Re: GPL "+" question

[Francesco Poli]

On Sun, 31 May 2015 13:10:14 -0400 Paul Tagliamonte wrote:

[...]
> They can do it because the license never changed, it was *just*
> distributed under a different set of terms (the GPLv2+ says you can
> distribute it as if it were GPLv3+ and everything is tidy -- it does *not*
> say you can yell "hocus pocus" and the license changes into GPLv3+ and
> can never be turned back.)

But here we are not talking about "GPL v2 or later"; we are talking
about files which (before being modified) were originally under
"LGPL v2 or later"...

And the LGPL v2 says you can yell "hocus pocus" (more or less).
Please see my previous message:
https://lists.debian.org/debian-legal/2015/05/msg00045.html



-- 
 http://www.inventati.org/frx/
 There's not a second to spare! To the laboratory!
. Francesco Poli .
 GnuPG key fpr == CA01 1147 9CD2 EFDF FB82  3925 3E1C 27E1 1F69 BFFE


pgpPxlKencabs.pgp
Description: PGP signature

Re: GPL "+" question

[Paul Tagliamonte]

On Sun, May 31, 2015 at 11:32:57AM +0100, Ian Jackson wrote:
> I think the problem here is the notion that a file necessarily has
> exactly one licence.

Totally agree.

[snip]

> So it is true that a downstream redistributor who does not change F
> cannot "change the licence", because the only permission needed (in
> copyright law) is that from upstream.  If upstream grant GPLv2+ then
> even if the downstream writes GPLv3+ then everyone can still rely on
> upstream's permission, putting the upstream GPLv2+ notice back.

They can do it because the license never changed, it was *just*
distributed under a different set of terms (the GPLv2+ says you can
distribute it as if it were GPLv3+ and everything is tidy -- it does *not*
say you can yell "hocus pocus" and the license changes into GPLv3+ and
can never be turned back.)

> However, if a downstream redistributor modifies the file, they can
> narrow the set of permissions.  This is because in copyright law, they
> have their own copyright in the modifications.  So if a downstream
> changes GPLv2+ to GPLv3+ _and modifies the file_ then the GPLv2+ is no
> longer applicable.

To the combined / derived work, yes. If the modifications were reverted,
there's no reason the file would be GPLv3+, it'd go back to the original
terms, since you (as *not* the copyright holder) can't relicense the
work.

[snip]

> (So I think Paul is wrong if he thinks, as he seems to, that it is a
> violation of copyright law to change GPLv2+ to GPLv3+ when merely
> redistributing.)

This is again confusing the issue. Let me be clear:

  A) You can *not* relicense a work that you don't hold.
  B) The GPL*+ grants you the right to redistribute under future terms and
 still be complient with the version that its license under.

You can use B to distribute under the GPLv3 if you would like, but *you
do not relicense the work*. It's still GPLv2.

You can take GPLv2+ and *distribute* it as if it was GPLv3, but you *do
not relicense* the work.

Given that A is a thing, you have no way to do that anyway.

> But to do so would be rude and we should try not to do it.  So I think
> that where practical if we can determine that a package is dual
> (or triple) licenced, we should document all the permissions - that
> is, all the licences.

I think that's sensable, I have a hard time believing upstreams are so
good, honestly, we should be thankful to the author of this package
we're talking about, since they took the time to document it was derived
(hopefully modified!) from a LGPL work.

> It appears that in this particular case package has been modified by
> the GPLv3+-preferring downstream.  In that case there is no permission
> to distribute under GPLv2+ any more.

Totally agree.

> I don't think it is sensible to insist that the Debian maintainer do a
> lot of work to try to discover whether some files in the package have
> /not/ been modified by the GPLv3+-preferring author (or by other
> people who contributed to that author's version and never saw a
> GPLv2+ licence).

I agree we should trust upstream in this case, but I'm generally
interested. I don't like the idea people think they can just magically
relicense files rather then use the right to redistribute.

> That work is not necessary in copyright law, and we aren't really
> doing the Free Software world much of a service by performing it - at
> least, once we have decided to package the GPLv3+ fork at all.
> 
> If someone wants to try to strip the GPLv3+ parts out of the fork
> then that's fine of course, but I don't think we should insist that
> the Debian maintainer do the necessary archaeology.

I don't think that's needed; I love the GPLv3 and I don't see a problem
here :)

I also wouldn't have the maintainer add it to the copyright file, but
there is a lot of misunderstanding on this thread on the mechanism by
which the GPLv3 works.

> > The proof is on you -- where does it say you can relicense someone
> > else's copyrighted work / IP? Not *redistribute*, *relicense*.
> 
> The answer to this question is very clear.  The proof is in the
> original licensing notice:
> 
>   either version 2 of the License, or (at your option) any later
>   version.
> 
> The downstream distributor may choose a later version (3, say, or "any
> version 3 or later) and comply with its terms.

No, wait  Ian :)

Full quote:

| This program is free software; you can redistribute it and/or modify
| it under the terms of the GNU General Public License as published by
| the Free Software Foundation; either version 2 of the License, or
| (at your option) any later version.

You may *redistribute* or *modify*. You may not *relicense*.

I can't come along to gettext and say "it's now GPLv3+", because it will
forever be GPLv2+ until the copyright holder(s) relicense. I can merely
redistribute it under the terms of the GPLv3+, until I modify it, where
I can change the terms of the derived work, but *not* the original
works.

If I revert my changes, there's no r

Re: GPL "+" question

[Ian Jackson]

Paul Tagliamonte writes ("Re: GPL "+" question"):
> They *can* since the work as modified *can* be distributed under the
> terms of the GPLv3+, *without* changing the original work's license, but
> the *file* can be distributed as GPLv3+, since that's the minimum
> license needed to comply with all parts.

I think the problem here is the notion that a file necessarily has
exactly one licence.

The only actually accurate statements one can make are "there is [not]
permission to distribute file F under licence L".


If you want to know "what licence does a file have" what you really
ean is "for what set of licences L1,L2,L3... is it the case that there
is permission to distribute".

So it is true that a downstream redistributor who does not change F
cannot "change the licence", because the only permission needed (in
copyright law) is that from upstream.  If upstream grant GPLv2+ then
even if the downstream writes GPLv3+ then everyone can still rely on
upstream's permission, putting the upstream GPLv2+ notice back.

However, if a downstream redistributor modifies the file, they can
narrow the set of permissions.  This is because in copyright law, they
have their own copyright in the modifications.  So if a downstream
changes GPLv2+ to GPLv3+ _and modifies the file_ then the GPLv2+ is no
longer applicable.


For Debian, there is the question of what to put in debian/copyright.

Obviously we need to put in debian/copyright some applicable Ln (that
is, an Ln which applies to all the files F).

If there is permission to distribute under L1,L2,... then it would be
legitimate in a copyright law sense to write in debian/copyright only
L1.  To do so would not be a breach of the copyright, because we would
be acting in accordance with L1.

(So I think Paul is wrong if he thinks, as he seems to, that it is a
violation of copyright law to change GPLv2+ to GPLv3+ when merely
redistributing.)

But to do so would be rude and we should try not to do it.  So I think
that where practical if we can determine that a package is dual
(or triple) licenced, we should document all the permissions - that
is, all the licences.


It appears that in this particular case package has been modified by
the GPLv3+-preferring downstream.  In that case there is no permission
to distribute under GPLv2+ any more.

I don't think it is sensible to insist that the Debian maintainer do a
lot of work to try to discover whether some files in the package have
/not/ been modified by the GPLv3+-preferring author (or by other
people who contributed to that author's version and never saw a
GPLv2+ licence).

That work is not necessary in copyright law, and we aren't really
doing the Free Software world much of a service by performing it - at
least, once we have decided to package the GPLv3+ fork at all.

If someone wants to try to strip the GPLv3+ parts out of the fork
then that's fine of course, but I don't think we should insist that
the Debian maintainer do the necessary archaeology.


> The proof is on you -- where does it say you can relicense someone
> else's copyrighted work / IP? Not *redistribute*, *relicense*.

The answer to this question is very clear.  The proof is in the
original licensing notice:

  either version 2 of the License, or (at your option) any later
  version.

The downstream distributor may choose a later version (3, say, or "any
version 3 or later) and comply with its terms.

Thanks,
Ian.


-- 
To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/21866.58201.37278.496...@chiark.greenend.org.uk

Re: GPL "+" question

[Riley Baird]

> > I'm not sure that you can grant the right of enforcing the license to
> > someone else,
> I suspect that for legal litigation you may need to represent the 
> copyright owner.

That's what I meant; I probably didn't word it clearly, though.


pgp4w78cg1zYD.pgp
Description: PGP signature

Re: GPL "+" question

[Ángel González]

On 31/05/15 00:10, Riley Baird wrote:

On Sat, 30 May 2015 23:24:53 +0200
Ángel González  wrote:

IMHO you would be the one responsible for enforcing the license...

Exactly. So, if a work is originally licensed under GPL-2+ and Person A
makes a copy and gives it to Person B under GPL-3. Now consider that
Person B gives a copy to Person C under GPL-2+. Person A can't enforce
the original copyright holder's copyrights. I find it difficult to
believe that the original copyright holder would enforce Person A's
license.


unless you also
granted (delegated?) the right of enforcing the work license to someone
else.

I'm not sure that you can grant the right of enforcing the license to
someone else,

Copyright collecting societies do so.


otherwise why wouldn't copyleft authors just let
give everyone the right to enforce their license?
I suspect that for legal litigation you may need to represent the 
copyright owner.
Also note that if authors gave that power to everyone, anyone attempting 
to exercise that
right would still need the author in order to prove that the author 
didn't also provide a

propietary license to the infringer,¹ so it wouldn't be that useful.
Usually, copyright collecting societies are the only ones entitled to 
license that author's
work, and their position when detecting infringement is thus quite 
different.



¹ unless they also gave up the right to ever license it under different 
terms, perhaps. A

very bad idea IMHO.


--
To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/556a50c1.2070...@gmail.com

Re: GPL "+" question

[Riley Baird]

On Sat, 30 May 2015 23:24:53 +0200
Ángel González  wrote:
> On 30/05/15 03:30, Riley Baird wrote:
>  Only the copyright holder can change what a *work* is licensed as.
> >> Unless the copyright holder grants the permission to do so, I would
> >> say...
> > Let's say I hold copyright on a work, and I grant someone else
> > permission to change the license of a work. Who would enforce the
> > second license? Only a copyright holder can enforce their copyrights.
> IMHO you would be the one responsible for enforcing the license...

Exactly. So, if a work is originally licensed under GPL-2+ and Person A
makes a copy and gives it to Person B under GPL-3. Now consider that
Person B gives a copy to Person C under GPL-2+. Person A can't enforce
the original copyright holder's copyrights. I find it difficult to
believe that the original copyright holder would enforce Person A's
license.

> unless you also
> granted (delegated?) the right of enforcing the work license to someone 
> else.

I'm not sure that you can grant the right of enforcing the license to
someone else, otherwise why wouldn't copyleft authors just let
give everyone the right to enforce their license?


pgp0cuqkC5oY0.pgp
Description: PGP signature

Re: GPL "+" question

[Ángel González]

On 30/05/15 03:30, Riley Baird wrote:

Only the copyright holder can change what a *work* is licensed as.

Unless the copyright holder grants the permission to do so, I would
say...

Let's say I hold copyright on a work, and I grant someone else
permission to change the license of a work. Who would enforce the
second license? Only a copyright holder can enforce their copyrights.
IMHO you would be the one responsible for enforcing the license... 
unless you also
granted (delegated?) the right of enforcing the work license to someone 
else.



--
To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/556a2aa5.90...@gmail.com

Re: GPL "+" question

[Ole Streicher]

Charles Plessy  writes:
> If it were me, I would give the benefit of the doubt to the upstream
> author of missfits, and trust him that if he added a GPLv3+ header, it
> is because he modified the files, as he says in the README.

When I adopted the first package from this author (sextractor), I asked
him per E-mail about this subdirectory -- more since a newer version of
the library in question (wcslib) is already in Debian, and I wanted to
avoid using a convienience copy. He convinced me then that his version
is slightly changed and therefore not just linkable with the original.

I didn't ask for his other packages (missfits, scamp, swarp, psfex; some
of them are already in Debian, others are now in NEW), but since they
all follow the same structure, I am quite sure that his arguments are
valid there as well.

> In that case, the license to be indicated in debian/copyright should
> be GPLv3+.

I re-uploaded the package with a (hopefully) clarifying comment in
debian/copyright; let's see how he decides now.

Best regards

Ole


-- 
To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/87h9quebju@debian.org

Re: GPL "+" question

[Riley Baird]

> > > Only the copyright holder can change what a *work* is licensed as.
> 
> Unless the copyright holder grants the permission to do so, I would
> say...

Let's say I hold copyright on a work, and I grant someone else
permission to change the license of a work. Who would enforce the
second license? Only a copyright holder can enforce their copyrights.


pgpEAoZd5rFUD.pgp
Description: PGP signature

Re: GPL "+" question

[Charles Plessy]

Le Fri, May 29, 2015 at 09:32:12AM +0200, Ole Streicher a écrit :
> 
> I just had a discussion with an ftp-master who rejected one of my
> packages. The package in question is "missfits". It contains a
> directory, src/wcs/ with files that were originally released by Mark
> Calabretta under LGPL-2+, but changed by the upstream author (Emmanuel
> Bertin) and released in the package under GPL-3+.
> 
> debian/copyright currently mentions only GPL-3+ for the whole package.
> 
> The ftp-master now asked me to add GPL-2+ for these files to
> debian/copyright. But I think that this would be wrong, since the files
> under src/wcs are not distributable under GPL-2+ (because they contain
> GPL-3+ code from Emmanuel Bertin).
> 
> Do I miss an important point here?

Hi Ole,

I am also surprised by this request (isn't there a typo with a "L" missing in
front of "GPL-2+" ?).

The README in src/wcs contains:

  > This directory contains a modified version of the WCSlib V2.2 library by 
Mark
  > Calabretta , released under the GNU Lesser General
  > Public License.  The original version was downloaded from
  > ftp://ftp.cv.nrao.edu/fits/src/wcs/.  See
  > http://www.atnf.csiro.au/people/mcalabre/WCS/wcslib for more details.

Here, the author of missfits says that he modified the copy of the WCSlib that
he redistributes with the sources of missfits.

In addition, he added a GPLv3+ header on top of each file.

Unfortunately, WCSlib version 2.2 is so old that I could not find a pristine
copy on the Internet to confirm that each file was really modified.

If it were me, I would give the benefit of the doubt to the upstream author of
missfits, and trust him that if he added a GPLv3+ header, it is because he
modified the files, as he says in the README.

