL PROTECTED] - Date: Wed, 29 Jun 2005 07:43:27 -0700 (PDT) From: Martin Arlitt [EMAIL PROTECTED] Reply-To: Martin Arlitt [EMAIL PROTECTED] Subject: Re: forwarded message from Roberto C. Sanchez To: Roberto C. Sanchez [EMAIL PROTECTED] Roberto here is the text of the exception. please let me know if this is adequate for your needs. In addition, as a special exception, the copyright holders give permission to link the code of httperf with the OpenSSL project's OpenSSL library (or with modified versions of it that use the same license as the OpenSSL library), and distribute the linked executables. You must obey the GNU General Public License in all respects for all of the code used other than OpenSSL. If you modify this file, you may extend this exception to your version of the file, but you are not obligated to do so. If you do not wish to do so, delete this exception statement from your version. thanks Martin - End forwarded message - -- Roberto C. Sanchez http://familiasanchez.net/~sanchezr -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Is this OK to get httperf back into main?
[Please CC me, I am not on -legal] On Thu, Jun 30, 2005 at 01:10:07AM +0200, Francesco Poli wrote: On Wed, 29 Jun 2005 15:01:51 -0400 Roberto C. Sanchez wrote: Is this OK to get httperf back into main? Assuming that * httperf is currently released under the GNU GPL v2 It is. * the only issue that bans httperf from main is its linking against OpenSSL Aside from OpenSSL, it links to libc6. * every copyright holder has agreed to grant a link exception I believe so. Martin, is this statement true? * httperf does not include or link against any other purely GPL'd work (i.e. with no link exception for OpenSSL) It does not. then yes, it seems that an appropriate link exception would suffice. [...] In addition, as a special exception, the copyright holders give permission to link the code of httperf with the OpenSSL I think that an s/of httperf/of this work/ would improve the exception, as it would apply even to a differently-named modified version of httperf. project's OpenSSL library (or with modified versions of it that use the same license as the OpenSSL library), and distribute the linked executables. Following http://www.fsf.org/licensing/licenses/gpl-faq.html#GPLIncompatibleLibs, the canonical phrasing suggests an s/the linked executables/linked combinations including the two/ Martin, would you consider the suggested changes? You must obey the GNU General Public License in all respects for all of the code used other than OpenSSL. If you modify this file, you may extend this exception to your version of the file, but you are not obligated to do so. If you do not wish to do so, delete this exception statement from your version. -Roberto -- Roberto C. Sanchez http://familiasanchez.net/~sanchezr pgps9dppR1MPQ.pgp Description: PGP signature
Re: Request for a sponsor for Felix
On Fri, May 27, 2005 at 10:44:49AM +1000, John Skaller wrote: Felix is a 'free for any use' open source advanced License text [0]: Licence Copyright (C) 2004 John Skaller. Felix is Free For Any Use. Redistribution and use in source and binary forms, with or without modification, are permitted. No offense, but you might want to consider using one of the many licenses out there [1]. They are much more well understood and have been well thought out. Your license may leave out things that become important in the future. Based on what your license is trying to say, you may want to consider the MIT/X license, BSD (w/o advertising clause), or public domain. IANAL, but I have seen enough discussions about license issues becuase someone wrote their own and forgot something to think that it is usually a Bad Idea(TM). -Roberto [0] http://felix.sourceforge.net/current/www/licence.html [1] http://zooko.com/license_quick_ref.html -- Roberto C. Sanchez http://familiasanchez.net/~sanchezr pgpD0lXn55SIk.pgp Description: PGP signature
Re: License question about regexplorer
