www-legal-discuss mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Niclas Hedhman <nic...@apache.org>
Subject Re: Plans for Apache Licensing Policy
Date Fri, 07 Oct 2005 03:48:55 GMT
On Friday 07 October 2005 03:13, Justin Mason wrote:
> FWIW, it's worth noting that a mailing-list-based workflow for
> contributions isn't standard ASF-wide; we in SpamAssassin take an
> alternative approach, since our "contribution workflow" is Bugzilla-based
> instead -- in other words contributions are submitted as attachments to
> bugs on our bugzilla.

This sounds very good to me.

Another similar approach is to require the contributor to attach a "Terms" 
boilerplate to the issue of contribution;
 "I hereby acknowledge....", "This contribution is made under the following 
terms..." or something along these lines.

That would be of legal "high visibility".

- o - o - o -
For complete classes, initial codebases and such, I find it a bit strange that 
this is discussed in the manner it is.

Assume for a second, ProjectX lives elsewhere and is licensed under ALv2. 
Other ASF projects uses (copies) source code and re-distributes artifacts 
from ProjectX. This is today a fairly common practice. Now, ProjectX "moves" 
to ASF. Suddenly, all kinds of IP clearance is required. To me (downstream 
user) this seems very odd.

This leads me to think that ASF expects the "world at large" should not look 
at whether a project is licensed under ALv2 (or not), but whether the project 
follows a "ASF licensing process". That would also lead to enormous 
restrictions in ASF projects, since we then would need to force "ASF 
licensing process" from dependent projects.

What I am trying to say; Hasn't these issues gotten completely out of hand 

 * Users can today NOT assume that ASF projects are Ok to use (provided my
   legal dept have cleared ALv2), because ASF projects;
    - may redistribute BSD, MIT and other "loosely licensed" materials, where
      author may have patent rights embedded.
    - may have copied/pasted code that does not use the "process", and may
      be "incorrectly" licensed.

 * We are seeing an increased use of new licensing variants both in other
   projects as well as in Standards bodies. We also have an increased number
   of requests in ASF projects wishing to use such material. In some cases, 
   the "solution" is border-case compatible with the principles (AIUI) of ASF.
   E.g. Harmony is targetting Java5 compliance, which is Ok with Sun. Can a
   downstream user, for instance Microsoft, take Harmony, make some
   "adjustments" and call it J++, without getting sued?? I doubt it. Where
   would ASF end up in such case?
   Dims struggles with WS_Security is not as severe, but variants of the same.

I think ASF must re-think its policies and try to cope with today's world. So, 
"don't tell me the problems, give me a solution!"...

 a) ASF sticks to its principles, but would then need to tighten up and
    possibly "close" some projects. And introduce a "ASF licensing process"
    that external projects need to adhere to, for ASF projects to depend on.

 b) ASF divides its projects into "pure" and "contaminated" in some manner.
    Perhaps a couple of labels on each project's home page, indicating "pure 
    process", "subject to 3rd party BSD", "subject to OASIS licensing" and so

 c) ASF allows projects "free roam" to license in any way each project sees
    fit for their purposes, and how to communicate that to their users.

 d) ASF withdraws from the "game", and push the responsibility over to the
    contributors and downstream users. Contributors places their own Copyright
    on each file (further backed by svn logs), and downstream users needs to
    take their word for it.

Messy indeed... And I think we are heading for worse times.


DISCLAIMER: Discussions on this list are informational and educational
only, are not privileged and do not constitute legal advice.
To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
For additional commands, e-mail: legal-discuss-help@apache.org

View raw message