In that case, the license to be indicated in debian/copyright should be GPLv3+.

Have a nice week-end,

Charles

-- 
Charles Plessy
Tsurumi, Kanagawa, Japan


-- 
To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20150529231946.gd4...@falafel.plessy.net

Re: GPL "+" question

[Francesco Poli]

On Fri, 29 May 2015 14:50:39 +0200 Ole Streicher wrote:

> Paul Tagliamonte  writes:
[...]
> > Only the copyright holder can change what a *work* is licensed as.

Unless the copyright holder grants the permission to do so, I would
say...

[...]
> 
> If the original license allows, then anyone can redistribute the files
> under a different license. And (L)GPL has a paragraph that allows this
> under certain conditions (namely LGPL -> GPL, and version upgrades).

The GNU LGPL v2 (which I understand is the original license for the
original files, before they were modified and released under the terms
of the GNU GPL v3 or later) states, in section 3:

|3. You may opt to apply the terms of the ordinary GNU General Public
|  License instead of this License to a given copy of the Library.  To do
|  this, you must alter all the notices that refer to this License, so
|  that they refer to the ordinary GNU General Public License, version 2,
|  instead of to this License.  (If a newer version than version 2 of the
|  ordinary GNU General Public License has appeared, then you can specify
|  that version instead if you wish.)  Do not make any other change in
|  these notices.
|
|Once this change is made in a given copy, it is irreversible for
|  that copy, so the ordinary GNU General Public License applies to all
|  subsequent copies and derivative works made from that copy.
| 
|This option is useful when you wish to copy part of the code of
|  the Library into a program that is not a library.

So it seems to me that it is indeed possible to redistribute those
files under the terms of the GNU GPL v3 or later, by altering the
permission notices so that they refer to the GPL-3+.
And this operation is irreversible. 

Hence, I cannot understand why the FTP masters asked you to add
"GPL-2+ for these files to debian/copyright", when "GPL-2+" seems to
have never described the licensing status for those files, before or
after their adaptation into the "missfits" package...

I hope this helps to shed some light on this garbled issue.
Bye.


-- 
 http://www.inventati.org/frx/
 There's not a second to spare! To the laboratory!
. Francesco Poli .
 GnuPG key fpr == CA01 1147 9CD2 EFDF FB82  3925 3E1C 27E1 1F69 BFFE


pgpdIKtqjc06D.pgp
Description: PGP signature

Re: GPL "+" question

[Simon McVittie]

On 29/05/15 16:30, Ole Streicher wrote:
> Miriam Ruiz  writes:
>> So in my opinion, if you modify a code which was released under GPL2+
>> and you license your modifications as GPL3+, the resulting work has to
>> also be GPL, and the terms or conditions that apply are those of the
>> version 3 of the lincense, or later, but you're not effectively
>> relicensing the code that is not yours, so that part would be still
>> licensed as GPL2+ by the author and copyright holder.
> 
> I may give to others the permission to use the modified/redistributed
> file under GPL-3+. This permission is what is usually called "License".
> 
> In that sense, the license is changed.

I think you're mixing up the license of a work, and the effective
license of a combined work.

A work is an abstract legal thing, dating back to when the most advanced
computer available was a monk with an abacus.

A file is a computing concept. The law says nothing about files. If
various people have contributed bits of a file, my understanding is that
the file is a combined work consisting of individual works by those people.

To distribute a file that contains one or more works in a way that
copyright would not normally allow without the result being illegal, you
must get permission from all the copyright holders. A copyright license
is just pre-emptive permission from a copyright holder - "if you follow
these conditions, the answer is yes" - so the most common way to get
permission from all the copyright holders is to comply with all the
conditions imposed by all the copyright holders, simultaneously. For
instance, if the file combines a GPL-2+ work with a GPL-3+ work, you
must simultaneously comply with both

 GPL-2 or GPL-3 or some future version

and

 GPL-3 or some future version

In this simple case, the second condition implies the first, so you
might use a shorthand: "this is effectively the same as the whole thing
being GPL-3+". However, this is just a shorthand, and the real status is
somewhat more complicated.

However, the general case is not this simple:

> http://www.opensource.apple.com/source/xnu/xnu-1456.1.26/bsd/sys/msg.h
> 
> This is a file that is initially copyrighted by Daniel Boulet (and
> licensed under BSD-2-Clause). However, without any other change, it also
> has the header
> 
> | Copyright (c) 2000-2007 Apple Inc. All rights reserved.
> | [...]
> | This file contains Original Code and/or Modifications of Original Code
> | as defined in and that are subject to the Apple Public Source License
> | Version 2.0 (the 'License'). You may not use this file except [...]

So what you have here is (claimed to be) a file containing a combination
of a work by Daniel Boulet, licensed under BSD-2-Clause, and a work by
Apple, licensed under APSL-2.0.

To distribute that file, assuming that the claim is true, you must
simultaneously comply with the conditions of the BSD-2-Clause license
(because if you don't, you are infringing Daniel Boulet's copyright),
and with the conditions of the APSL-2.0 (because if you don't, you are
infringing Apple's copyright).

If Apple have not, in fact, modified the file (except to add their
license boilerplate, which might not be sufficiently creative to be
considered to be a copyrightable work), then their assertion that they
hold copyright on the file might not actually be true. If that is the
case, then it might be possible (at your own legal risk) to disregard
that part, then defend yourself on that basis if they sue you. I
wouldn't want to try it myself, because Apple's lawyers are more
expensive than I can afford; and there's no real point anyway, because
you can presumably just get Daniel Boulet's original version of the file
from FreeBSD (?) and avoid the whole issue.

If the two licenses are contradictory (one says you must do something
and the other says you must not, e.g. GPL-2 and GPL-3, or GPL and
OpenSSL) then the combined work is non-distributable. I suspect these
two licenses are not contradictory, though - the BSD-2-clause license
doesn't require much.

> Would you accept such a file in Debian? It is clearly not BSD-licensed,
> even if an unchanged BSD-licensed version exists.

If we can exercise the rights demanded by the DFSG while simultaneously
complying with both the applicable licenses, then the work is Free.

I don't know the precise status of the APSL-2.0 (neither do I
particularly want to), but if the two licenses were a pair that I know
to be Free and non-contradictory (e.g. BSD-2-clause and GPL), then the
ftpmasters would (and frequently do) accept files like that in Debian.

S


-- 
To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/55689e39.5020...@debian.org

Re: GPL "+" question

[Paul R. Tagliamonte]

> Or a CLA. Or breaking copyright law. Or modified the work and distribute
> it under a superset of the old terms. Or or or :)

For the record; I don't believe Apple is breaking copyright law, and I
didn't mean to imply that :)


-- 
To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/CAO6P2QQOZvg4eP2Rrcbf2XRwVZY_c-bDhRaSWVE-+g=mfp-...@mail.gmail.com

Re: GPL "+" question

[Paul Tagliamonte]

On Fri, May 29, 2015 at 05:43:21PM +0200, Ole Streicher wrote:
> Paul Tagliamonte  writes:
> > I don't know any jurisdiction where I can take a work of yours and now
> > claim I have the rights to it under a different license.
> 
> Apple did, as I have shown. I think they have good lawyers.

Or a CLA. Or breaking copyright law. Or modified the work and distribute
it under a superset of the old terms. Or or or :)

(FWIW, BSD-alikes deal perfectly fine with further restrictions so long
 as their terms are met; GPL does not.)

> Best
> 
> Ole

For further clarification, I'd suggest asking the FSF about the
differences in relicensing vs redistributing under the GPL/LGPL.

Cheers,
  Paul


-- 
#define sizeof(x) rand()

:wq


signature.asc
Description: Digital signature

Re: GPL "+" question

[Ole Streicher]

Paul Tagliamonte  writes:
> I don't know any jurisdiction where I can take a work of yours and now
> claim I have the rights to it under a different license.

Apple did, as I have shown. I think they have good lawyers.

Best

Ole


-- 
To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/87lhg7e6ee@debian.org

Re: GPL "+" question

[Paul Tagliamonte]

Please end this thread, it's getting nuts. Ask the FSF if you're still unclear.

Thanks,
  Paul

On Fri, May 29, 2015 at 11:41 AM, Paul Tagliamonte  wrote:
> On Fri, May 29, 2015 at 05:11:12PM +0200, Ole Streicher wrote:
>> Again: please provide a reference for this. The copyright holder has
>> surely the initial right to license his work, but I don't see a reason
>> why he can't transfer this.
>
> Via copyright asignment, not licensing, unless the license includes a
> copyright asignment to an entity.
>
>> It is also wrong for the "changed" case that we have: If only the
>> copyright holder (Mark Calabretta) had the right to change the license,
>> then the files in question could not have been modified and distributed
>> under the GPL-3+ license by the upstream author (Emmanuel Bertin) --
>
> They *can* since the work as modified *can* be distributed under the
> terms of the GPLv3+, *without* changing the original work's license, but
> the *file* can be distributed as GPLv3+, since that's the minimum
> license needed to comply with all parts.
>
>> since even the modified files are still copyrighted by Mark, so the
>> Emmanuel alone could not change their license. This is, however, against
>> the idea of the "+" in the GPL versions.
>
> No, it's really not.
>
>> Therefore, please show a proof that only the copyright holder can change
>> the license.
>
> Wat? Copyright statute? What jurisdiction? If you want to fight this, I
> suggest you get a lawyer, I don't know any jurisdiction where I can take
> a work of yours and now claim I have the rights to it under a different
> license.
>
>
> The proof is on you -- where does it say you can relicense someone
> else's copyrighted work / IP? Not *redistribute*, *relicense*.
>
>
> Cheers,
>   Paul
>
> --
>  .''`.  Paul Tagliamonte   |   Proud Debian Developer
> : :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
> `. `'`  http://people.debian.org/~paultag
>  `- http://people.debian.org/~paultag/conduct-statement.txt



-- 
:wq


-- 
To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/cao6p2qqdbfbxp-w4amfwn0q0n_reh4zs+aqwygggevfzfs+...@mail.gmail.com

Re: GPL "+" question

[Ole Streicher]

Miriam Ruiz  writes:
> So in my opinion, if you modify a code which was released under GPL2+
> and you license your modifications as GPL3+, the resulting work has to
> also be GPL, and the terms or conditions that apply are those of the
> version 3 of the lincense, or later, but you're not effectively
> relicensing the code that is not yours, so that part would be still
> licensed as GPL2+ by the author and copyright holder.

I may give to others the permission to use the modified/redistributed
file under GPL-3+. This permission is what is usually called "License".

In that sense, the license is changed.

> So if you later removed the part of code that was covered by a
> different license, the resulting code would be still under the
> original license,

The license is usually granted to a file as a whole, not to specific
lines. If got got a changed file from me, and you revert my changes,
then you are still bound to the conditions that we agreed about when you
got the file -- these conditions are the "license". If we agreed on
GPL-3, then you are bound to GPL-3.

> because you were never the copyright holder, and you never had
> permission to relicense it. I seriously doubt that any judge would
> rule otherwise.

Just again this example:

http://www.opensource.apple.com/source/xnu/xnu-1456.1.26/bsd/sys/msg.h

This is a file that is initially copyrighted by Daniel Boulet (and
licensed under BSD-2-Clause). However, without any other change, it also
has the header

| Copyright (c) 2000-2007 Apple Inc. All rights reserved.
| [...]
| This file contains Original Code and/or Modifications of Original Code
| as defined in and that are subject to the Apple Public Source License
| Version 2.0 (the 'License'). You may not use this file except [...]

So, Apple puts another license to this file, probably without having the
permission of Daniel Boulet.

Would you accept such a file in Debian? It is clearly not BSD-licensed,
even if an unchanged BSD-licensed version exists.

When trusting the Apple Lawyers a bit, then this contradicts your
argumentation.

Best regards

Ole


-- 
To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/87pp5je701@debian.org

Re: GPL "+" question

[Paul Tagliamonte]

On Fri, May 29, 2015 at 05:11:12PM +0200, Ole Streicher wrote:
> Again: please provide a reference for this. The copyright holder has
> surely the initial right to license his work, but I don't see a reason
> why he can't transfer this.

Via copyright asignment, not licensing, unless the license includes a
copyright asignment to an entity.

> It is also wrong for the "changed" case that we have: If only the
> copyright holder (Mark Calabretta) had the right to change the license,
> then the files in question could not have been modified and distributed
> under the GPL-3+ license by the upstream author (Emmanuel Bertin) --

They *can* since the work as modified *can* be distributed under the
terms of the GPLv3+, *without* changing the original work's license, but
the *file* can be distributed as GPLv3+, since that's the minimum
license needed to comply with all parts.

> since even the modified files are still copyrighted by Mark, so the
> Emmanuel alone could not change their license. This is, however, against
> the idea of the "+" in the GPL versions.

No, it's really not.

> Therefore, please show a proof that only the copyright holder can change
> the license.

Wat? Copyright statute? What jurisdiction? If you want to fight this, I
suggest you get a lawyer, I don't know any jurisdiction where I can take
a work of yours and now claim I have the rights to it under a different
license.


The proof is on you -- where does it say you can relicense someone
else's copyrighted work / IP? Not *redistribute*, *relicense*.


Cheers,
  Paul

-- 
 .''`.  Paul Tagliamonte   |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Re: GPL "+" question

[Ole Streicher]

Paul Tagliamonte  writes:
> No, you may redistribute it under different terms, *not* relicense. You may
> *use* GPLv2+ as GPLv3+, *BUT* the original work is *STILL* GPLv2+, since
> you can't relicense works.

Sorry, but I still think "release under the terms of the General Public
License v3+" means that the file has the license GPLv3+.

> To relicense implies you hold copyright, since only the copyright
> holder can license their works, even copylefted works.

Again: please provide a reference for this. The copyright holder has
surely the initial right to license his work, but I don't see a reason
why he can't transfer this.

It is also wrong for the "changed" case that we have: If only the
copyright holder (Mark Calabretta) had the right to change the license,
then the files in question could not have been modified and distributed
under the GPL-3+ license by the upstream author (Emmanuel Bertin) --
since even the modified files are still copyrighted by Mark, so the
Emmanuel alone could not change their license. This is, however, against
the idea of the "+" in the GPL versions.

Therefore, please show a proof that only the copyright holder can change
the license.