Quoting Roberto C. Sanchez [EMAIL PROTECTED]: Florian Weimer wrote: QPL is usually considered free, but its use is discouraged. An additional exception, as granted by OCaml for example, can improve things. Even though the license says this: You must ensure that all recipients of the machine-executable forms are also able to receive the complete machine-readable source code to the distributed Software, including all modifications, without any charge beyond the costs of data transfer, and place prominent notices in the distribution explaining this. Is this not similar to placing a restriction that binary distribution must be at no cost, or something similar? Is it OK in this case beacuse it only mandates that access to the source must be at no cost? I know that this OK in the case of Debian distributing the source, since there is no charge for people to access the mirrors, but I don't see how this complies with DFSG #1. If I want to sell someone a QPL program, I can only sell the binary and must give away the source. So is the source not part of the program for the purposes of DFSG #1? I don't mean to be belligerent. I just want to make sure I understand. I talked with Branden yesterday and he explained this rather clearly. The requirement in the QPL is no different than the requirement in the GPL that source either accompany the binary, or that a written offer be extended, good for 3 years, blah, blah, only charge a reasonable amount for copying and all that. Sorry for the misunderstanding. I withdraw my question. -Roberto -- Roberto C. Sanchez http://familiasanchez.net/~sanchezr -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: [Fwd: [gnu.org #243939] Question about 3-clause BSD and GPL compatibility]
Bas Zoetekouw wrote: Hi Roberto! You wrote: Per Branden's request, I am forwarding this to -legal. FSF says that the 3-clause BSD-type license is GPL-compatible. http://cvs.sourceforge.net/viewcvs.py/wx4j/modules/wx4j/LICENSE.TXT?rev=1.2view=markup ddd This is not a 3-clause BSD license, but rather an MIT/X11-like one, which is indeed compatible with the GPL Thanks for the clarification. -Roberto -- Roberto C. Sanchez http://familiasanchez.net/~sanchezr signature.asc Description: OpenPGP digital signature
Re: License question about regexplorer
Florian Weimer wrote: * Roberto C. Sanchez: I have been recently checking out packages up for adoption or already orphaned. In the process I came across regexplorer [0]. Here are the dependencies of regexplorer and their respective licenses (as I understand it): * libc6 (LGPL) * libgcc1 (GPL w/ exception) * libqt3c102-mt (QPL/GPL) * libstdc++5 (GPL) * libx11-6 (MIT/X) * libxext6 (MIT/X) And the problem is that regexplorer is licensed under the plain QPL? Yes. My question is this. Is Debian accepting QT3 under the GPL or the QPL? As far as I know, Debian complies with the QPL requirements, so we can choose between QPL and GPL on a per-application basis. OK. So if someone offers a program under a dual license, it is possible to accept it under the terms of both licenses at the same time? Specifically: (1) is the exception for libgcc1 sufficient for regexplorer to link? Yes, as long as you use GCC to compile regexplorer. (2) is QT3 in Debian via QPL or GPL? It's dual-licensed. Same question as above. (3) is libstdc++5 actually GPL w/o exception? No, all source files should be covered by the usual exception. If they aren't, upstream considers this a bug. Oops. I went back and read the copyright file and saw right where I missed it. Additionally, it seems like QPL licensed code can't be in main QPL is usually considered free, but its use is discouraged. An additional exception, as granted by OCaml for example, can improve things. Even though the license says this: You must ensure that all recipients of the machine-executable forms are also able to receive the complete machine-readable source code to the distributed Software, including all modifications, without any charge beyond the costs of data transfer, and place prominent notices in the distribution explaining this. Is this not similar to placing a restriction that binary distribution must be at no cost, or something similar? Is it OK in this case beacuse it only mandates that access to the source must be at no cost? I know that this OK in the case of Debian distributing the source, since there is no charge for people to access the mirrors, but I don't see how this complies with DFSG #1. If I want to sell someone a QPL program, I can only sell the binary and must give away the source. So is the source not part of the program for the purposes of DFSG #1? I don't mean to be belligerent. I just want to make sure I understand. -Roberto -- Roberto C. Sanchez http://familiasanchez.net/~sanchezr signature.asc Description: OpenPGP digital signature
