Re: [License-discuss] Can OSI take stance that U.S. public domain is open source?
The analoguous explanation for why cc0 didn't qualify is that it explicitly said you get rights a and b but not c, with c a necessary right to copy and use the software. It should be obvious that - even if you'd disagree wrt patents - at least for some values of c that is clearly not open source. The fact that many older licenses are silent/ambiguous about c, and were written in a time when c didn't exist, is a different problem. henrik On 3 May 2014 23:14, John Cowan co...@mercury.ccil.org wrote: Richard Fontana scripsit: When the MXM license was considered, some people pointed to OSD #7 as suggesting that a sufficiently narrowly-drawn patent license grant in a license would not be Open Source. This was the problem I raised when CC0 was submitted. It was the inconsistency. It depends on your view of how the OSD applies to patents. Since it nowhere mentions them, I don't see how it can apply to them. #7 merely says that licenses of the form You get rights a, b, and c, whereas your transferees only get rights a and b, possibly qualified by unless they sign this, aren't open-source licenses. I continue to think that our CC0 decision was wrong insofar as it can be read as saying that the CC0 license is not an open-source (as opposed to OSI Certified) license. There may be reasons not to certify it, but not to deny that it is open source. -- John Cowan http://www.ccil.org/~cowanco...@ccil.org Female celebrity stalker, on a hot morning in Cairo: Imagine, Colonel Lawrence, ninety-two already! El Auruns's reply: Many happy returns of the day! ___ License-discuss mailing list License-discuss@opensource.org http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss ___ License-discuss mailing list License-discuss@opensource.org http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] Can OSI take stance that U.S. public domain is open source?
Henrik Ingo scripsit: The analoguous explanation for why cc0 didn't qualify is that it explicitly said you get rights a and b but not c, with c a necessary right to copy and use the software. It should be obvious that - even if you'd disagree wrt patents - at least for some values of c that is clearly not open source. Yes, but c (patent rights) is not granted to *anyone* by CC0. Whether those rights are necessary or not, they don't come within the ambit of OSD #7, which is about indirect distributees getting the same rights as direct distributees. Here, neither kind get any patent rights, so #7 is not triggered. You could argue that selling is a patent right, and OSD #1 is violated if a patent restricts you from selling software distributed under CC0. But #1 reads to me as a restriction on the license, which contains no such provision. If the open-source nature of CC0 is to be disproved, it must be shown that it violates some clause of the OSD. This is distinct from the prudence or otherwise of certifying the license. -- John Cowan http://www.ccil.org/~cowanco...@ccil.org It was dreary and wearisome. Cold clammy winter still held sway in this forsaken country. The only green was the scum of livid weed on the dark greasy surfaces of the sullen waters. Dead grasses and rotting reeds loomed up in the mists like ragged shadows of long-forgotten summers. --LOTR, The Passage of the Marshes ___ License-discuss mailing list License-discuss@opensource.org http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] Can OSI take stance that U.S. public domain is open source?
On Sat, May 3, 2014 at 10:34 PM, Richard Fontana font...@sharpeleven.org wrote: On Sat, 3 May 2014 22:07:19 +0300 Henrik Ingo henrik.i...@avoinelama.fi wrote: Does the US government grant itself patents, Yes. and if so, what does it do with those patents? Many are licensed to the private sector for revenue. That is so perverse I cannot even formulate words to explain how I feel about that... Wrt the original question it seems there are good grounds to ask federal employees to pony up an actual open source license, especially one of those that includes a patent license. That said, it seems most will agree that the public domain copyright is for all intents and purposes open source. I suppose this is comparable to how artistic license is open source but preferably you'd use a better license. henrik -- henrik.i...@avoinelama.fi +358-40-5697354skype: henrik.ingoirc: hingo www.openlife.cc My LinkedIn profile: http://fi.linkedin.com/pub/henrik-ingo/3/232/8a7 ___ License-discuss mailing list License-discuss@opensource.org http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] Can OSI take stance that U.S. public domain is open source?