Best regards

Ole


-- 
To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/87twuve7vz@debian.org

Re: GPL "+" question

[Miriam Ruiz]

2015-05-29 16:06 GMT+02:00 Ole Streicher :
> Paul Tagliamonte  writes:
>> On Fri, May 29, 2015 at 03:09:34PM +0200, Ole Streicher wrote:
>>> Same for me. However: the (L)GPL allows even an unmodified
>>> redistribution under a later license.
>> This is key -- redistribution. It doesn't change the license.
>
> It does. Just look into the license (resp. the header, for simplicity):
>
> | you can redistribute it and/or modify it under the terms of the GNU
> | General Public License as published by the Free Software Foundation;
> | either version 2 of the License, or (at your option) any later version.
>
> So, redistribution may change the license.

It is indeed quite a grey area, and quite confusing, in my opinion.
According with the (simple but enough for my purposes) definition in
Wikipedia ("Copyright is a form of intellectual property, applicable
to any expressed representation of a creative work. It is often shared
among multiple authors, each of whom holds a set of rights to use or
license the work, and who are commonly referred to as rightsholders.
These rights frequently include reproduction, control over derivative
works, distribution, public performance, and "moral rights" such as
attribution.") [1], it is the author[s] the one[s] who has the rights
to license the work.

GPL2 [2] says: "This License applies to any program or other work
which contains a notice placed by the copyright holder saying it may
be distributed under the terms of this General Public License. The
"Program", below, refers to any such program or work, and a "work
based on the Program" means either the Program or any derivative work
under copyright law: that is to say, a work containing the Program or
a portion of it, either verbatim or with modifications and/or
translated into another language.", so the unmodified program is
explicitly defined by the license as a "work based on the Program". It
also says that "Activities other than copying, distribution and
modification are not covered by this License; they are outside its
scope", so the license does explicitly not apply to relicensing. You
can't relicense other person's work released under GPL2.

What the license says is that "You must cause any work that you
distribute or publish, that in whole or in part contains or is derived
from the Program or any part thereof, to be licensed as a whole at no
charge to all third parties under the terms of this License". It is
also said that "If the Program specifies a version number of this
License which applies to it and "any later version", you have the
option of following the terms and conditions either of that version or
of any later version published by the Free Software Foundation. If the
Program does not specify a version number of this License, you may
choose any version ever published by the Free Software Foundation."

So in my opinion, if you modify a code which was released under GPL2+
and you license your modifications as GPL3+, the resulting work has to
also be GPL, and the terms or conditions that apply are those of the
version 3 of the lincense, or later, but you're not effectively
relicensing the code that is not yours, so that part would be still
licensed as GPL2+ by the author and copyright holder. So if you later
removed the part of code that was covered by a different license, the
resulting code would be still under the original license, because you
were never the copyright holder, and you never had permission to
relicense it. I seriously doubt that any judge would rule otherwise.

That's just my two cents.

Greetings,
Miry

[1] http://en.wikipedia.org/wiki/Copyright
[2] http://www.gnu.org/licenses/gpl-2.0.html


-- 
To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/CAFotxVMyvYNxbg+asOJHDNNMopMVfLVeEeKW4=cazhoedvr...@mail.gmail.com

Re: GPL "+" question

[Paul Tagliamonte]

On Fri, May 29, 2015 at 04:06:52PM +0200, Ole Streicher wrote:
> Paul Tagliamonte  writes:
> > On Fri, May 29, 2015 at 03:09:34PM +0200, Ole Streicher wrote:
> >> Same for me. However: the (L)GPL allows even an unmodified
> >> redistribution under a later license.
> > This is key -- redistribution. It doesn't change the license.
> 
> It does. Just look into the license (resp. the header, for simplicity):

No, it doesn't.

|   Each version is given a distinguishing version number. If the
| Library as you received it specifies that a certain numbered version
| of the GNU Lesser General Public License "or any later version"
| applies to it, you have the option of following the terms and
| conditions either of that published version or of any later version
| published by the Free Software Foundation.

Note this says you have the option of following the terms and conditions of
the version noted, *or* any later version, *not* that you relicense, you can
just follow different terms.

This means you can redistribute under the terms of whatever, but not relicense.

To relicense implies you hold copyright, since only the copyright holder
can license their works, even copylefted works.

> | you can redistribute it and/or modify it under the terms of the GNU
> | General Public License as published by the Free Software Foundation;
> | either version 2 of the License, or (at your option) any later version.
> 
> So, redistribution may change the license.

No, you may redistribute it under different terms, *not* relicense. You may
*use* GPLv2+ as GPLv3+, *BUT* the original work is *STILL* GPLv2+, since
you can't relicense works.

To relicense implies you hold copyright, since only the copyright holder
can license their works, even copylefted works.



Snipping the rest, this seems to be your major point of confusion.

Cheers,
  Paul


-- 
 .''`.  Paul Tagliamonte   |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Re: GPL "+" question

[Ole Streicher]

Paul Tagliamonte  writes:
> On Fri, May 29, 2015 at 03:09:34PM +0200, Ole Streicher wrote:
>> Same for me. However: the (L)GPL allows even an unmodified
>> redistribution under a later license.
> This is key -- redistribution. It doesn't change the license.

It does. Just look into the license (resp. the header, for simplicity):

| you can redistribute it and/or modify it under the terms of the GNU
| General Public License as published by the Free Software Foundation;
| either version 2 of the License, or (at your option) any later version.

So, redistribution may change the license.

> If I get this file after you say it's GPLv3, it's still LGPLv2.1+ to
> me if I remove it from other works that change the distribution terms

No: We got the files from upstream, and upstream granted us certain
permissions for them (this is what the license actually does). Then we
are bound to this conditions.

We could, ofcourse, get the same files from somewhere else (f.e. from
the original author), and these files then can be used under his
conditions. But this is a different story.

For example, I can give you a file that I got under MIT license, and ask
you not to distribute this file -- then you are bound to this,
independently whether the file is MIT licensed or not. The only thing
you could to is to take the same file from somewhere else and distribute
that.

Or, as an other example (which is closer to Debian): when I packaged
eso-midas, I found that it contained a file "sys/msg.h" that is
originally from NetBSD (with the appropriate license). The specific file
in the upstream tarball, however, was relicensed by Apple with the APSL
(DFSG incompatible) [1]. Even if the file was the same as the free
version, I think that I did it right to remove the file from the tarball
and replace it with the original version.

> I originally thought there was a different question being asked; sorry
> about that (the terms used and not looking at the source didn't help :))

In my case, the files are modified; so I think there is no doubt that
the files are under src/wcs are GPL-3+.

> Unmodified, the license of the works is unchanged, even if we
> *distribute* under a different one.

Could you put a reference on this?

Best regards

Ole

[1] http://www.opensource.apple.com/source/xnu/xnu-1456.1.26/bsd/sys/msg.h


-- 
To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/ytz617bmq9v@news.ole.ath.cx

Re: GPL "+" question

[Ole Streicher]

Maximilian  writes:
> and this seems to imply that the end user can choose which licence
> suits them.

Not only the end user -- also (in our case) the upstream author. So, he
can choose to redistribute the files under GPL-3+. Being them modified
or not.

> However, if Emmanuel Bertin's code is specifically licensed as GPLv3
> only then it needs to be made clear that this is the case where
> applicable - the fact that this code is GPLv3 only ought not affect
> the fact that the other original files may be GPLv2+.

True. However, the original files are not in the upstream tarball and
therefore do not need to be documented in debian/copyright.

This is even the case if original and redistributed filed differ only by
their license.

Best regards

Ole


-- 
To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/ytza8wnmsm1@news.ole.ath.cx

Re: GPL "+" question

[Paul Tagliamonte]

On Fri, May 29, 2015 at 03:09:34PM +0200, Ole Streicher wrote:
> Same for me. However: the (L)GPL allows even an unmodified
> redistribution under a later license.

This is key -- redistribution. It doesn't change the license. If I get
this file after you say it's GPLv3, it's still LGPLv2.1+ to me if I
remove it from other works that change the distribution terms (unless
it's been modified, in which case the licensing of the work on the whole
changes, and yadda yadda yadda)

I originally thought there was a different question being asked; sorry
about that (the terms used and not looking at the source didn't help :))

> It is up to upstream to decide
> whether he chooses the original or a later one. And since I take these
> files from upstream, not from the original author, I am bound to his
> decision, independently whether the files are modified or not.

Unmodified, the license of the works is unchanged, even if we
*distribute* under a different one.

> Therefore, if he chooses to redistribute the files in src/wcs/ under
> GPL-3+, than this is the license for these file, and it should be
> documented as such under debian/copyright. And in this case, the
> redistribution under a GPL-3+ is clear (by adding the according
> statement to the file headers).
> 
> > This doesn't appear to be the case, this looks like LGPLv2.1+ files were
> > modified by someone licensing their changes under GPLv3+, which is
> > legit. I believe treating this file as GPLv3+ is fine / good enough.
> 
> The reason here is not modification (although it makes this case clear),
> but redistribution. Upstream has chosen to redistribute the files under
> GPL-3+, and if we want to use these files, we have to respect this.
> 
> Best regards
> 
> Ole

-- 
 .''`.  Paul Tagliamonte   |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Re: GPL "+" question

[Ole Streicher]

Paul Tagliamonte  writes:
> On Fri, May 29, 2015 at 10:41:58PM +1000, Riley Baird wrote:
>> But there are multiple works being combined into the one file. So some
>> parts of the file are GPLv2+ and other parts of the file are GPLv3. The
>> file as a whole can only be distributed under GPLv3.
> I don't see the point in adding LGPL, *IFF* the works *ARE* modified
> and derived works. Not just straight copy-paste. I'd be interested
> in what changes took place, I don't see any marking of it.

Same for me. However: the (L)GPL allows even an unmodified
redistribution under a later license. It is up to upstream to decide
whether he chooses the original or a later one. And since I take these
files from upstream, not from the original author, I am bound to his
decision, independently whether the files are modified or not.

Therefore, if he chooses to redistribute the files in src/wcs/ under
GPL-3+, than this is the license for these file, and it should be
documented as such under debian/copyright. And in this case, the
redistribution under a GPL-3+ is clear (by adding the according
statement to the file headers).

> This doesn't appear to be the case, this looks like LGPLv2.1+ files were
> modified by someone licensing their changes under GPLv3+, which is
> legit. I believe treating this file as GPLv3+ is fine / good enough.

The reason here is not modification (although it makes this case clear),
but redistribution. Upstream has chosen to redistribute the files under
GPL-3+, and if we want to use these files, we have to respect this.

Best regards

Ole


-- 
To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/ytzeglzmsxd@news.ole.ath.cx

Re: GPL "+" question

[Maximilian]

I'm probably wrong, but the code that was originally GPLv2+ remains licensed 
under the GPLv2 *in addition* to the GPLv3 that the overall package is licensed 
under.

The GPLv2 states that:

'if the Program specifies a version number of this License which applies to it 
and "any later version", you have the option of following the terms and 
conditions *either* of that version *or* of any later version published by the 
Free Software Foundation' (my emphasis)

and this seems to imply that the end user can choose which licence suits them.

However, if Emmanuel Bertin's code is specifically licensed as GPLv3 only then 
it needs to be made clear that this is the case where applicable - the fact 
that this code is GPLv3 only ought not affect the fact that the other original 
files may be GPLv2+.

As said above I'm probably wrong, but at least that's the way I see it!


Regards,
Max

On 29 May 2015 08:32, Ole Streicher  wrote:
>
> Hi, 
>
> I just had a discussion with an ftp-master who rejected one of my 
> packages. The package in question is "missfits". It contains a 
> directory, src/wcs/ with files that were originally released by Mark 
> Calabretta under LGPL-2+, but changed by the upstream author (Emmanuel 
> Bertin) and released in the package under GPL-3+. 
>
> debian/copyright currently mentions only GPL-3+ for the whole package. 
>
> The ftp-master now asked me to add GPL-2+ for these files to 
> debian/copyright. But I think that this would be wrong, since the files 
> under src/wcs are not distributable under GPL-2+ (because they contain 
> GPL-3+ code from Emmanuel Bertin). 
>
> Do I miss an important point here? 
>
> Best regards 
>
> Ole 
>
>
> -- 
> To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org 
> with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org 
> Archive: https://lists.debian.org/ytzmw0nn8jn@news.ole.ath.cx 
>

Re: GPL "+" question

[Ole Streicher]

Paul Tagliamonte  writes:
> On Fri, May 29, 2015 at 09:32:12AM +0200, Ole Streicher wrote:
>> Hi,
>> 
>> I just had a discussion with an ftp-master who rejected one of my
>> packages. The package in question is "missfits". It contains a
>> directory, src/wcs/ with files that were originally released by Mark
>> Calabretta under LGPL-2+, but changed by the upstream author (Emmanuel
>> Bertin) and released in the package under GPL-3+.
>
> Upstream authors can't change licensing of any files, under any
> conditions, ever.

Generally spoken, this is wrong (or please point me to the source). For
example, I can give you a file saying "do what you want with it", then
this is the license.

However, "do what you want with it" includes that you can republish the
file as GPL.

For GPL. GPL-2+ contains a statement

| you can redistribute it and/or modify it under the terms of the GNU
| General Public License as published by the Free Software Foundation;
| either version 2 of the License, or (at your option) any later
| version.

which means: the upstream author is allowed to redistribute the (changed
or even unchanged) files under version 2, or also under version 3.

Since he redistributed them under version 3 or later, the license of
these files is GPL-3+. The statement above explicitely allows him to do
so.

> If I say a file is GPLv2+, it is forever GPLv2+

Could you strengthen this with a reference?

> even if it's combined with a GPLv3 work, in that case the *files* are
> still GPLv2+,

The files are modified. The author of the modification applied GPL-3+ to
the changed file. He has the right to do so (see above), and since
original and change are glued together (neither the change nor the
original are separately distributed by upstream), the modified file
cannot be distributed by GPL-2 anymore.

>> debian/copyright currently mentions only GPL-3+ for the whole package.
>
> Yeah, debian/copyright isn't what the binary is distributed under, it's
> what the source licenses are.

I speak about sources.

>> The ftp-master now asked me to add GPL-2+ for these files to
>> debian/copyright. But I think that this would be wrong, since the files
>> under src/wcs are not distributable under GPL-2+ (because they contain
>> GPL-3+ code from Emmanuel Bertin).
>
> Nah, it's wrong because you said LGPLv2+, adding it sounds right.

It is wrong. The files in src/wcs are not distributable under GPL-2,
since they contain changes that are GPL-3+.

> Only the copyright holder can change what a *work* is licensed as.
> Anyone can distribute a derived work inline witht he terms of their
> license. That may also contains other terms as well.

If the original license allows, then anyone can redistribute the files
under a different license. And (L)GPL has a paragraph that allows this
under certain conditions (namely LGPL -> GPL, and version upgrades).