License question about regexplorer
I have been recently checking out packages up for adoption or already orphaned. In the process I came across regexplorer [0]. Here are the dependencies of regexplorer and their respective licenses (as I understand it): * libc6 (LGPL) * libgcc1 (GPL w/ exception) * libqt3c102-mt (QPL/GPL) * libstdc++5 (GPL) * libx11-6 (MIT/X) * libxext6 (MIT/X) My question is this. Is Debian accepting QT3 under the GPL or the QPL? According the FSF FAQ on licenses [1], the QPL says that modified sources must be distrubted as patches, and that linking to GPL code requires a license exception. However, it gets a bit more complex. I know that this has more or less been discussed before [2], but I think the circumstances have changed. Specifically: (1) is the exception for libgcc1 sufficient for regexplorer to link? (2) is QT3 in Debian via QPL or GPL? (3) is libstdc++5 actually GPL w/o exception? It seems that if any of those fails, then regexplorer can't link to them unless it is relicensed. Additionally, it seems like QPL licensed code can't be in main (which may or may not affect QT and any packages that depend on it, depending on how Debian chooses to make QT available), at least under the version used by regexplorer [3] [4]: QPL: 3. You may make modifications to the Software and distribute your modifications, in a form that is separate from the Software, such as patches. The following restrictions apply to modifications: ME: Ok. This is not reall a problem, since we distribute source as a .orig.tar.gz and a .diff.gz. This is clearly seperate. QPL: a. Modifications must not alter or remove any copyright notices in the Software. ME: No problem here either. QPL: b. When modifications to the Software are released under this license, a non-exclusive royalty-free right is granted to the initial developer of the Software to distribute your modification in future versions of the Software provided such versions remain available under these terms in addition to any other license(s) of the initial developer. ME: Does this mean that the Debian-specific packaging must be QPL licensed? It is a patch modification to the source. I presume that non-exclusive means Debian can continue to distribute the modifications themselves under other terms, e.g., the GPL. But, I think this implies the modifications must at least be dual/licensed. QPL: 4. You may distribute machine-executable forms of the Software or machine-executable forms of modified versions of the Software, provided that you meet these restrictions: ME: Ok. At least there is a chance to distribute the modified binaries. QPL: a. You must include this license document in the distribution. ME: No sweat. QPL: b. You must ensure that all recipients of the machine-executable forms are also able to receive the complete machine-readable source code to the distributed Software, including all modifications, without any charge beyond the costs of data transfer, and place prominent notices in the distribution explaining this. ME: Does this even comply with DFSG? This would imply that if make a CD which includes regexplorer (which is in main), then I can't charge money for it above the cost of duplication. QPL: c. You must ensure that all modifications included in the machine-executable forms are available under the terms of this license. ME: Not sure how that affects Debian's distribution of the package. Sorry if this has already been discussed, but I am trying to wrap my head around this. Also, please CC me on all replies, as I am not subcribed to -legal. -Roberto [0] http://pacakges.debian.org/regexplorer [1] http://www.fsf.org/licensing/licenses/index_html#GPLIncompatibleLicenses [2] http://lists.debian.org/debian-legal/2000/01/msg00203.html [3] http://cvs.sourceforge.net/viewcvs.py/*checkout*/regexplorer/regexplorer/QPL.html?rev=1.1.1.1 [4] http://packages.debian.org/changelogs/pool/main/r/regexplorer/regexplorer_0.1.6-12/regexplorer.copyright -- Roberto C. Sanchez http://familiasanchez.net/~sanchezr signature.asc Description: OpenPGP digital signature
Re: [WASTE-dev-public] Do not package WASTE! UNAUTHORIZED SOFTWARE [Was: Re: Questions about waste licence and code.]
Peter Samuelson wrote: I know at least one developer on a prominent open source project who believes otherwise, and claims to be prepared to revoke their license to her code, if they do certain things to piss her off. Presumably this is grounded on the basis of her having received no consideration, since it's a bit harder to revoke someone's right to use something they bought and paid for. It is also possible that she's a looney. That is completely not possible. Once you offer (and someone accepts) code under the terms of the GPL, they are for evermore entitled to use *that* code under the GPL. About the only thing that can be done is to quite releasing new versions of the software or release newer versions under a more restrictive license. That, or hope everyone who receives the code violates the GPL (since that is about the only you lose your rights under it after the fact). Yes, I'm aware that if it's possible to revoke the GPL, it fails the Tentacles of Evil test, and GPL software would be completely unsuitable for any serious deployment. Note, however, that but it *can't* be that way because if it is, we're all in trouble is not a very strong argument. But it can't be done, period. Reference: http://www.gnu.org/philosophy/free-sw.html In order for these freedoms to be real, they must be irrevocable as long as you do nothing wrong; if the developer of the software has the power to revoke the license, without your doing anything to give cause, the software is not free. -Roberto -- Roberto C. Sanchez http://familiasanchez.net/~sanchezr signature.asc Description: OpenPGP digital signature
Re: Question on gnuplot licensing and why it is in main
Henning Makholm wrote: No, because the quoted license explicitly allows the distribution of binaries built from modified sources. That kind of patch-clause licenses is specifically blessed by DFSG #4. OK. I think understand. qmail and pine are non-free because they disallow binary distribution, period. gnuplot can go into main since the Debian project distributes sources as a .orig.tar.gz and a .diff.gz (except for native Debian packages like apt)? For instance, if DFSG required the ability to distribute complete modified source as one monolithic entity, then that would be incompatible. Correct? I am just trying to make sure that I understand this, for my own edification. -Roberto P.S. Please CC me, as I am not subscribed to -legal. -- Roberto C. Sanchez http://familiasanchez.net/~sanchezr signature.asc Description: OpenPGP digital signature
Question on gnuplot licensing and why it is in main
While looking at the gnuplot documentation (trying to figure out how to make a bar graph) I came across this in the FAQ: 1.6 Legalities Gnuplot is freeware authored by a collection of volunteers, who cannot make any legal statement about the compliance or non-compliance of gnuplot or its uses. There is also no warranty whatsoever. Use at your own risk. Citing from the README of a mathematical subroutine package by R. Freund: For all intent and purpose, any description of what the codes are doing should be construed as being a note of what we thought the codes did on our machine on a particular Tuesday of last year. If you're really lucky, they might do the same for you someday. Then again, do you really feel *that* lucky? 1.7 Does gnuplot have anything to do with the FSF and the GNU project? Gnuplot is neither written nor maintained by the FSF. It is not covered by the General Public License, either. It used to be distributed by the FSF, however, due to licensing issues it is no longer. Gnuplot is freeware in the sense that you don't have to pay for it. However it is not freeware in the sense that you would be allowed to distribute a modified version of your gnuplot freely. Please read and accept the Copyright file in your distribution. So, I checked the copyright file and found this: * Permission to modify the software is granted, but not the right to * distribute the complete modified source code. Modifications are to * be distributed as patches to the released version. Permission to * distribute binaries produced by compiling modified sources is granted, * provided you * 1. distribute the corresponding source modifications from the *released version in the form of a patch file along with the binaries, * 2. add special version identification to distinguish your version *in addition to the base release version number, * 3. provide your name and address as the primary contact for the *support of your modified version, and * 4. retain our contact information in regard to use of the base *software. * Permission to distribute the released version of the source code along * with corresponding source modifications in the form of a patch file is * granted with same provisions 2 through 4 for binary distributions. This seems very similar to the pine and qmail licenses (http://www.fsf.org/licensing/licenses/license-list.html#NonFreeSoftwareLicense) which would make it non-free. Is this correct? Should a bug be filed against the gnuplot* packages? -Roberto P.S. please CC me as I am not subscribed to -legal -- Roberto C. Sanchez http://familiasanchez.net/~sanchezr signature.asc Description: OpenPGP digital signature
