THE SPDX WIKI IS NO LONGER ACTIVE. ALL CONTENT HAS BEEN MOVED TO https://github.com/spdx
Difference between revisions of "Legal Team/Minutes/2015-09-17"
(→Agenda) |
|||
(2 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
== Attendees == | == Attendees == | ||
− | * | + | * Kate Stewart |
− | * | + | * Sam Ellis |
− | * | + | * Mary Hardy |
− | * | + | * Dennis Clark |
− | * | + | * Mark Gisi |
− | * | + | * Jilayne Lovejoy |
− | + | ||
== Agenda == | == Agenda == | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
+ | '''1) Announcements/updates:''' | ||
+ | * a) formatting issue with standard headers on HTML pages for license list has now been fixed (thanks, Gary!) | ||
+ | * b) LinuxCon Europe is in a few weeks: | ||
+ | ** talks related to SPDX by Jilayne http://sched.co/3xVB and Phil Odence and Dave Marr - http://sched.co/4GGz | ||
+ | ** there will be a Supply Chain Mini-Summit on the Thursday, see more info here: http://events.linuxfoundation.org/events/linuxcon-europe/extend-the-experience/supply-chain-summit - anyone going? Jilayne, Kate | ||
+ | - participating via phone or conference might be hard, but Kate will look into getting a phone in the room. considering it is challenging to follow along remotely. Otherwise, we’ll take notes. | ||
+ | * c) Working on proposal for pull request process for license list templates (and possibly other aspects of changes to license list) - will submit a full proposal to legal team when something more concrete is ready (see http://wiki.spdx.org/view/Legal_Team/Minutes/2015-08-06 for initial discussion/reference) | ||
− | '''2) | + | '''2) SPDX License List v2.2 is scheduled to be released at the end of this month! ''' |
− | * | + | * a) Additions to license list. We got some answers back from Fedora on licenses on their list we wanted to add, but couldn’t find text for, etc. Original question/issue and response listed here, with decision from today's call: |
− | * | + | ** Interbase Public License / Interbase - http://www.borland.com/devsupport/interbase/opensource/IPL.html - link broken, can’t find license. Does Fedora have it archived somewhere? Is this still used / do we need to add to SPDX-LL? FEDORA: Here is an archived copy: https://web.archive.org/web/20060319014854/http://info.borland.com/devsupport/interbase/opensource/IPL.html Firebird is still under this license, still used in Fedora. |
− | * | + | *** DECISION: to add. no markup needed. |
− | ** | + | ** Sendmail License / Sendmail / http://www.sendmail.org/ftp/LICENSE - link from Fedora site does not go to license. We intend to add, but wanted to confirm that we have the correct license that you meant due to broken link - can you confirm that this the correct license here: http://www.sendmail.com/pdfs/open_source/sendmail_license.pdf FEDORA: That is the correct sendmail license. We have updated our link. |
− | ** should we | + | *** DECISION: to add. no markup needed. |
− | + | ** Crystal Stacker License / Crystal Stacker - https://fedoraproject.org/wiki/Licensing/CrystalStacker - license on Fedora site does not match license in download. (full explanation was in previous email thread) - please review and see if you agree with the recommendation at the end of the email here http://article.gmane.org/gmane.comp.licenses.spdx.legal/779/match=crystal FEDORA: Updated the Crystal Stacker entry in the Fedora license list to add the missing disclaimer text. License now matches license in download. I do not believe there is a different source license vs binary license here. | |
− | *** | + | *** DECISION: add it as Fedora has it. |
− | ** | + | |
− | * markup on licenses | + | * b) To continue (pick back up) our momentum for adding license exceptions, please review the 5 license exceptions highlighted in light green here: https://docs.google.com/spreadsheets/d/11AKxLBoN_VXM32OmDTk2hKeYExKzsnPjAVM7rLstQ8s/edit?pli=1#gid=0 for potentially adding to v2.2 (see spreadsheet for full info, summary here:) |
− | + | ** DigiRule-FOSS-exception - ADD | |
− | + | ** Fawkes exception - ADD | |
− | + | ** Oracle FOSS exception - there are two-ish. Sam has info that the one in row 1 is the short form of the long form in row 7 (from Sam’s email in July 2, 2015). need to review further, on hold | |
− | + | ** Franz Lisp - don’t add, old and no one has seen it in the wild | |
+ | ** OpenVPN OpenSSL - ADD | ||
+ | ** Also discussed whether all exceptions on this list should be added. Many of these were from research done to collect various exceptions and not necessarily requested by anyone. As such, we have tried to add the most common ones, but people should review list and if they want to champion something that we didn’t add, then please do so. | ||
+ | |||