Best regards

Ole


-- 
To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/ytziobbmtsw@news.ole.ath.cx

Re: GPL "+" question

[Riley Baird]

> > > If I say a file is GPLv2+, it is forever GPLv2+, even if it's combined
> > > with a GPLv3 work, in that case the *files* are still GPLv2+, that other
> > > file is a GPLv3 work, and the *combined work* is distributed under the
> > > terms of the GPLv3, since it satisfies the license of every file in the
> > > combined / derived work.

> > But there are multiple works being combined into the one file. So some
> > parts of the file are GPLv2+ and other parts of the file are GPLv3. The
> > file as a whole can only be distributed under GPLv3.

> That's literally what I said.

You gave the impression that each *file* could only be under one
license, which would be good for the purposes of d/copyright, but isn't
the case.


pgpgjisQHmj6s.pgp
Description: PGP signature

Re: GPL "+" question

[Paul R. Tagliamonte]

That's literally what I said.

d/copyright is for source not binary.
On May 29, 2015 8:42 AM, "Riley Baird" <
bm-2cvqnduybau5do2dfjtrn7zbaj246s4...@bitmessage.ch> wrote:

> > > I just had a discussion with an ftp-master who rejected one of my
> > > packages. The package in question is "missfits". It contains a
> > > directory, src/wcs/ with files that were originally released by Mark
> > > Calabretta under LGPL-2+, but changed by the upstream author (Emmanuel
> > > Bertin) and released in the package under GPL-3+.
> >
> > Upstream authors can't change licensing of any files, under any
> > conditions, ever.
> >
> > If I say a file is GPLv2+, it is forever GPLv2+, even if it's combined
> > with a GPLv3 work, in that case the *files* are still GPLv2+, that other
> > file is a GPLv3 work, and the *combined work* is distributed under the
> > terms of the GPLv3, since it satisfies the license of every file in the
> > combined / derived work.
>
> But there are multiple works being combined into the one file. So some
> parts of the file are GPLv2+ and other parts of the file are GPLv3. The
> file as a whole can only be distributed under GPLv3.
>

Re: GPL "+" question

[Paul Tagliamonte]

On Fri, May 29, 2015 at 10:41:58PM +1000, Riley Baird wrote:
> But there are multiple works being combined into the one file. So some
> parts of the file are GPLv2+ and other parts of the file are GPLv3. The
> file as a whole can only be distributed under GPLv3.

the terminology being thrown around was so confusing I had to look at the
source to see what was actually going on here :)


There was *one* work, which *was* LGPL. By an author. They published
it on their own.

This work will forver be LGPL.

The author of this package took that source, and *modified* it
(modified, *not* combined). This modified work is distributed as
GPLv3.

I don't see the point in adding LGPL, *IFF* the works *ARE* modified
and derived works. Not just straight copy-paste. I'd be interested
in what changes took place, I don't see any marking of it.

Defer to the ftp-master who processed it. Ask them for clarification
(feel free to point to this mail)


In the case where two works are combined into one file - this is
functionally compilation (at least not the preferred form of
modification, which means it's *not* source)

This doesn't appear to be the case, this looks like LGPLv2.1+ files were
modified by someone licensing their changes under GPLv3+, which is
legit. I believe treating this file as GPLv3+ is fine / good enough.

Cheers,
  Paul

-- 
 .''`.  Paul Tagliamonte   |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Re: GPL "+" question

[Riley Baird]

> > I just had a discussion with an ftp-master who rejected one of my
> > packages. The package in question is "missfits". It contains a
> > directory, src/wcs/ with files that were originally released by Mark
> > Calabretta under LGPL-2+, but changed by the upstream author (Emmanuel
> > Bertin) and released in the package under GPL-3+.
> 
> Upstream authors can't change licensing of any files, under any
> conditions, ever.
> 
> If I say a file is GPLv2+, it is forever GPLv2+, even if it's combined
> with a GPLv3 work, in that case the *files* are still GPLv2+, that other
> file is a GPLv3 work, and the *combined work* is distributed under the
> terms of the GPLv3, since it satisfies the license of every file in the
> combined / derived work.

But there are multiple works being combined into the one file. So some
parts of the file are GPLv2+ and other parts of the file are GPLv3. The
file as a whole can only be distributed under GPLv3.


pgp_WyX02xrY3.pgp
Description: PGP signature

Re: GPL "+" question

[Paul Tagliamonte]

On Fri, May 29, 2015 at 09:32:12AM +0200, Ole Streicher wrote:
> Hi,
> 
> I just had a discussion with an ftp-master who rejected one of my
> packages. The package in question is "missfits". It contains a
> directory, src/wcs/ with files that were originally released by Mark
> Calabretta under LGPL-2+, but changed by the upstream author (Emmanuel
> Bertin) and released in the package under GPL-3+.

Upstream authors can't change licensing of any files, under any
conditions, ever.

If I say a file is GPLv2+, it is forever GPLv2+, even if it's combined
with a GPLv3 work, in that case the *files* are still GPLv2+, that other
file is a GPLv3 work, and the *combined work* is distributed under the
terms of the GPLv3, since it satisfies the license of every file in the
combined / derived work.

> debian/copyright currently mentions only GPL-3+ for the whole package.

Yeah, debian/copyright isn't what the binary is distributed under, it's
what the source licenses are.

If it had MIT/Expat code, you'd still need it in debian/copyright if the
other files are GPLv2+

> The ftp-master now asked me to add GPL-2+ for these files to
> debian/copyright. But I think that this would be wrong, since the files
> under src/wcs are not distributable under GPL-2+ (because they contain
> GPL-3+ code from Emmanuel Bertin).

Nah, it's wrong because you said LGPLv2+, adding it sounds right.

Just because files are being combined in such a way that they're
distributed under different terms than some of the files doesn't mean we
exclude them.

Just like Expat is contained within BSD-3. Or ISC is contained in Expat.
You still need all three, since that's the licese for the file.

Only the copyright holder can change what a *work* is licensed as.
Anyone can distribute a derived work inline witht he terms of their
license. That may also contains other terms as well.

> Do I miss an important point here?
> 
> Best regards
> 
> Ole

Cheers,
 Paul

-- 
:wq


signature.asc
Description: Digital signature

Re: GPL "+" question

[Riley Baird]

> I just had a discussion with an ftp-master who rejected one of my
> packages. The package in question is "missfits". It contains a
> directory, src/wcs/ with files that were originally released by Mark
> Calabretta under LGPL-2+, but changed by the upstream author (Emmanuel
> Bertin) and released in the package under GPL-3+.
> 
> debian/copyright currently mentions only GPL-3+ for the whole package.
> 
> The ftp-master now asked me to add GPL-2+ for these files to
> debian/copyright. But I think that this would be wrong, since the files
> under src/wcs are not distributable under GPL-2+ (because they contain
> GPL-3+ code from Emmanuel Bertin).

From the facts you have given, I think that your view is correct.


pgpa6taNbDWeb.pgp
Description: PGP signature

GPL "+" question

[Ole Streicher]

Hi,

I just had a discussion with an ftp-master who rejected one of my
packages. The package in question is "missfits". It contains a
directory, src/wcs/ with files that were originally released by Mark
Calabretta under LGPL-2+, but changed by the upstream author (Emmanuel
Bertin) and released in the package under GPL-3+.

debian/copyright currently mentions only GPL-3+ for the whole package.

The ftp-master now asked me to add GPL-2+ for these files to
debian/copyright. But I think that this would be wrong, since the files
under src/wcs are not distributable under GPL-2+ (because they contain
GPL-3+ code from Emmanuel Bertin).

Do I miss an important point here?

Best regards

Ole


-- 
To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/ytzmw0nn8jn@news.ole.ath.cx

Re: GPL question [Was: Re: cdrtools]

[Daniel Schepler]

On Friday 11 August 2006 18:10 pm, Goswin von Brederlow wrote:
> I believe that the totaly interchangable option of specifying
> "-static" or not should not change the free-ness of the source or
> resulting binary. So if you link static and you agree that it is a
> violation that way then you should not be able to get away with it by
> linking dynamically.
>
> The GPL is viral in nature and specificaly made to work across linking
> boundaries. People should not be able to add non-free portitons to the
> source by hiding them in libraries.

I agree, but then "should" and "is" sometimes disagree.

But after thinking about it some more, I believe a dynamically linked binary 
together with the corresponding shared libraries should be considered as a 
distribution method for the complete program that gets assembled in a common 
address space.  Consider for example the case of EvilCo, back before dynamic 
linking was widespread, trying to use a GPL'd library in their non-free 
program.  They try to get around the GPL by distributing their compiled 
program code in a single .o file in a "mere aggregate" along with the GPL 
library .a file, and ask users to link the program themselves.  This is 
obviously bogus; they've just created an alternate means of distribution of 
the resulting binary, and so the binary itself must be distributable under 
the terms of the GPL, which it isn't.  And the case of a dynamically linked 
executable with shared libraries is almost exactly the same as this scenario, 
only it's the system dynamic linker doing the work instead of the user doing 
it manually.

Anyway, as somebody else pointed out, this is off-topic for debian-devel, and 
I apologize.  Please direct any replies to debian-legal (too bad kmail 
doesn't let me set Followup-To afaik).
-- 
Daniel Schepler



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Re: openssl vs. GPL question

[Regis Boudin]

Hi everyone,

>On 6/4/05, Dafydd Harries <[EMAIL PROTECTED]> wrote:
>> I have a package Alexandria, written in Ruby, which will depend on a
>> new library in the next version. This library, ruby-zoom, is an LGPL Ruby
>> binding of libyaz. libyaz links to OpenSSL and is, as far as I can tell,
>> under a 2-clause BSD licence. Everything fine so far.
>> 
>> But it seems to me that it will be impossible for Alexandria, which is
>> under the GPL, to use ruby-zoom legally as, by doing so, it will be
>> linking against OpenSSL, which is under a GPL-incompatible licence. Am I
>> right in thinking so?
>
>It is Debian's historical practice, and the FSF's stance, not to
>permit this kind of dependency (direct or indirect).  I believe
>strongly, and have adduced plenty of case law to demonstrate, that the
>FSF's GPL FAQ is in error on this point.  I would not say, however,
>that my opinion represents a debian-legal consensus.  See recent
>debian-legal threads about Quagga, which is in a similar position.
>
>> My understanding of this issue is based on reading this thread:
>> 
>> http://lists.debian.org/debian-legal/2002/10/msg00113.html
>> 
>> If there is indeed a licence problem here, I can see two main solutions:
>> 
>>  - Try to get libyaz in Debian to link against GnuTLS instead of
>>OpenSSL.
>> 
>>  - Get the maintainer of Alexandria to make an exception for linking
>>against OpenSSL.
>
>The latter is probably a better choice (at least in the short term),
>since the OpenSSL shim for GNU TLS was added to the GPL (not LGPL)
>libgnutls-extra.  (It's possible that it has since been moved into the
>LGPL portion, but I don't think so.)  While I don't believe in the
>FSF's theories about linking causing "GPL violation" (especially in
>the indirect scenario), it's the Debian way to request a clarification
>from upstream.
> 
>> I notice that the Tellico package, which is GPL, already links against
>> libyaz. Is this a licence violation?
>
>No; but there again, it would probably be best to check with upstream
>about whether they would mind adding an explicit "OpenSSL exemption". 
>Wishlist bug?

Sorry to arrive late, I am not on -legal, amd only noticed this thread
during one of my usual checking of what's happening around here. I appear
to be the maintainer of tellico, so I would like to have a good advice on
what to do for this problem.

I have CC'ed Robby Stephenson, who is the upstream author of Tellico, so he can
know and make a decision about it if he thinks he should.

Regards,
Regis 


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: openssl vs. GPL question

[Anthony DeRobertis]

Michael K. Edwards wrote:
> On 6/6/05, Michael K. Edwards <[EMAIL PROTECTED]> wrote:
> 
>>Whoops, I misattributed that message.  It's Brett Glass who wrote
>>that, NOT Theo de Raadt.  :-(
> 
> 
> And after Googling Brett Glass briefly, I doubt he has much concrete
> evidence to back up his claim that RMS plagiarized Symbolics code. [...]

Sorry about my last message; I managed to reply before seeing these
corrections.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: openssl vs. GPL question

[Anthony DeRobertis]

Michael K. Edwards wrote:

> P. S.  If you think that an FSF vendetta against OpenSSL would be an
> anomaly, or that RMS is purist about copyright law when it comes to
> his own conduct, you might be interested in Theo de Raadt's comments
> at http://www.monkey.org/openbsd/archive/tech/0002/msg00171.html .

That URL says "From: Brett Glass <[EMAIL PROTECTED]>" who is, AFAIK, not
Theo de Raadt. The only two Theo de Raadt postings in that thread are
essentially "go away."


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: openssl vs. GPL question

[Michael K. Edwards]

On 6/10/05, Anthony DeRobertis <[EMAIL PROTECTED]> wrote:
> Michael K. Edwards wrote:
> > You might also observe the comments at
> > http://bugs.mysql.com/bug.php?id=6924 and
> > http://bugs.mysql.com/bug.php?id=8508 regarding MySQL's retreat, first
> > from providing OpenSSL-enabled binaries, and then from referencing
> > OpenSSL in the server source code.  Any bets on whether there was a
> > quid pro quo involved when Eben Moglen submitted an affidavit in
> > Progress Software v. MySQL?
> 
> If you wish to allege underhanded dealings, please bring some evidence.

Perhaps it would be more accurate to say that MySQL's executives
appear to have been availing themselves of the services of the GPL
Compliance Lab, and have probably received a few letters on Columbia
University letterhead.

I think the FSF's entire handling of OpenSSL is underhanded.  For them
to make the false claim that API usage makes for a derivative work
when it suits them, and then to accept the copying of the OpenSSL API
into the GPL'ed yaSSL and the GPL'ed shim to GNU TLS, and then
recommend these alternatives over OpenSSL to all GPL licensors, is
beyond hypocritical.

As regards MySQL, here are some comments by one Tim Smith on bug 6924:


We would like to be able to release binaries with SSL support, and are
investigating different options for that.  I'm told that building with yassl is
possible right now, so this may be an option for you, depending on how you're
using MySQL, etc.

...

It's due to unclear license issues.  Basically, we'd be OK distributing
OpenSSL-enabled binaries, but anyone who redistributed them would probably be
violating the license.  Our licence doesn't have a clear exclusion that handles
OpenSSL.

I'm doing a bit of parroting here, since I'm not directly involved with making
these decisions.  I can tell you for sure that it's due to legal, not technical,
reasons.


Who do you suppose would be telling MySQL that they don't have the
ability to alter the license on their own software to accommodate
their own decision to use OpenSSL?