John Cowan co...@mercury.ccil.org writes: I continue to think that our CC0 decision was wrong insofar as it can be read as saying that the CC0 license is not an open-source (as opposed to OSI Certified) license. There may be reasons not to certify it, but not to deny that it is open source. [warning: long] IMHO it would be a long-term problem for the OSI (and for open source in general, given the useful standardization/certification role OSI plays) to have there be licenses that we call open source but don't certify. After all, the *definition* of open source is supposed to be just whatever complies with the OSD. And our certification process is also Does this comply with the OSD?... So the two shouldn't diverge; to the extent that they do, we have a problem. The distinction we are being pushed toward, I think, is the subset of open source licenses (that is, OSD-compliant licenses) that the OSI would *recommend* for use. Er, if we did recommending :-). Right now, we don't, officially. We're edging into it warily, though, with the rearrangement of the http://opensource.org/licenses/ page, which starts off with the Popular Licenses section. This is not a criticism, by the way. Such tentative steps are the right way to get there. But in the long run I think we have two mutually exclusive choices: 1) Have licenses out in the world that are OSD-compliant, and that we informally agree are open source, but that we don't certify. This will cause growing divergence between what is open source and what the OSI has approved. That would be very, very bad. 2) Officially certify any license (or PD status / PD dedication) that is OSD-compliant as open source, but for most of them attach commentary explaining why most people probably shouldn't use it and why one should one of the popular licenses instead. (1) is a disaster. It will defeat much of the point of the OSI, in the long run. We're sort of doing the complement of (2) right now, with the Popular Licenses section. Whether it's useful to limit ourselves to labeling some licenses preferable, or should do the other side as well and label other licenses as yeah, it's open source, but we don't recommend using it for new code unless you have no choice is, of course, a complicated political question. We don't need to resolve it in this thread... ...but I think we do need to come to some sort of solution soon. The U.S. government is going to keep releasing what is (obviously) open source software into the public domain; CC0 is also becoming more popular in non-software works and will inevitably make inroads into software too. These works are all basically OSD-compliant, and will be treated by people as open source. If we don't find some way to incorporate those terms into our certification process, it's the certification mark that will be hurt in the long run, not the licenses / PD statuses. That's why I'm so worried by threads like that one I saw on GitHub that started this. Those folks are crying out for us to provide clarity, even if they don't know it yet :-), and we must find a way to do so. I completely agree, by the way, that we can be active about requiring certain kinds of patent promises. E.g., maybe we wouldn't certify PD itself for software works, but would certify PD *when accompanied by* a particular patent non-assertion text. We'd have a lot of leverage to do so, given that refusing to make that non-assertion promise, when asked for it, would draw attention to the fact that the party has now publicly decided not to be open source enough for the OSI. So I'm not saying we should just certify PD and CC0 and be done with it -- it's more complex than that. But the current limbo is not stable, and will inevitably damage the remarkable unanimity we currently have around OSI certification. We'll have to solve this, probably sooner rather than later. Best, -K ___ License-discuss mailing list License-discuss@opensource.org http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] Can OSI take stance that U.S. public domain is open source?
Quoting John Cowan (co...@mercury.ccil.org): [Appreciating and agreeing with what you say, FWIW, but I have one thing to add.] In the end, certification is just a convenience to the users: it says that a group of fairly knowledgeable people are willing to stand behind the cliam that each certified license conforms to the OSD. In my opinion, this is a particularly important function because of firms that publish deliberately deceptive licensing, such as sneaking extremely problematic and intrusive badgeware clauses, having the effect of greatly deterring all third-party commercial reuse, into what is publicly claimed to be [A]GPL v3 licensing using the 'legal notices or author attributions' incorporate-by-reference feature in section 7 of [A]GPL v3. SugarCRM, one of the main drivers of the badgeware model - back in the days when OSI was being arm-twisted by that gang of OSBC regulars in the advocacy effort that resulted in certification of dead-on-arrival minimal badgeware licence CPAL - appears to have pioneered this style of Section 7 hokery: The sponsoring firm behind a Web 2.0 hosted application claims in all the public marketing materials that the software is open source under GPLv3 or APGLv3, disclosing _only_ in obscure, not-easily-noticed places that they actually mean GPLv3 or APGLv3 with additional restrictions encumbering commercial third-party reuse. Admittedly, OSI's licence-certification program doesn't do much to stop this sort of chicanery, but at least OSI makes clear that its certificaiton program certifies specific licence texts and not also Everyone's Vaguely Similar Imitation Licences with Concealed Anti-Competition Restrictions. (As an aside, I also think SugarCRM and imitators' use of section 7, when last I checked on that usage[1], vastly exceeded the permitted scope of notice, e.g., the only notices that may be required to be included somewhere in the interactive user interface display are a copyright notice and warranty disclaimer if applicable: That is made clear in the licence text's definition of Appropriate Legal Notices. Requiring a company logo on every single user interace screen of the work and all derivative works exceed greatly what section 7 permits, not to mention requiring UI display of legal notices beyond the copyright notice and warranty disclaimer. This misuse is particularly egregious since the section 7 wording was edited to its present state at the request of SugarCRM, Inc., according to Richard Fontana's post to debian-legal a couple of years ago.[2]) [1] http://linuxgazette.net/159/misc/lg/sugarcrm_and_badgeware_licensing_again.html [2] https://lists.debian.org/debian-legal/2011/12/msg00045.html Richard opines in this post that SugarCRM's logo requirement as of mid-2007, in his judgement complied with FSF's intent about how intrusive badgeware might be and still remain free software. I respect Richard highly and of course believe him. By 2009, when I last checked SugarCRM's terms, they were excessive enough that IMO, if FSF still thinks that's not out of bounds for free software, they've lost their collective minds. ___ License-discuss mailing list License-discuss@opensource.org http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] Can OSI take stance that U.S. public domain is open source?
