[Bug 1292] New: What is the correct license expression for a project with an additional patent license?

Sun, 14 Jun 2015 20:59:31 -0700 

https://bugs.linuxfoundation.org/show_bug.cgi?id=1292

             Bug #: 1292
           Summary: What is the correct license expression for a project
                    with an additional patent license?
           Product: SPDX
           Version: 2.0
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Spec
        AssignedTo: [email protected]
        ReportedBy: [email protected]
    Classification: Unclassified


Some corporate open source releases are licensed under well-known open-source
licenses with additional patent licenses. Facebook's React, for instance, is
licensed per the terms of BSD-3-Clause with an additional, homegrown patent
grant:

https://github.com/facebook/react#license

https://github.com/facebook/react/blob/master/PATENTS

Assuming that a generic form of the Facebook Additional Grant of Patent Rights
version 2 were designated "FB-Patents-2.0", what license expression would
describe React's licensing situation?

A few candidates:

(BSD-3-Clause OR FB-Patents-2.0)

(BSD-3-Clause AND FB-Patents-2.0)

(BSD-2-Clause WITH FB-Patents-2.0)

The examples given in the spec---choice of licenses; licenses of new and linked
code; standard license with "exception"---don't seem to cover this situation.

To try and generalize the problem: How can one use license expressions to show
that a software product is licensed under two licenses that, when read
together, add up to a single grant of rights of different kinds?

Once can find "standard" or important licenses that address any subset of IP
rights that may be licensed or withheld. Depending on one's view of implied
patent rights under the academic licenses, like MIT, the only way to use SPDX
metadata to audit compliance is by requiring standard licenses that grant all
the required kinds of rights, perhaps Apache-2.0.

Sincerest and continued thanks to the SPDX working groups for much excellent
work.

-- 
Configure bugmail: https://bugs.linuxfoundation.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
_______________________________________________
Spdx-tech mailing list
[email protected]
https://lists.spdx.org/mailman/listinfo/spdx-tech

Reply via email to