- Michael

Re: openssl vs. GPL question

[Anthony DeRobertis]

Michael K. Edwards wrote:
> You might also observe the comments at
> http://bugs.mysql.com/bug.php?id=6924 and
> http://bugs.mysql.com/bug.php?id=8508 regarding MySQL's retreat, first
> from providing OpenSSL-enabled binaries, and then from referencing
> OpenSSL in the server source code.  Any bets on whether there was a
> quid pro quo involved when Eben Moglen submitted an affidavit in
> Progress Software v. MySQL?

If you wish to allege underhanded dealings, please bring some evidence.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: openssl vs. GPL question

[Gervase Markham]

Michael K. Edwards wrote:

Do you know whether the NSS implementation is being certified at
source code level (a very unusual arrangement) using the sort of
maneuvers mentioned in the Linux Journal article on DMLSS?


I'm not able to say - it's not my area. If you are interested, 
news://news.mozilla.org/netscape.public.mozilla.crypto is the place to ask.


Gerv


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: openssl vs. GPL question

[Michael K. Edwards]

On 6/6/05, Michael K. Edwards <[EMAIL PROTECTED]> wrote:
> Whoops, I misattributed that message.  It's Brett Glass who wrote
> that, NOT Theo de Raadt.  :-(

And after Googling Brett Glass briefly, I doubt he has much concrete
evidence to back up his claim that RMS plagiarized Symbolics code.  If
he did, he probably would have tracked down a successor company,
acquired the copyright, and taken RMS to court.

I think I'd better stick to the primary literature ... it has to look
stupid when I accidentally cite a person with a known vendetta against
RMS (which I do not have, for the record) as a source of evidence
about RMS's past conduct.  :-/

- Michael

Re: openssl vs. GPL question

[Michael K. Edwards]

On 6/6/05, Michael K. Edwards <[EMAIL PROTECTED]> wrote:
> P. S.  If you think that an FSF vendetta against OpenSSL would be an
> anomaly, or that RMS is purist about copyright law when it comes to
> his own conduct, you might be interested in Theo de Raadt's comments
> at http://www.monkey.org/openbsd/archive/tech/0002/msg00171.html .  I
> don't necessarily agree with his opinions on the ethics of the GPL,
> but if he speaks from personal knowledge on RMS's handling of code
> owned by Symbolics, I'm rather disappointed in RMS.

Whoops, I misattributed that message.  It's Brett Glass who wrote
that, NOT Theo de Raadt.  :-(

Re: openssl vs. GPL question

[Michael K. Edwards]

On 6/6/05, Gervase Markham <[EMAIL PROTECTED]> wrote:
> The implementation of SSL in the Netscape NSS libraries is available
> under the GPL, and I believe certain versions of it have FIPS validation.
> http://www.mozilla.org/projects/security/pki/nss/fips/

I'm delighted to hear that.  It does not seem that the same is true of
YaSSL, and it perplexes me that MySQL has chosen it.

Do you know whether the NSS implementation is being certified at
source code level (a very unusual arrangement) using the sort of
maneuvers mentioned in the Linux Journal article on DMLSS?

Cheers,
- Michael

P. S.  If you think that an FSF vendetta against OpenSSL would be an
anomaly, or that RMS is purist about copyright law when it comes to
his own conduct, you might be interested in Theo de Raadt's comments
at http://www.monkey.org/openbsd/archive/tech/0002/msg00171.html .  I
don't necessarily agree with his opinions on the ethics of the GPL,
but if he speaks from personal knowledge on RMS's handling of code
owned by Symbolics, I'm rather disappointed in RMS.

Re: openssl vs. GPL question

[Gervase Markham]

Michael K. Edwards wrote:

Pity the MySQL folks; Progress Software were the ones who encouraged
them to switch to the GPL in the first place, and when that
relationship went bad, they fell right in with the FSF.  Switching to
YaSSL is going to cost them when it comes to DoD use of MySQL, since
some gutsy folks at the Defense Medical Logistics Standard Support
program are going through FIPS 140-2 validation on OpenSSL with
financing from the usual suspects (mostly IBM and HP); see
http://www.linuxjournal.com/article/7644 .


The implementation of SSL in the Netscape NSS libraries is available 
under the GPL, and I believe certain versions of it have FIPS validation.

http://www.mozilla.org/projects/security/pki/nss/fips/

Gerv


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: openssl vs. GPL question

[Michael K. Edwards]

And while we're at it, if you're curious what Eben Moglen gets out of
his relationship to the FSF, you might like to read
http://www.vidomi.com/fsfpop.php .  Evidently GPL "violators" retain
him as counsel to write them letters saying that their linking-ban
circumvention schemes qualify as "mere aggregation".  Wanna bet he
doesn't write those letters pro bono?  And he even puts them on
Columbia University letterhead.  Pretty.

Cheers,
- Michael

Re: openssl vs. GPL question

[Michael K. Edwards]

You might also observe the comments at
http://bugs.mysql.com/bug.php?id=6924 and
http://bugs.mysql.com/bug.php?id=8508 regarding MySQL's retreat, first
from providing OpenSSL-enabled binaries, and then from referencing
OpenSSL in the server source code.  Any bets on whether there was a
quid pro quo involved when Eben Moglen submitted an affidavit in
Progress Software v. MySQL?

Pity the MySQL folks; Progress Software were the ones who encouraged
them to switch to the GPL in the first place, and when that
relationship went bad, they fell right in with the FSF.  Switching to
YaSSL is going to cost them when it comes to DoD use of MySQL, since
some gutsy folks at the Defense Medical Logistics Standard Support
program are going through FIPS 140-2 validation on OpenSSL with
financing from the usual suspects (mostly IBM and HP); see
http://www.linuxjournal.com/article/7644 .

Cheers,
- Michael

Re: openssl vs. GPL question

[Michael K. Edwards]

On 6/6/05, Simon Josefsson <[EMAIL PROTECTED]> wrote:
> "Michael K. Edwards" <[EMAIL PROTECTED]> writes:
> 
> > And I wouldn't like to see Debian swept up in the apparent FSF
> > campaign to marginalize OpenSSL and its maintainers by threatening
> > legal action against anyone who links GPL code (FSF copyrighted or
> > not) to OpenSSL.  (I have not personally been the target of any such
> > threat, so this is definitely hearsay coming from me.)
> 
> I'd like more information on that campaign, if you or someone else can
> provide it.  Suggesting that something is "apparent" seem to conflict
> with your statement of "hearsay".

Letter from Bradley Kuhn at
http://marc.theaimsgroup.com/?l=openssl-users&m=97416854609383&w=2 ,
cited from thread at
http://www.ethereal.com/lists/ethereal-dev/200108/msg00115.html ,
referenced from http://www.dwheeler.com/essays/gpl-compatible.html .

See also thread at http://lists.debian.org/debian-legal/2003/01/msg00018.html .

Cheers,
- Michael

Re: openssl vs. GPL question

[Simon Josefsson]

"Michael K. Edwards" <[EMAIL PROTECTED]> writes:

> And I wouldn't like to see Debian swept up in the apparent FSF
> campaign to marginalize OpenSSL and its maintainers by threatening
> legal action against anyone who links GPL code (FSF copyrighted or
> not) to OpenSSL.  (I have not personally been the target of any such
> threat, so this is definitely hearsay coming from me.)

I'd like more information on that campaign, if you or someone else can
provide it.  Suggesting that something is "apparent" seem to conflict
with your statement of "hearsay".


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: openssl vs. GPL question

[Humberto Massa Guimarães]

De: Steve Langasek [mailto:[EMAIL PROTECTED]
> The phrase "For an executable work, complete source code means all
> the source code for all modules it contains" appears in the text
> of GPL section *3*, which is not specific to "works based on the
> Program."  Such lack of attention to license detail from one who
> has so much to say on the subject is truly appalling.

So, are you arguing that things that *dynamically* link with some libraries do 
_contain_ said libraries?

Because IMHO neither ruby-zoom _contains_ libyaz nor libyaz _contains_ openssl.

Massa


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: openssl vs. GPL question

[Michael K. Edwards]

On 6/5/05, Steve Langasek <[EMAIL PROTECTED]> wrote:
> The phrase "For an executable work, complete source code means all the
> source code for all modules it contains" appears in the text of GPL section
> *3*, which is not specific to "works based on the Program."  Such lack of
> attention to license detail from one who has so much to say on the subject
> is truly appalling.

Sorry for the "truly appalling" typo.

Section 2 does indeed open with, "You may modify your copy or copies
of the Program or any portion of it, thus forming a work based on the
Program, ..."

Section 3 opens with: "You may copy and distribute the Program (or a
work based on it, under Section 2) in object code or executable form
under the terms of Sections 1 and 2 above ..."  Hence the remaining
paragraphs of Section 3 should be seen in this context, with the
proviso that "work based on the Program" is a term formally defined in
Section 0 (and referenced in the opening of Section 2) and that
various terms of art are not.  Irrespective of technical meanings that
might be ascribed to "executable", "modules", "interface definition
files", and so forth, Section 3's "executable work" does not "contain"
content that is determined, using the definition in Section 0, to be
outside the "work based on the Program".

Cheers,
- Michael

Re: openssl vs. GPL question

[Steve Langasek]

On Sun, Jun 05, 2005 at 08:15:36AM -0700, Michael K. Edwards wrote:
> On 6/5/05, Steve Langasek <[EMAIL PROTECTED]> wrote:
> > I have no reason to believe that the GPL's claim depends on the status of
> > derivative works; it is a condition of distributing binaries under the GPL
> > that the source to the work "and any components it contains" must be made
> > available under the terms of the GPL.  The fact that Alexandria does not
> > make *direct* use of OpenSSL is no defense, IMHO.

> That's in the context of a "work based on the Program" (check out the
> first sentence of GPL section 2),

The phrase "For an executable work, complete source code means all the
source code for all modules it contains" appears in the text of GPL section
*3*, which is not specific to "works based on the Program."  Such lack of
attention to license detail from one who has so much to say on the subject
is truly appalling.

-- 
Steve Langasek
postmodern programmer


signature.asc
Description: Digital signature

Re: openssl vs. GPL question

[Michael K. Edwards]

On 6/5/05, Steve Langasek <[EMAIL PROTECTED]> wrote:
> I have no reason to believe that the GPL's claim depends on the status of
> derivative works; it is a condition of distributing binaries under the GPL
> that the source to the work "and any components it contains" must be made
> available under the terms of the GPL.  The fact that Alexandria does not
> make *direct* use of OpenSSL is no defense, IMHO.

That's in the context of a "work based on the Program" (check out the
first sentence of GPL section 2), which is a derivative work under
copyright law, which doesn't "contain" things that are used by
reference.  I'm disinclined to reopen that debate on d-l, though; I've
written up a reasonably coherent essay containing the arguments I
gave, with case law, but it's rather long and I might decide I don't
feel like publishing it for free anyway.  :-)  Contact me if you would
like a copy for your private review.

> I care; I don't like either the OpenSSL license or the OpenSSL code, and I
> think it's in Debian's interest to distance itself from both to the greatest
> extent possible.

I don't particularly like the code either, and the license as commonly
interpreted is indeed a little on the obnoxious side.  But OpenSSL has
the virtue of working most of the time, Debian's version more
consistently than most.  And I wouldn't like to see Debian swept up in
the apparent FSF campaign to marginalize OpenSSL and its maintainers
by threatening legal action against anyone who links GPL code (FSF
copyrighted or not) to OpenSSL.  (I have not personally been the
target of any such threat, so this is definitely hearsay coming from
me.)

> Also not a defense; it's entirely valid for someone to release code under
> the GPL that they know cannot be bundled in binary form by OS distributors.
> Your argument would also imply that Microsoft is allowed to bundle any GPLed
> software they want to with Windows without opening their libs, merely
> because it's been written to use Windows-specific APIs.  This is not a sane
> assumption in the case of Microsoft, and it's not a sane assumption in our
> case either.  If this *is* the author's intent, it should be trivial to
> secure a license clarification.

Agreed completely.

Cheers,
- Michael

Re: openssl vs. GPL question

[Michael K. Edwards]

On 6/5/05, Arnoud Engelfriet <[EMAIL PROTECTED]> wrote:
> Michael K. Edwards wrote:
> > since the OpenSSL shim for GNU TLS was added to the GPL (not LGPL)
> > libgnutls-extra.  (It's possible that it has since been moved into the
> > LGPL portion, but I don't think so.)
> 
> The LGPL contains an explicit provision that allows relicensing
> to GPL (section 3 LGPL). Wouldn't that solve the problem?

"Upgrading" libyaz to the GPL would be fine by me (as far as I'm
concerned, the GPL is actually the more permissive license when
competently construed under US law), but I doubt that the maintainer
(and other libyaz-dependent application writers) would go for it. 
Building Alexandria statically with a putative libyaz / OpenSSL shim /
GNU TLS combination, separately from the libyaz package, doesn't sound
like a good solution.

Cheers,
- Michael

Re: openssl vs. GPL question

[Steve Langasek]

[Cc:ing the original poster, who posted to -mentors -- there's no reason to
expect that he's subscribed to -legal]

On Sun, Jun 05, 2005 at 11:04:13AM +0200, Måns Rullgård wrote:
> > On 6/4/05, Dafydd Harries <[EMAIL PROTECTED]> wrote:
> >> I have a package Alexandria, written in Ruby, which will depend on a
> >> new library in the next version. This library, ruby-zoom, is an LGPL Ruby
> >> binding of libyaz. libyaz links to OpenSSL and is, as far as I can tell,
> >> under a 2-clause BSD licence. Everything fine so far.

> >> But it seems to me that it will be impossible for Alexandria, which is
> >> under the GPL, to use ruby-zoom legally as, by doing so, it will be
> >> linking against OpenSSL, which is under a GPL-incompatible licence. Am I
> >> right in thinking so?

> > It is Debian's historical practice, and the FSF's stance, not to
> > permit this kind of dependency (direct or indirect).  I believe
> > strongly, and have adduced plenty of case law to demonstrate, that the
> > FSF's GPL FAQ is in error on this point.  I would not say, however,
> > that my opinion represents a debian-legal consensus.  See recent
> > debian-legal threads about Quagga, which is in a similar position.

> Does Alexandria make direct use of any OpenSSL functionality, or do
> only parts of libyaz not used by Alexandria use OpenSSL?  In the
> latter case, claiming derivedness from OpenSSL is outright bizarre, if
> it ever made any sense.

I have no reason to believe that the GPL's claim depends on the status of
derivative works; it is a condition of distributing binaries under the GPL
that the source to the work "and any components it contains" must be made
available under the terms of the GPL.  The fact that Alexandria does not
make *direct* use of OpenSSL is no defense, IMHO.

> Seriously, how many people actually care whether some GPL code links
> with OpenSSL?  My guess is two: RMS and EM.