+ | * c) Also, let’s discuss a couple items related to existing exceptions that we didn’t quite get to for v2.1: | ||
+ | ** WxWindows - the text in the exception we have versus what is on the OSI site is not the same!! The only differences are: we have "3.1" instead of "3.0" in the first clause; and "your" instead of "the user's" in the second clause. See http://opensource.org/licenses/WXwindows and http://spdx.org/licenses/WxWindows-exception-3.1.html - what we have is consistent with what is here: https://www.wxwidgets.org/about/licence/ - should we accommodate this difference somehow? | ||
+ | *** DECISION: leave as we have it, since it’s current with the Wx website. let OSI know there is discrepancy and see what they have to say | ||
+ | ** Classpath-exception-2.0 - why do we have 2.0 and the note saying it’s typically used with GPL-2.0? the Fedora example has it being used with all GPL versions and there doesn’t seem to have other versions. worth removing the “2.0” in the short identifier? | ||
+ | *** DECISION: remove note about “typically used with GPLv2”, leave short identifier as is | ||
+ | |||
+ | '''3) License matching templates/markup: ''' We have a task to add markup to some of the standard headers and have also had input to add/edit markup on existing licenses. As a result of the latter, it has been raised that perhaps the markup could be improved. Before adding more markup (to standard headers, license text or both), it seemed prudent to start a discussion as to whether the existing markup is effective. Please ponder the following questions: | ||
+ | * a) have you used the existing markup for matching purposes? if no, why not? if yes, has it been helpful/effective? Could it be improved, and if so, how? (this will likely involve putting forward a proposal for review) | ||
+ | * there were already various emails with feedback to this end, but we did not have time to discuss further on this call. We will pick this up on the next call and will also raise this discussion at the Supply Chain Mini-Summit in Dublin, Thursday afternoon, Oct 8 | ||
+ | ** Please also add thoughts (preferably in a new section or with your initials if added to others) here: http://wiki.spdx.org/view/Legal_Team/Templatizing | ||
+ | |||
+ | '''other notes:''' | ||
+ | * Jilayne needs to use headphones on calls (otherwise there is an annoying echo for everyone else) |
Latest revision as of 18:58, 17 October 2015
Attendees
- Kate Stewart
- Sam Ellis
- Mary Hardy
- Dennis Clark
- Mark Gisi
- Jilayne Lovejoy
Agenda
1) Announcements/updates:
- a) formatting issue with standard headers on HTML pages for license list has now been fixed (thanks, Gary!)
- b) LinuxCon Europe is in a few weeks:
- talks related to SPDX by Jilayne http://sched.co/3xVB and Phil Odence and Dave Marr - http://sched.co/4GGz
- there will be a Supply Chain Mini-Summit on the Thursday, see more info here: http://events.linuxfoundation.org/events/linuxcon-europe/extend-the-experience/supply-chain-summit - anyone going? Jilayne, Kate
- participating via phone or conference might be hard, but Kate will look into getting a phone in the room. considering it is challenging to follow along remotely. Otherwise, we’ll take notes.
- c) Working on proposal for pull request process for license list templates (and possibly other aspects of changes to license list) - will submit a full proposal to legal team when something more concrete is ready (see http://wiki.spdx.org/view/Legal_Team/Minutes/2015-08-06 for initial discussion/reference)
2) SPDX License List v2.2 is scheduled to be released at the end of this month!
- a) Additions to license list. We got some answers back from Fedora on licenses on their list we wanted to add, but couldn’t find text for, etc. Original question/issue and response listed here, with decision from today's call:
- Interbase Public License / Interbase - http://www.borland.com/devsupport/interbase/opensource/IPL.html - link broken, can’t find license. Does Fedora have it archived somewhere? Is this still used / do we need to add to SPDX-LL? FEDORA: Here is an archived copy: https://web.archive.org/web/20060319014854/http://info.borland.com/devsupport/interbase/opensource/IPL.html Firebird is still under this license, still used in Fedora.
- DECISION: to add. no markup needed.
- Sendmail License / Sendmail / http://www.sendmail.org/ftp/LICENSE - link from Fedora site does not go to license. We intend to add, but wanted to confirm that we have the correct license that you meant due to broken link - can you confirm that this the correct license here: http://www.sendmail.com/pdfs/open_source/sendmail_license.pdf FEDORA: That is the correct sendmail license. We have updated our link.
- DECISION: to add. no markup needed.
- Crystal Stacker License / Crystal Stacker - https://fedoraproject.org/wiki/Licensing/CrystalStacker - license on Fedora site does not match license in download. (full explanation was in previous email thread) - please review and see if you agree with the recommendation at the end of the email here http://article.gmane.org/gmane.comp.licenses.spdx.legal/779/match=crystal FEDORA: Updated the Crystal Stacker entry in the Fedora license list to add the missing disclaimer text. License now matches license in download. I do not believe there is a different source license vs binary license here.
- DECISION: add it as Fedora has it.
- Interbase Public License / Interbase - http://www.borland.com/devsupport/interbase/opensource/IPL.html - link broken, can’t find license. Does Fedora have it archived somewhere? Is this still used / do we need to add to SPDX-LL? FEDORA: Here is an archived copy: https://web.archive.org/web/20060319014854/http://info.borland.com/devsupport/interbase/opensource/IPL.html Firebird is still under this license, still used in Fedora.
- b) To continue (pick back up) our momentum for adding license exceptions, please review the 5 license exceptions highlighted in light green here: https://docs.google.com/spreadsheets/d/11AKxLBoN_VXM32OmDTk2hKeYExKzsnPjAVM7rLstQ8s/edit?pli=1#gid=0 for potentially adding to v2.2 (see spreadsheet for full info, summary here:)
- DigiRule-FOSS-exception - ADD
- Fawkes exception - ADD
- Oracle FOSS exception - there are two-ish. Sam has info that the one in row 1 is the short form of the long form in row 7 (from Sam’s email in July 2, 2015). need to review further, on hold
- Franz Lisp - don’t add, old and no one has seen it in the wild
- OpenVPN OpenSSL - ADD
- Also discussed whether all exceptions on this list should be added. Many of these were from research done to collect various exceptions and not necessarily requested by anyone. As such, we have tried to add the most common ones, but people should review list and if they want to champion something that we didn’t add, then please do so.
- c) Also, let’s discuss a couple items related to existing exceptions that we didn’t quite get to for v2.1:
- WxWindows - the text in the exception we have versus what is on the OSI site is not the same!! The only differences are: we have "3.1" instead of "3.0" in the first clause; and "your" instead of "the user's" in the second clause. See http://opensource.org/licenses/WXwindows and http://spdx.org/licenses/WxWindows-exception-3.1.html - what we have is consistent with what is here: https://www.wxwidgets.org/about/licence/ - should we accommodate this difference somehow?
- DECISION: leave as we have it, since it’s current with the Wx website. let OSI know there is discrepancy and see what they have to say
- Classpath-exception-2.0 - why do we have 2.0 and the note saying it’s typically used with GPL-2.0? the Fedora example has it being used with all GPL versions and there doesn’t seem to have other versions. worth removing the “2.0” in the short identifier?
- DECISION: remove note about “typically used with GPLv2”, leave short identifier as is
- WxWindows - the text in the exception we have versus what is on the OSI site is not the same!! The only differences are: we have "3.1" instead of "3.0" in the first clause; and "your" instead of "the user's" in the second clause. See http://opensource.org/licenses/WXwindows and http://spdx.org/licenses/WxWindows-exception-3.1.html - what we have is consistent with what is here: https://www.wxwidgets.org/about/licence/ - should we accommodate this difference somehow?
3) License matching templates/markup: We have a task to add markup to some of the standard headers and have also had input to add/edit markup on existing licenses. As a result of the latter, it has been raised that perhaps the markup could be improved. Before adding more markup (to standard headers, license text or both), it seemed prudent to start a discussion as to whether the existing markup is effective. Please ponder the following questions:
- a) have you used the existing markup for matching purposes? if no, why not? if yes, has it been helpful/effective? Could it be improved, and if so, how? (this will likely involve putting forward a proposal for review)
- there were already various emails with feedback to this end, but we did not have time to discuss further on this call. We will pick this up on the next call and will also raise this discussion at the Supply Chain Mini-Summit in Dublin, Thursday afternoon, Oct 8
- Please also add thoughts (preferably in a new section or with your initials if added to others) here: http://wiki.spdx.org/view/Legal_Team/Templatizing
other notes:
- Jilayne needs to use headphones on calls (otherwise there is an annoying echo for everyone else)