Mark, I think that we should go further (moving from syntax to semantic). We should decomposed FOSS license in terms of right and obligations (Blackduck call that attributes in its protex tool).
We have a system in Alcatel-Lucent to do that since years for instance we have attributes to say that there is need to - have or not acknowledgement of authors in our documentation - have run-time acknowledgement - have source code available or not - have the obligation of copyright indemnification in case of IP issues - have the necessity to propagate the licences - .... This decomposition is very usefull to explain licenses rights and obligations to our R&D teams (with our decomposition we cover most of the major OSI certified licenses) . It is not perfect, and need some more work. Blackduck is doing a more formal decomposition of licenses for instance there is attribute is "does the license request that the source code MUST be available" or "does the license request that the source code MAY be available"; With that system they are allowed to define if two FOSS licenses are compatible or not. But their decomposition is not perfect because it can create conflict that do not really exists. The creative commons licenses are doing such kind of decomposition also so you do not pick up a license but a set of rights and obligations and create your license. I think there is a ground here to raise a standard. Michel [email protected], PhD Software Coordination Manager, N&P IS/IT Distinguished Member of Technical Staff Tel +33 (0) 6 75 25 21 94 Alcatel-Lucent International, Centre de Villarceaux Route De Villejust, 91620 Nozay, France ________________________________ De : [email protected] [mailto:[email protected]] De la part de Gisi, Mark Envoyé : mardi 22 octobre 2013 18:02 À : SPDX-legal; [email protected] Objet : Revisiting the SPDX license representation syntax In the last SPDX Legal meeting we discussed whether the current SPDX license representation syntax is sufficient to represent the licensing terms of most files (e.g., source, library and binary programs). For example, is the combination of the SPDX license list + current binary operands (AND and OR) sufficient to describe the licensing of most programs derived from multiple source and library files, where each is potentially under a different license. We decided to hold a break out session dedicated to discussing this topic in greater depth. Initially special consideration will be given to representing files that have licenses with special exceptions and programs derived from files licensed under multiple different licenses. Keep in mind, given the high degree to which sharing occurs in the community, composite licensing has become the norm rather than the expectation. This is a good thing - we just need to make sure SPDX can accommodate it. I will be organizing the break session. If you are interested in participating send me i) your email, ii) a brief description of your interest, and iii) days/times that work best for you. I will try to select a meeting time to accommodate the most participants. Best, - Mark Mark Gisi | Wind River | Senior Intellectual Property Manager Tel (510) 749-2016 | Fax (510) 749-455
_______________________________________________ Spdx-tech mailing list [email protected] https://lists.spdx.org/mailman/listinfo/spdx-tech