I care; I don't like either the OpenSSL license or the OpenSSL code, and I
think it's in Debian's interest to distance itself from both to the greatest
extent possible.

> >> I notice that the Tellico package, which is GPL, already links against
> >> libyaz. Is this a licence violation?

> > No; but there again, it would probably be best to check with upstream
> > about whether they would mind adding an explicit "OpenSSL exemption". 
> > Wishlist bug?

> If the program makes explicit use of OpenSSL, I'd consider it fairly
> safe to assume an implicit permission to do so, even in the absence a
> written clause to that effect.

Also not a defense; it's entirely valid for someone to release code under
the GPL that they know cannot be bundled in binary form by OS distributors.
Your argument would also imply that Microsoft is allowed to bundle any GPLed
software they want to with Windows without opening their libs, merely
because it's been written to use Windows-specific APIs.  This is not a sane
assumption in the case of Microsoft, and it's not a sane assumption in our
case either.  If this *is* the author's intent, it should be trivial to
secure a license clarification.

-- 
Steve Langasek
postmodern programmer


signature.asc
Description: Digital signature

Re: openssl vs. GPL question

[Måns Rullgård]

"Michael K. Edwards" <[EMAIL PROTECTED]> writes:

> (copied to debian-legal, where the discussion belongs; next person
> please cut debian-mentors)
>
> On 6/4/05, Dafydd Harries <[EMAIL PROTECTED]> wrote:
>> I have a package Alexandria, written in Ruby, which will depend on a
>> new library in the next version. This library, ruby-zoom, is an LGPL Ruby
>> binding of libyaz. libyaz links to OpenSSL and is, as far as I can tell,
>> under a 2-clause BSD licence. Everything fine so far.
>> 
>> But it seems to me that it will be impossible for Alexandria, which is
>> under the GPL, to use ruby-zoom legally as, by doing so, it will be
>> linking against OpenSSL, which is under a GPL-incompatible licence. Am I
>> right in thinking so?
>
> It is Debian's historical practice, and the FSF's stance, not to
> permit this kind of dependency (direct or indirect).  I believe
> strongly, and have adduced plenty of case law to demonstrate, that the
> FSF's GPL FAQ is in error on this point.  I would not say, however,
> that my opinion represents a debian-legal consensus.  See recent
> debian-legal threads about Quagga, which is in a similar position.

Does Alexandria make direct use of any OpenSSL functionality, or do
only parts of libyaz not used by Alexandria use OpenSSL?  In the
latter case, claiming derivedness from OpenSSL is outright bizarre, if
it ever made any sense.  For the record, I'm with Edwards here.  I
think it's time to stop this totally non-productive nonsense.
Seriously, how many people actually care whether some GPL code links
with OpenSSL?  My guess is two: RMS and EM.

>> I notice that the Tellico package, which is GPL, already links against
>> libyaz. Is this a licence violation?
>
> No; but there again, it would probably be best to check with upstream
> about whether they would mind adding an explicit "OpenSSL exemption". 
> Wishlist bug?

If the program makes explicit use of OpenSSL, I'd consider it fairly
safe to assume an implicit permission to do so, even in the absence a
written clause to that effect.

IANAL, etc.

-- 
Måns Rullgård
[EMAIL PROTECTED]


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: openssl vs. GPL question

[Arnoud Engelfriet]

Michael K. Edwards wrote:
> since the OpenSSL shim for GNU TLS was added to the GPL (not LGPL)
> libgnutls-extra.  (It's possible that it has since been moved into the
> LGPL portion, but I don't think so.)  

The LGPL contains an explicit provision that allows relicensing
to GPL (section 3 LGPL). Wouldn't that solve the problem?

Arnoud

-- 
Arnoud Engelfriet, Dutch patent attorney - Speaking only for myself
Patents, copyright and IPR explained for techies: http://www.iusmentis.com/


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: openssl vs. GPL question

[Michael K. Edwards]

(copied to debian-legal, where the discussion belongs; next person
please cut debian-mentors)

On 6/4/05, Dafydd Harries <[EMAIL PROTECTED]> wrote:
> I have a package Alexandria, written in Ruby, which will depend on a
> new library in the next version. This library, ruby-zoom, is an LGPL Ruby
> binding of libyaz. libyaz links to OpenSSL and is, as far as I can tell,
> under a 2-clause BSD licence. Everything fine so far.
> 
> But it seems to me that it will be impossible for Alexandria, which is
> under the GPL, to use ruby-zoom legally as, by doing so, it will be
> linking against OpenSSL, which is under a GPL-incompatible licence. Am I
> right in thinking so?

It is Debian's historical practice, and the FSF's stance, not to
permit this kind of dependency (direct or indirect).  I believe
strongly, and have adduced plenty of case law to demonstrate, that the
FSF's GPL FAQ is in error on this point.  I would not say, however,
that my opinion represents a debian-legal consensus.  See recent
debian-legal threads about Quagga, which is in a similar position.

> My understanding of this issue is based on reading this thread:
> 
> http://lists.debian.org/debian-legal/2002/10/msg00113.html
> 
> If there is indeed a licence problem here, I can see two main solutions:
> 
>  - Try to get libyaz in Debian to link against GnuTLS instead of
>OpenSSL.
> 
>  - Get the maintainer of Alexandria to make an exception for linking
>against OpenSSL.

The latter is probably a better choice (at least in the short term),
since the OpenSSL shim for GNU TLS was added to the GPL (not LGPL)
libgnutls-extra.  (It's possible that it has since been moved into the
LGPL portion, but I don't think so.)  While I don't believe in the
FSF's theories about linking causing "GPL violation" (especially in
the indirect scenario), it's the Debian way to request a clarification
from upstream.

> I notice that the Tellico package, which is GPL, already links against
> libyaz. Is this a licence violation?

No; but there again, it would probably be best to check with upstream
about whether they would mind adding an explicit "OpenSSL exemption". 
Wishlist bug?

Cheers,
- Michael
(IANAL, IANADD)

Re: A GNU GPL question (might be slightly OT)

[Mark Rafn]

On Fri, 6 Sep 2002, Fredrik Persson wrote:

> I'm in a situation where I am trying to get the source code for a program
> from the company that distributed that program, and this has turned out
> to be really difficult. Currently, I'm preparing a reply to their lawyer (I
> have no legal training myself, so this is really difficult) where he talks to
> me about a three year rule within the GPL.

I'm not a lawyer either, but I'll try to answer.  .  3b
doesn't seem to have a loophole to me, but 3c might be susceptible in a
very limited way.

> Jim gives Joe a program licensed under the GPL. Jim does not provide 
> Joe with the source code, but with a written offer to provide that source
> code upon request. He can do this, according to section 3b in the GPL.
> However, that only requires Jim to comply with that offer for a period of 
> three years, which is also stated in section 3b. 

So far so good.  

> Two years later, Joe re-distributes the program to Jill, and he includes the 
> written offer from Jim. Joe is required to do so, according to section 3c.

At this point, as long as the Joe->Jill distribution was noncommercial, 
there has been no violation of GPL that I can see.

At this point, Jill has a copy that she cannot distribute (She can't
fulfill 3a or 3b, and 3c only applies to software she got under 3b.  Her
best bet is to immediately excercise the offer to get source, so she can
distribute under 3a or 3b.

> Two more years pass and Jill decides that she wants that source code.

Jill now has a copy of a program for which nobody has a legal obligation
to provide source.  So does Joe.  Heck, so might Jim if he didn't save the
source.  This cannot be distributed under the GPL.

It's possible to argue that Joe can still noncommercially distribute the
sourceless binary under 3c, accompanied by the expired written offer from
Jim.  Nobody who recieved the binary this way could redistribute it 
(like always, as I read it, for programs distributed under 3c).

Fortunately, it's limited to noncommercial transactions and it creates
undistributable copies, so there is very little incentive to excercise
this loophole.  It does mean that Debian shouldn't accept software under 
3b or 3c of the GPL.  Which we probably wouldn't anyway for logistics 
reasons.
--
Mark Rafn[EMAIL PROTECTED]  

Re: A GNU GPL question (might be slightly OT)

[David Turner]

On Fri, 2002-09-06 at 11:03, Fredrik Persson wrote:
> Is this a loophole in the GPL? If my question above is answered with
> "Jim", I think it is. If the answer is "Jill", it most likely is not.
> 
> So...
> 
> What do you all say about this?

I say that the answer is "Jim," but that this is not as serious a
problem as you make it sound.  The GPL 3c only applies to non-commercial
distribution.  

But I have brought it up here at the FSF, and I believe that future
versions of the GPL will take it into account, by saying something like,
c) Accompany it with the information you received as to the offer
to distribute corresponding source code.  (This alternative is
allowed only for noncommercial distribution and only if you
received the program in object code or executable form with such
an offer, in accord with Subsection b above.  The offer must still 
be valid)


-- 
-Dave Turner
Free Software Licensing Guru

Re: A GNU GPL question (might be slightly OT)

[Spencer H Visick]

Antti-Juhani Kaijanaho on Fri, Sep 06, 2002 at 07:52:06PM +0300 wrote:
> The FSF may be a better place.  They have a mailing address for
> licensing questions but I forget what it was.

[EMAIL PROTECTED]

-- 
Spencer Hal Visick

Please avoid sending me Word or PowerPoint attachments.
See http://www.fsf.org/philosophy/no-word-attachments.html

Re: A GNU GPL question (might be slightly OT)

[Antti-Juhani Kaijanaho]

On 20020906T180308+0200, Fredrik Persson wrote:
> This may be slightly OT, but I have really looked around for a better place
> to ask this question, and failed. 

The FSF may be a better place.  They have a mailing address for
licensing questions but I forget what it was.

> That is my question. Who is right, Jim or Jill? I think it's a really 
> important question, too. I shall explain why.

I see your point.  My initial answer would be that Jim is right,
assuming that the offer is properly dated (as it should be).  But this
does not address the problem.

-- 
Antti-Juhani Kaijanaho, LuK (BSc)* http://www.iki.fi/gaia/ * [EMAIL 
PROTECTED]

A GNU GPL question (might be slightly OT)

[Fredrik Persson]

Hello!

This may be slightly OT, but I have really looked around for a better place
to ask this question, and failed. 

I'm in a situation where I am trying to get the source code for a program
from the company that distributed that program, and this has turned out
to be really difficult. Currently, I'm preparing a reply to their lawyer (I
have no legal training myself, so this is really difficult) where he talks to
me about a three year rule within the GPL.

Here's how I understand this issue: (Correct me if I'm wrong.)

Jim gives Joe a program licensed under the GPL. Jim does not provide 
Joe with the source code, but with a written offer to provide that source
code upon request. He can do this, according to section 3b in the GPL.

However, that only requires Jim to comply with that offer for a period of 
three years, which is also stated in section 3b. 

Two years later, Joe re-distributes the program to Jill, and he includes the 
written offer from Jim. Joe is required to do so, according to section 3c.

Two more years pass and Jill decides that she wants that source code.

Here's where my question comes: Since FOUR years has passed since
Jim originally distributed the program, he feels that he is no longer obliged
to comply with his written offer.

However, Jill feels that since she got the program only TWO years ago, 
the offer is still something that Jim is required to comply with. In her 
timeline, the three-year limit is not passed yet.

That is my question. Who is right, Jim or Jill? I think it's a really 
important question, too. I shall explain why.

Consider this:

Jim downloads the source code for the gcc compiler. He then modifies that 
source and creates jimsgcc. But Jim doesn't really want to share
the source with anyone. He is evil and he is also smart. So he finds
section 3b in the GPL and he contacs Joe, who is also evil and
ready to help Jim out when it comes to completing the scheme.

Jim distributes the program (jimsgcc) to Joe, with that 
valid-for-three years offer that section 3b speaks about. Joe then
sits on his ass for three years, so that the offer is no longer
valid. 

Joe now starts distributing the jimsgcc (here, working on orders from Jim
of course) and if anyone ("any third party") requests the source code
from Jim according to that written offer, he denies and says that more 
than three years has passed since the offer was issued and voilá, Jim has 
managed to short-circuit the GPL. (Yes, three years is a long time for
a computer program and jimsgcc not likely to be very attractive by
the time it actually is available, but the principle still holds.)

Is this a loophole in the GPL? If my question above is answered with
"Jim", I think it is. If the answer is "Jill", it most likely is not.

So...

What do you all say about this?

/Fredrik Persson

Re: linux gpl question

[Steve Langasek]

On Fri, Apr 26, 2002 at 04:53:24PM -0600, John Galt wrote:
> On Thu, 25 Apr 2002, David Starner wrote:

> >On Thu, Apr 25, 2002 at 09:35:44PM -0600, John Galt wrote:
> >> No, he doesn't have to do anything at all with his patches.  They aren't 
> >> the FSF's to define the license for.  For ONLY the work he authored or 
> >> has the rights of authorship in, he may do whatever he wishes with it.

> >A patch to a program is a derivative work of the program, in most cases.
> >Hence, you need permission of the copyright owner to distribute it;
> >lacking direct permission (rather painful for the kernel), you have to
> >distribute it under the GPL if you distribute it.

> Only assuming that you distribute the patched kernel as a unit.  It is 
> entirely feasable to distribute the patches as a separately copyrightable 
> entity.

Does your use of a pseudonym result in an even higher degree of
detachment from reality than one normally expects in arcane legal
discussions?  What the hell does distributing a patch in isolation have
to do with the issue at hand?  He's distributing *compiled* *binaries*,
for God's sake, with no source code being made obviously available --
that's why the question was even /asked/.

Any nitpicking about whether a patch distributed in isolation is a
derived work is completely and utterly irrelevant to the original
question concerning firewall appliances.  It's sufficient to say that
the MOST someone could do without having to comply with the GPL is
distribute their patch in isolation -- in other words, not much that's
of any use, and certainly nothing that's of use to someone interested in
keeping their changes private.

Steve Langasek
postmodern programmer


pgpIBugqUNrQe.pgp
Description: PGP signature

Re: linux gpl question

[Thomas Bushnell, BSG]

John Galt <[EMAIL PROTECTED]> writes:

> Only assuming that you distribute the patched kernel as a unit.  It is 
> entirely feasable to distribute the patches as a separately copyrightable 
> entity.

Nope, it's not.  But since you don't listen, it's pointless to keep
talking to you.  