Richard, I just wanted to call out a neat statistical trick you just made: On Sun, May 4, 2014 at 9:06 PM, Richard Fontana font...@sharpeleven.org wrote: On Sun, 04 May 2014 11:48:13 -0500 Karl Fogel kfo...@red-bean.com wrote: I don't know offhand the current count of OSI-approved licenses but I think it is around 70. In a typical traditional server/desktop Linux distro, the numbers of distinct licenses regarded *reasonably* by the communities of users and distributors of that distro as open source must number at least in the several hundreds. (Think of the universe of licenses covering packages considered DFSG-conformant in Debian, since the criteria are at least superficially very similar to the OSD, its descendant.) Sure. But it isn't at bad as you make it sound. The above sounds like more than half of the licenses in Debian (as an example of the distro with most packages) are not OSI certified. At the same time, Debian has over 37k packages and what stats we have from blackduck and other sources make me comfortable in guessing that safely more than 99% and probably more than 99,9% of Debian packages do use an OSI certified license. From this point of view I'd say we are doing very well here. I obviously agree that it is important that reality and OSI converge, but at the same time it serves no useful purpose to spend time certifying things like GPLv1. ...but I think we do need to come to some sort of solution soon. The U.S. government is going to keep releasing what is (obviously) open source software into the public domain; CC0 is also becoming more popular in non-software works and will inevitably make inroads into software too. I'm going to out myself here and say that I believe CC0 is obviously lowercase-o, lowercase-s open source despite the clause about patents. That doesn't mean the OSI should have approved it, that doesn't mean the OSI should recommend its use in its current form or cease its current practice of recommending against its use. I have a similar view of US government public domain works (with the added problem that it is clear that many intellectual property lawyers working across different US government agencies are confused over what 17 USC 105 means). Yes, US works that are public domain worldwide are obviously open source, but as with CC0 this has some implications for how licenses that explicitly mention disposition of patent rights should be treated. Is the US governments exclusion of patents that explicit? I mean I don't contest it as a fact, but to a layman I don't expect legislation to be coherent or 100% intentional. Politics to me seems much more like a one hand giveth, one taketh away kind of situation. Kind of like the discussion whether the US government works truly are worldwide public domain or just except for all the other countries but US public domain. It's messy reality and there's nothing we can do about it. (Another analogue: do software patents exist in Europe or not? That's a good ice breaker for conversation, but I wouldn't want OSI to assume no as the correct answer for purposes of certifying licenses.) CC0 otoh had an explicit sentence excluding patent rights, that to me seems much more problematic. As we are going on the record then, I see a distinction between CC0 being intentionally wrong and US public domain works just being an imperfect legal construct. John keeps asking for statements like above to always be based on specific OSD paragraphs. Maybe that's a good idea. I'll try to express my judgement of CC0: The patent clause in CC0 fails in OSD compliance because: §1: it explicitly reserves the right to restrict some party or any party from selling, giving away and redistributing, now or at a future time. It also explicitly reserves the right to ask for royalties for such sale or redistribtuion. §5 and §6: even if the license text itself is neutral, it reserves the right for the licensor to discriminate between recipients of the license such as prohibiting some recipients from using or redistributing the software, or requiring royalties for some type of use or users. For example separating commercial/non-commercial, geographically or just tactically or even arbitrarily. I should note that this would be a very likely way of enforcing ones patent rights. §7: excluding a patent grant fails the intent of this paragraph, though technically the rights actually included in CC0 do satisfy this paragraph. §8 and §10: I see similar risks here: it is likely that a patent holder could enforce patents in a way that fail to meet the intent of these paragraphs, even if the license text otherwise is neutral here. henrik -- henrik.i...@avoinelama.fi +358-40-5697354skype: henrik.ingoirc: hingo www.openlife.cc My LinkedIn profile: http://fi.linkedin.com/pub/henrik-ingo/3/232/8a7 ___ License-discuss mailing list License-discuss@opensource.org
Re: [License-discuss] Can OSI take stance that U.S. public domain is open source?