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: linux gpl question

[J.H.M. Dassen \(Ray\)]

On Sat, Apr 27, 2002 at 13:29:44 +0200, Jeroen Dekkers wrote:
> I can't find the exact details on the web anymore, but I remember that
> NeXTStep distributed only the object files

It's in "Copyleft: Pragmatic Idealism" by RMS,
http://www.gnu.org/philosophy/pragmatic.html 

"Consider GNU Objective C. NeXT initially wanted to make this front end
proprietary; they proposed to release it as .o files, and let users link
them with the rest of GCC, thinking this might be a way around the GPL's
requirements. But our lawyer said that this would not evade the
requirements, that it was not allowed. And so they made the Objective C
front end free software."

Ray
-- 
"If we put in English phrases, that makes it readable".  That's COBOL.
Larry Wall on common fallacies of language design


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: linux gpl question

[Jeroen Dekkers]

On Fri, Apr 26, 2002 at 11:41:11PM -0400, Glenn Maynard wrote:
> On Fri, Apr 26, 2002 at 06:40:41PM -0500, David Starner wrote:
> > Not by my understanding. A patch will include generally include pieces
> > of the kernel source, and only make sense in the context of the kernel.
> > That makes it a derivative work of the kernel.
> 
> In theory, one could design a patch format that doesn't include any
> context data; it wouldn't be very useful or robust, but it could be
> done.  Would the patch still be considered a DW?  The patch is still
> representing a DW of the kernel source.


At least by applying the patch you make derivative work. IANAL, but by
modifying Linux (to make the patch) you agree with the GPL. I'm not
sure it's legal to distribute patches which aren't under de GPL. 

I can't find the exact details on the web anymore, but I remember that
NeXTStep distributed only the object files which should be linked with
gcc by the user to make the Objective-C compiler. IIRC that wasn't
legal and they GPL'd the source to comply with the GPL. This is only
from my vague memory, so there is a change that this isn't totally
correct. :)

Jeroen Dekkers
-- 
Jabber supporter - http://www.jabber.org Jabber ID: [EMAIL PROTECTED]
Debian GNU supporter - http://www.debian.org http://www.gnu.org
IRC: [EMAIL PROTECTED]


pgpWhXDsT7WHg.pgp
Description: PGP signature

Re: linux gpl question

[Anthony Towns]

On Fri, Apr 26, 2002 at 11:41:11PM -0400, Glenn Maynard wrote:
> On Fri, Apr 26, 2002 at 06:40:41PM -0500, David Starner wrote:
> > Not by my understanding. A patch will include generally include pieces
> > of the kernel source, and only make sense in the context of the kernel.
> > That makes it a derivative work of the kernel.
> In theory, one could design a patch format that doesn't include any
> context data; it wouldn't be very useful or robust, but it could be
> done.

In practice, too. "diff --ed" does this.

> Would the patch still be considered a DW?  The patch is still
> representing a DW of the kernel source.

Cheers,
aj

-- 
Anthony Towns <[EMAIL PROTECTED]> 
I don't speak for anyone save myself. GPG signed mail preferred.

 ``BAM! Science triumphs again!'' 
-- http://www.angryflower.com/vegeta.gif


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: linux gpl question

[Glenn Maynard]

On Fri, Apr 26, 2002 at 06:40:41PM -0500, David Starner wrote:
> Not by my understanding. A patch will include generally include pieces
> of the kernel source, and only make sense in the context of the kernel.
> That makes it a derivative work of the kernel.

In theory, one could design a patch format that doesn't include any
context data; it wouldn't be very useful or robust, but it could be
done.  Would the patch still be considered a DW?  The patch is still
representing a DW of the kernel source.

-- 
Glenn Maynard


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: linux gpl question

[martin f krafft]

also sprach John Galt <[EMAIL PROTECTED]> [2002.04.27.0106 +0200]:
> >However, his patches are patches *of Linux*, and so if he distributes
> >the patched Linux, he is required to distribute the full source,
> >because Linux is copyable only under the terms of the GPL and that's
> >what the GPL requires.  If he doesn't like that, his only option is to
> >refrain from copying the Linux binaries at all.
> 
> I'm really wondering why you even bothered to point this out.  You restate 
> my point rather complicatedly and mostly wrongly, then added a huge assed 
> dose of the obvious.  Why?  

chill hey! gosh, legal issues always make people so belligerent ;^>!

this is, after all, not always straight forward as in the books. in
fact, i claim to have understood most of the license, and your
explanations, and i am still confused in certain cases. granted, this
one is answered rather easily (now that i know what to consider and
where to look), but i still appreciate any form of feedback within the
reasonable bounds and as long as nobody purposely acts childish or
stupidly. this ain't no offense, john.

> BTW, he is only required to provide the GPL'd stuff when asked: there is 
> no law, clause, or any other thing on God's green earth that is forcing 
> him to give up his rights of authorship in code he wrote (gee, does it 
> sound like I'm repeating myself?).

you still have a wonderful way of explaining, quite understandable,
i find...

> Artificial intelligence is no match for natural stupidity.

on purpose?

-- 
martin;  (greetings from the heart of the sun.)
  \ echo mailto: !#^."<*>"|tr "<*> mailto:"; [EMAIL PROTECTED]
  
dimmi in 10 secondi i nomi dei 7 re di roma, in ordine
decrescente di data di morte del figlio secondogenito,
in rot13... o faccio fuori la directory /dev !!!


pgptb9UyGL1l3.pgp
Description: PGP signature

Re: linux gpl question

[David Starner]

On Fri, Apr 26, 2002 at 04:53:24PM -0600, John Galt wrote:
> On Thu, 25 Apr 2002, David Starner wrote:
> >A patch to a program is a derivative work of the program, in most cases.
> >Hence, you need permission of the copyright owner to distribute it;
> >lacking direct permission (rather painful for the kernel), you have to
> >distribute it under the GPL if you distribute it.
> 
> Only assuming that you distribute the patched kernel as a unit.  It is 
> entirely feasable to distribute the patches as a separately copyrightable 
> entity.

Not by my understanding. A patch will include generally include pieces
of the kernel source, and only make sense in the context of the kernel.
That makes it a derivative work of the kernel.

-- 
David Starner - [EMAIL PROTECTED]
"It's not a habit; it's cool; I feel alive. 
If you don't have it you're on the other side." 
- K's Choice (probably referring to the Internet)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: linux gpl question

[John Galt]

On 25 Apr 2002, Thomas Bushnell, BSG wrote:

>John Galt <[EMAIL PROTECTED]> writes:
>
>> No, he doesn't have to do anything at all with his patches.  They aren't 
>> the FSF's to define the license for.  For ONLY the work he authored or 
>> has the rights of authorship in, he may do whatever he wishes with it.
>
>However, his patches are patches *of Linux*, and so if he distributes
>the patched Linux, he is required to distribute the full source,
>because Linux is copyable only under the terms of the GPL and that's
>what the GPL requires.  If he doesn't like that, his only option is to
>refrain from copying the Linux binaries at all.

I'm really wondering why you even bothered to point this out.  You restate 
my point rather complicatedly and mostly wrongly, then added a huge assed 
dose of the obvious.  Why?  

BTW, he is only required to provide the GPL'd stuff when asked: there is 
no law, clause, or any other thing on God's green earth that is forcing 
him to give up his rights of authorship in code he wrote (gee, does it 
sound like I'm repeating myself?).

>RMS of course has nothing to do with it, but the authors of Linux,
>whose work on Linux is all GPL'd, certainly do.

The license clause that apparently causes the author to have to GPL his 
separatable work comes from the FSF, not from the authors of the Linux 
kernel.

-- 
Artificial intelligence is no match for natural stupidity.

Who is John Galt?  [EMAIL PROTECTED], that's who!  


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: linux gpl question

[John Galt]

On Thu, 25 Apr 2002, David Starner wrote:

>On Thu, Apr 25, 2002 at 09:35:44PM -0600, John Galt wrote:
>> No, he doesn't have to do anything at all with his patches.  They aren't 
>> the FSF's to define the license for.  For ONLY the work he authored or 
>> has the rights of authorship in, he may do whatever he wishes with it.
>
>A patch to a program is a derivative work of the program, in most cases.
>Hence, you need permission of the copyright owner to distribute it;
>lacking direct permission (rather painful for the kernel), you have to
>distribute it under the GPL if you distribute it.

Only assuming that you distribute the patched kernel as a unit.  It is 
entirely feasable to distribute the patches as a separately copyrightable 
entity.
 


-- 
Artificial intelligence is no match for natural stupidity.

Who is John Galt?  [EMAIL PROTECTED], that's who!  


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: linux gpl question

[Thomas Bushnell, BSG]

Lynn Winebarger <[EMAIL PROTECTED]> writes:

>  In one case the police will probably come after him (assuming they 
> figure out who it was).  Here the copyright holders have to come after
> him.  There's a substantial difference.

And what we're talking about is exactly that.  Eben Moglen, who is
the legal heavy for the FSF, has a nice essay on how easy it is to
enforce the GPL.  Usually takes only one letter.

>Actually, I wasn't referring to chosing to enforce the law,
> but determining the penalty.  They might make them distribute the
> patched version under GPL, or they might make them pay monetary
> damages and order existent copies destroyed.  I'm not a lawyer, so I
> don't know the full range of a judge's discretion. However, the
> latter is the usual way to deal with copyright infringement (at
> least it's in statute itself).  They might do something else.

Generally GPL holders don't ask for anything more than "either comply
or stop distributing entirely", money damages are not normally
requested.

Thomas


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: linux gpl question

[Lynn Winebarger]

On Friday 26 April 2002 01:45, David Starner wrote:
> On Fri, Apr 26, 2002 at 01:29:57AM -0500, Lynn Winebarger wrote:
> >  Actually he can copy all he wants without complying with the GPL.
> > It would take a court to actually force him to comply with the license 
> > and/or
> 
> That's sort of like saying he can kill all he wants to; it would take a
> court to actually force him to comply with law. In either case, he is
> violating the law. 

 In one case the police will probably come after him (assuming they 
figure out who it was).  Here the copyright holders have to come after
him.  There's a substantial difference.

> > He still has some rights to his derivative work, they
> > aren't completely held by the original authors, so it would be a mistake
> > to treat the derivative work as GPL'ed and copy it before the court forced
> > license compliance 
> 
> Not much of a mistake; unless he made clear that it wasn't GPLed, you
> could reasonably claim that you made the assumption that he was acting
> legally. Most judges aren't amused with cases where the plaintiff was
> acting illegally and not in good faith.

Do you really want to be in the position of having to make such a claim?

> > (assuming it chose to).
> 
> A judge that doesn't enforce the clear law - and there would be no legal

   Actually, I wasn't referring to chosing to enforce the law, but 
determining the penalty.  They might make them distribute the patched
version under GPL, or they might make them pay monetary damages and
order existent copies destroyed.  I'm not a lawyer, so I don't know the full
range of a judge's discretion. However, the latter is the usual way to deal
with copyright infringement (at least it's in statute itself).  They might do 
something else.

Lynn


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: linux gpl question

[David Starner]

On Fri, Apr 26, 2002 at 01:29:57AM -0500, Lynn Winebarger wrote:
>  Actually he can copy all he wants without complying with the GPL.
> It would take a court to actually force him to comply with the license and/or

That's sort of like saying he can kill all he wants to; it would take a
court to actually force him to comply with law. In either case, he is
violating the law. 

> He still has some rights to his derivative work, they
> aren't completely held by the original authors, so it would be a mistake
> to treat the derivative work as GPL'ed and copy it before the court forced
> license compliance 

Not much of a mistake; unless he made clear that it wasn't GPLed, you
could reasonably claim that you made the assumption that he was acting
legally. Most judges aren't amused with cases where the plaintiff was
acting illegally and not in good faith.

> (assuming it chose to).

A judge that doesn't enforce the clear law - and there would be no legal
question here - is liable to face impeachment pretty quickly. In a case
like this, with few emotional issues or legal questions involved, a
judge is probably going to quickly rule against the copyright violator,
and go on to a serious case. Assuming that the copyright violator was
stupid enough to go that far; all GPL license questions have been
settled out of court, because getting hauled into court is an expensive
risky proposition.

-- 
David Starner - [EMAIL PROTECTED]
"It's not a habit; it's cool; I feel alive. 
If you don't have it you're on the other side." 
- K's Choice (probably referring to the Internet)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: linux gpl question

[Lynn Winebarger]

On Friday 26 April 2002 01:18, Thomas Bushnell, BSG wrote:
> John Galt <[EMAIL PROTECTED]> writes:
> 
> > No, he doesn't have to do anything at all with his patches.  They aren't 
> > the FSF's to define the license for.  For ONLY the work he authored or 
> > has the rights of authorship in, he may do whatever he wishes with it.
> 
> However, his patches are patches *of Linux*, and so if he distributes
> the patched Linux, he is required to distribute the full source,
> because Linux is copyable only under the terms of the GPL and that's
> what the GPL requires.  If he doesn't like that, his only option is to
> refrain from copying the Linux binaries at all.

 Actually he can copy all he wants without complying with the GPL.
It would take a court to actually force him to comply with the license and/or
pay for violating the license (and that would take a lawsuit brought by the
copyright holders).  He still has some rights to his derivative work, they
aren't completely held by the original authors, so it would be a mistake
to treat the derivative work as GPL'ed and copy it before the court forced
license compliance (assuming it chose to).
 
Lynn


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: linux gpl question

[Thomas Bushnell, BSG]

John Galt <[EMAIL PROTECTED]> writes:

> No, he doesn't have to do anything at all with his patches.  They aren't 
> the FSF's to define the license for.  For ONLY the work he authored or 
> has the rights of authorship in, he may do whatever he wishes with it.

However, his patches are patches *of Linux*, and so if he distributes
the patched Linux, he is required to distribute the full source,
because Linux is copyable only under the terms of the GPL and that's
what the GPL requires.  If he doesn't like that, his only option is to
refrain from copying the Linux binaries at all.

RMS of course has nothing to do with it, but the authors of Linux,
whose work on Linux is all GPL'd, certainly do.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: linux gpl question

[David Starner]

On Thu, Apr 25, 2002 at 09:35:44PM -0600, John Galt wrote:
> No, he doesn't have to do anything at all with his patches.  They aren't 
> the FSF's to define the license for.  For ONLY the work he authored or 
> has the rights of authorship in, he may do whatever he wishes with it.

A patch to a program is a derivative work of the program, in most cases.
Hence, you need permission of the copyright owner to distribute it;
lacking direct permission (rather painful for the kernel), you have to
distribute it under the GPL if you distribute it.
 
-- 
David Starner - [EMAIL PROTECTED]
"It's not a habit; it's cool; I feel alive. 
If you don't have it you're on the other side." 
- K's Choice (probably referring to the Internet)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: linux gpl question

[John Galt]

On Thu, 25 Apr 2002, martin f krafft wrote:

>[please cc me on responses]
>
>hey wise people,
>
>i have a question that's stunning us over here. there's someone
>selling a complete firewall appliance atop a linux kernel. he
>advertises it as hardened and as super-secure because he patched the
>kernel here and there, and because he added userland stuff.
>
>now my question: the kernel's gpl, so everything using the kernel
>source must be gpl. that does force this guy to make the source of all
>his kernel tree patches available, unless he provides binary patches
>for the kernel, right? in this case, does he have to let people know
>exactly which patches are applied?

No, he doesn't have to do anything at all with his patches.  They aren't 
the FSF's to define the license for.  For ONLY the work he authored or 
has the rights of authorship in, he may do whatever he wishes with it.

>or, can he simply make the kernel source available, but ship it in
>binary only form with his patches applied?

Even worse, he only has to OFFER to make available the kernel source: a 
written offer, good for longer than three years, to provide the source for 
no  more than the cost of media.

>i'd love to hear your thoughts...
>
>

-- 
Artificial intelligence is no match for natural stupidity.

Who is John Galt?  [EMAIL PROTECTED], that's who!  


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: linux gpl question

[David Starner]

On Thu, Apr 25, 2002 at 01:15:23PM +0200, martin f krafft wrote:
> now my question: the kernel's gpl, so everything using the kernel
> source must be gpl. that does force this guy to make the source of all
> his kernel tree patches available, unless he provides binary patches
> for the kernel, right? in this case, does he have to let people know
> exactly which patches are applied?

He has to provide source if you get the kernel. (Binary modules are
okay; binary patches aren't.) He doesn't have to let people know which
patches are applied; he can just give you the kernel source and let
you figure it out.

-- 
David Starner - [EMAIL PROTECTED]
"It's not a habit; it's cool; I feel alive. 
If you don't have it you're on the other side." 
- K's Choice (probably referring to the Internet)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: linux gpl question

[Stephen Ryan]

On Thu, 2002-04-25 at 07:15, martin f krafft wrote:
> [please cc me on responses]
> 
> hey wise people,
> 
> i have a question that's stunning us over here. there's someone
> selling a complete firewall appliance atop a linux kernel. he
> advertises it as hardened and as super-secure because he patched the
> kernel here and there, and because he added userland stuff.
> 
> now my question: the kernel's gpl, so everything using the kernel
> source must be gpl. that does force this guy to make the source of all
> his kernel tree patches available, unless he provides binary patches
> for the kernel, right? in this case, does he have to let people know
> exactly which patches are applied?

I think he needs to provide the exact patched source code.

Quoting from the GPL:

2...a) You must cause the modified files to carry prominent notices
stating that you changed the files and the date of any change.

and

3. You may copy and distribute the Program (or a work based on it,
under Section 2) in object code or executable form under the terms of
Sections 1 and 2 above provided that you also do one of the following:

a) Accompany it with the complete corresponding machine-readable
source code, which must be distributed under the terms of Sections
1 and 2 above on a medium customarily used for software interchange;
or,

b) Accompany it with a written offer, valid for at least three
years, to give any third party, for a charge no more than your
cost of physically performing source distribution, a complete
machine-readable copy of the corresponding source code, to be
distributed under the terms of Sections 1 and 2 above on a medium
customarily used for software interchange; or,

Section 3. c) does not apply, since he is the "upstream" for this
particular modification.

Together, these two sections mean that the complete source code must be
provided, and that the modified sections must be marked as such.

Unless he can come up with binary-only patches from nothing, his product
is a derivative of the Linux kernel source, and therefore must be
shipped with *complete* source code.  

> or, can he simply make the kernel source available, but ship it in
> binary only form with his patches applied?

Binaries are fine, but the complete source used to generate those
binaries is the source that must be supplied, per 3a) or 3b).

IANAL, TINLA, etc.
--  
Stephen RyanDebian GNU/Linux
Technology Coordinator
Center for Educational Outcomes at Dartmouth College


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

linux gpl question

[martin f krafft]

[please cc me on responses]

hey wise people,

i have a question that's stunning us over here. there's someone
selling a complete firewall appliance atop a linux kernel. he
advertises it as hardened and as super-secure because he patched the
kernel here and there, and because he added userland stuff.

now my question: the kernel's gpl, so everything using the kernel
source must be gpl. that does force this guy to make the source of all
his kernel tree patches available, unless he provides binary patches
for the kernel, right? in this case, does he have to let people know
exactly which patches are applied?

or, can he simply make the kernel source available, but ship it in
binary only form with his patches applied?

i'd love to hear your thoughts...

-- 
martin;  (greetings from the heart of the sun.)
  \ echo mailto: !#^."<*>"|tr "<*> mailto:"; [EMAIL PROTECTED]
  
windoze 3.1 - the best $89 solitaire game you can buy.


pgpKedDRcFPyF.pgp
Description: PGP signature

Re: GPL question

[Edmund GRIMLEY EVANS]

Samuel Hocevar <[EMAIL PROTECTED]>:

>However, if your printing server component is a library and is GPLed,
> then every work linked to it has to be GPLed (or have an even less
> restrictive license).
> 
> > Also, is it relevant that at the moment the whole app. comes on a single CD?
> 
>This is considered "mere aggregation" of software by the GPL, and
> thus the different parts of the work do not need to have the same
> license, even if there is one GPLed app there.

Sorry if this is off-topic, but I'm just checking that I understand
the GPL properly.

As I understand it, it is relevant that the whole application comes on
a single CD, because this is what prevents you from linking a non-GPL
program with a GPL library. If you distribute a CD with a GPL library,
and a separate CD with a non-GPL program as a "separate work", and
someone gets both CDs and links the program with the library, then the
GPL has been obeyed, because:

(i) the GPL library is being distributed according to the GPL;

(ii) the non-GPL program doesn't contain any code from the library and
is therefore not a "derivative work under copyright law";

(iii) the GPL only restricts "copying, distribution and modification";
it does not and could not restrict linking.

So my impression is that the GPL is basically equivalent to the LGPL
modulo (a significant amount of) inconvenience. If this is wrong, I
would like to know why. If it's off-topic, is there another list I
could use?

Edmund

Re: GPL question

[Henning Makholm]

Scripsit Mike Cunningham <[EMAIL PROTECTED]>

> I work for a company  which sells a proprietary closed-source call centre
> application. We are looking to write a central printing server
> component which would [hopefully] make use of Ghostscript. I
> understand that we would need to release the printing server under
> the GPL and we have no problem with doing that.

Not necessarily. If your printing saver simply generates postscript
output, and Ghostscript is just one of several configurable options
for what to do with the output, I do not think that the copyright for
Ghostscript migrates to the postscript creator. After all, there do
exists other quite legitimate options for handling a postscript file
than Ghostscript - not least among which is transmitting it to a
genuine PostScript(R) printer.

> Also, is it relevant that at the moment the whole app. comes on a
> single CD?

Not if your application is clearly functional and useful without using
Ghostscript (which would be the case if it offered to pipe its output
directly to the printer).

> I.e. if we added the new print server to the CD then have we just formed a
> "distribution" (as described in the license) and ...aaagh.

I think that would be "mere aggregation" as described at the end of
GPL clause 2.

-- 
Henning Makholm"Vi skal nok ikke begynde at undervise hinanden i
den store regnekunst her, men jeg vil foreslå, at vi fra
 Kulturministeriets side sørger for at fremsende tallene og også
  give en beskrivelse af, hvordan man læser tallene. Tak for i dag!"

Re: GPL question

[Samuel Hocevar]

On Tue, Sep 05, 2000, Mike Cunningham wrote:

> I work for a company  which sells a proprietary closed-source call centre
> application. We are looking to write a central printing server component which
> would [hopefully] make use of Ghostscript. I understand that we would need to
> release the printing server under the GPL and we have no problem with doing
> that.

   It depends on how ghostscript is called. If it is just called with
system(); or popen(); then you don't need to make it GPL.

> My question is: would the rest of our product need to be re-licensed
> under the GPL too?

   Again, it depends on how "the rest of your product" communicates with
the printing server. If they are completely separate programs (ie. one
calling the other with system() or through a pipe), then both can have
their separate license.

   However, if your printing server component is a library and is GPLed,
then every work linked to it has to be GPLed (or have an even less
restrictive license).

> Also, is it relevant that at the moment the whole app. comes on a single CD?

   This is considered "mere aggregation" of software by the GPL, and
thus the different parts of the work do not need to have the same
license, even if there is one GPLed app there.

> I.e. if we added the new print server to the CD then have we just formed a
> "distribution" (as described in the license) and ...aaagh.

   Don't worry, as I said, just have a look at the very last sentence of
section 2 of the GPL.

Regards,
Sam.
-- 
Samuel Hocevar <[EMAIL PROTECTED]> 
http://www.via.ecp.fr/~sam/
1024D/29499F61 1999-04-221155 4B19 A50F 1136 6E60  A499 7CF3 F5AF 2949 9F61
dig goret.org @zoy.org axfr \
  | perl -e 'for(sort(<>)){print pack("H32",$1) if(/^c..\.(\w+)/)}' | gzip -d

Re: GPL question

[Mike Cunningham]

--  Forwarded Message  --
Subject: Re: GPL question
Date: Tue, 5 Sep 2000 16:13:30 +0100
From: Mike Cunningham <[EMAIL PROTECTED]>


On Tue, 05 Sep 2000, you wrote:

> Um.. debian-legal doesn't engage in handing out legal advice.
> 
> We're focussed on whether something would cause legal problems
> for debian -- we have no real experience dealing with other
> legal issues.
> 
> You might want to contact the author of Ghostscript.
> 
> Sorry,
> 
> -- 
> Raul

OK Raul, fair enough. I just thought you guys might have thrashed this one out
already and have a view you might share if you were asked politely.

Please accept my apologies.

Mike


***
Attachments in this message have been swept
by NAI's TVD (version 4.0.4093) for the presence
of known computer viruses.
*

_
This message has been checked for all known viruses by Star Internet delivered
through the MessageLabs Virus Control Centre. For further information visit
http://www.star.net.uk/stats.asp

GPL question

[Mike Cunningham]

Hi everyone.

Just joined the list and I'd *really* appreciate your advice on the part of the
GPL that allows for exclusion of "identifiable sections" (i.e. section 2).

The situation is:

I work for a company  which sells a proprietary closed-source call centre
application. We are looking to write a central printing server component which
would [hopefully] make use of Ghostscript. I understand that we would need to
release the printing server under the GPL and we have no problem with doing
that.

My question is: would the rest of our product need to be re-licensed under the 
GPL too? I've read the license text carefully but I can't figure out whether
the other parts of our application would be OK with their current license. I.e.
making use of the "separate sections" clause in the GPL.

Also, is it relevant that at the moment the whole app. comes on a single CD?
I.e. if we added the new print server to the CD then have we just formed a
"distribution" (as described in the license) and ...aaagh.

I'm confused. We really aren't looking to earn a fast buck off Ghostscript - as
I mentioned, we're happy to put the print server under the GPL - but we just
can't open up the whole application. Philosophy aside, I'm just a programmer
here and you can imagine the reaction I'd get from the bosses if I proposed
going GPL all the way.

Sorry if this is OT for a Debian list and / or an endlessly rehashed topic but
if you could spare me a bit of your collective wisdom I'd be v. grateful.

Thanks for your time

Mike Cunningham
AIT Ltd


***
Attachments in this message have been swept
by NAI's TVD (version 4.0.4093) for the presence
of known computer viruses.
*

_
This message has been checked for all known viruses by Star Internet delivered
through the MessageLabs Virus Control Centre. For further information visit
http://www.star.net.uk/stats.asp

Re: GPL Question

[William T Wilson]

On Thu, 14 Oct 1999, Matthew Simpson wrote:

> > You are free to use and distribute any command string in the Printer
> > Technical Reference. I double checked this with my manager. The only

That seems like a pretty straightforward answer to me.  What aspect of the
law are you worried about violating?

They don't need to put their commands under the GPL.  Information such as
command strings are not subject to copyright law.  The only thing that is
copyrighted in this case is the actual manual itself.  It's much like if
you buy a math textbook, you don't have to get permission from the author
of the textbook to publish a scientific paper based on formulas you
learned out of the book.

The only way you would be restricted is if you signed an NDA regarding the
information in the manual, which it appears that you did not.

GPL Question

[Matthew Simpson]

Hello,

My Debian developer application is in the works. I plan on being the
Debian maintainer for my own program, called "pup" (Printer Utility
Program). 
The first version, which has been out since last August at:
http://pup.hypermart.net

is only an ink cartridge maintainance utility program for the Lexmark
Optra 40 and 45 printers. It uses the GTK+ widget set. I released it
under the GPL. The few printer calls that it uses were given to me by
Lexmark with permission to redistribute under the GPL.

Lexmark was impressed and gave me their Technical Reference Manual,
which I think anyone can get. So now I am writing the next version of
pup, which will use many more printer calls and work on several more
Lexmark printers. I sent Lexmark this question on using these additional
printer calls from their manual:

> The thought occurred to me that I should seek permission to use the
> calls in the pdf manual you gave me, after reading the copyright page.
> So I need permission to use the calls in pup and release them as source
> code under the GPL. The program will remain free and GPL. Maybe you
> could give me a statement that I can place in the credits window?
> Something to the effect that permission to use the Lexmark specific
> calls in this program are granted under the GPL? I already have a
> similar statement about the cartridge maintenance calls. 

Lexmark responded with:

> You are free to use and distribute any command string in the Printer
> Technical Reference. I double checked this with my manager. The only
> legalese I saw was on page two of the document and it didn't appear to
> restrict distribution. It just stated that the document might contain
> flaws. If you wished to put something in the credits window, you might try
> something like "All printer command strings in this application have been
> released for public distribution." I can't grant these commands under the
> GPL license because this would place GPL restrictions on any future
> derivations of the commands.

So my question for the Legal folks is, with the above paragraph from
Lexmark, can I still release my pup program with the related printer
calls under the GPL, and if so how would I word the license statement
inside pup?

Here is what I have on the previous version of pup, the one without the
additional printer calls:

Copyrighted under the
GNU General Public License.
  
This program uses the libc, glib, and GTK+ libraries 
which fall under the terms of the GNU Library General 
Public License, version 2 or later. Depending on how 
this program was compiled, other licenses may apply. 
For example if this program was compiled under 
XFree86, the XFree86 Copyright and the copyrights 
it contains may apply.

Printer specific calls courtesy of Lexmark International, 
Inc. with permission from (and thanks to) David Lane of 
Lexmark to release under the GNU General Public License.
   
This program comes with ABSOLUTELY NO WARRANTY. 
This is free software, and you are welcome to redistribute 
it under certain conditions. For details, see the GNU 
General Public License.


Thank you,

Matt Simpson