Henrik Ingo scripsit: Is the US governments exclusion of patents that explicit? The only thing that makes the U.S. Government different from any other actor in IP law is that it cannot (and therefore its employees acting in the scope of their employment cannot) acquire copyright on any works it has created. It can and does hold copyright that has been transferred to it by other creators, and it can and does acquire patents. That is what makes the NOSA 1.3 important as an OSI certified license. It allows any U.S. government agency to open-source its works fully. John keeps asking for statements like above to always be based on specific OSD paragraphs. Maybe that's a good idea. I'll try to express my judgement of CC0: Thanks. I'll have to reflect further on your specifics about #5, #6, #8, and #10. As I said before, I think #1 is a reasonable argument against CC0 but #7 is not. -- John Cowan http://www.ccil.org/~cowanco...@ccil.org But that, he realized, was a foolish thought; as no one knew better than he that the Wall had no other side. --Arthur C. Clarke, The Wall of Darkness ___ License-discuss mailing list License-discuss@opensource.org http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] Can OSI take stance that U.S. public domain is open source?
Simon Phipps scripsit: We did not decide against CC0. The discussion was certainly at a low point when Creative Commons withdrew it from the approval process, but that's what happened, not an OSI denial. Had they persisted, I believe OSI would have needed to face the issue of how licenses treat patents. I stand corrected. -- John Cowan http://www.ccil.org/~cowanco...@ccil.org Any legal document draws most of its meaning from context. A telegram that says 'SELL HUNDRED THOUSAND SHARES IBM SHORT' (only 190 bits in 5-bit Baudot code plus appropriate headers) is as good a legal document as any, even sans digital signature. --me ___ License-discuss mailing list License-discuss@opensource.org http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss
[License-discuss] How licenses treat patents
Simon Phipps wrote in relation to CC0: ... Had they persisted, I believe OSI would have needed to face the issue of how licenses treat patents. There really aren't too many alternative ways for FOSS licenses to treat patents: * The FOSS license does not contain a patent license. * There is a patent license for the FOSS work as distributed. * There is a patent license for the FOSS work as distributed and its derivative works. * There is a patent license for all FOSS works. * The patent license is royalty-free and unencumbered for the implementation of a standard. I'm aware of FOSS-compatible licensing examples of each of these. There are also sloppy licenses where at first read the scope of the patent license isn't obvious. For example, the GPLv2 prohibits distribution if a patent encumbrance is actually encountered – but without offering a patent licenses directly. There are many examples of patent-encumbered software where the copyright owner doesn't own and can't license the patent. This is the problem of third party patents and patent trolls and university professors and US government employees. I know of an example of FOSS software where the patent claims are licensed separately (and for a fee) to almost the entire software industry already – but separately from the FOSS copyright license. Certain important codecs are licensed that way. There are even examples where the copyright owner is willing to grant a patent license for most FOSS applications but excludes certain applications. The Oracle/Sun/Java TCK licensing is an example of that. Given this wide assortment of alternatives, do you expect OSI to bless any one in particular? Probably the only grand solution to the patent problem is the one proposed by Richard Stallman and lots of others: Prohibit software patents entirely. But that ain't gonna happen in our lifetimes, so I hope OSI doesn't waste its time traveling down that particular long and winding road. /Larry Lawrence Rosen Rosenlaw Einschlag ( http://www.rosenlaw.com/ www.rosenlaw.com) 3001 King Ranch Road, Ukiah, CA 95482 Cell: 707-478-8932 Fax: 707-485-1243 From: Simon Phipps [mailto:si...@webmink.com] Sent: Sunday, May 4, 2014 4:05 PM To: license-discuss@opensource.org Cc: Karl Fogel Subject: Re: [License-discuss] Can OSI take stance that U.S. public domain is open source? On Sat, May 3, 2014 at 9:13 PM, John Cowan co...@mercury.ccil.org mailto:co...@mercury.ccil.org wrote: I continue to think that our CC0 decision was wrong insofar as it can be read as saying that the CC0 license is not an open-source (as opposed to OSI Certified) license. There may be reasons not to certify it, but not to deny that it is open source. We did not decide against CC0. The discussion was certainly at a low point when Creative Commons withdrew it from the approval process, but that's what happened, not an OSI denial. Had they persisted, I believe OSI would have needed to face the issue of how licenses treat patents. S. ___ License-discuss mailing list License-discuss@opensource.org http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss
Re: [License-discuss] How licenses treat patents
Lawrence Rosen scripsit: * The FOSS license does not contain a patent license. The issue appears to be whether there is a difference for OSI purposes between licenses that withhold patent rights and those which are silent about them. My view is that there is not, but others disagree. There are many examples of patent-encumbered software where the copyright owner doesn't own and can't license the patent. This is the problem of third party patents and patent trolls and university professors and US government employees. Inevitably so. In the nature of patents, no one can claim to indemnify a recipient against all possible patents. At most we can ask that the licensor himself license those which he has. -- John Cowan http://www.ccil.org/~cowanco...@ccil.org A rabbi whose congregation doesn't want to drive him out of town isn't a rabbi, and a rabbi who lets them do it isn't a man.--Jewish saying ___ License-discuss mailing list License-discuss@opensource.org http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss