THE SPDX WIKI IS NO LONGER ACTIVE. ALL CONTENT HAS BEEN MOVED TO https://github.com/spdx

Legal Team/Current Projects and Issues

From SPDX Wiki
< Legal Team
Revision as of 16:36, 21 September 2012 by Jlovejoy (Talk | contribs)

Jump to: navigation, search

Current issues/topics (this is a general list and may not touch upon everything). <p>LAST UPDATED: Sept 6

1) License List
A) v1.16 posted on 6/20; pending updates for v1.17:

  1. go through issues in issues column
  2. add US Gov't works - add short identifier to list; see email from David Wheeler
  3. proposal to add some kind of short identifier for copyright notice only (and "all rights reserved"?" - Fedora has this, maybe adopt what they use?
  4. add in Notes field for all GNU licenses that short identifier "GPL-2.0" = GPL v2 only and vice versa - more discussion on this?

B) OSI outstanding issues:

  1. Artistic license issue
  2. futher clarification on a few previous issues (were APSL-1.0, APSL-1.1, and GPL-2.0 ever approved?)
  3. zlib/ libpng license clarification

C) GPL exceptions - we don't have them all, list some of the others and variations on text - can someone do some research on this issue? need to hammer through how to deal with them - ASSIGN

D) Community outreach and list coordination

  1. FSF license list match-up; found here: http://www.gnu.org/licenses/license-list.html -- licenses that need to be added? -- in progress
  2. Fedora license list -- Jilayne has begun discussion with Tom Calloway, needs follow-up
  3. Debian
  4. Gentoo
  5. add page to wiki that outlines progress to this end and other lists we have or have yet to coordinate with

E) Non-open source licenses:

  • does the SPDX License List only include open source licenses and if so, how do we define "open source licenses" and where do we draw the line?
  • so far we have avoided adding freeware licenses, but there are some (namely those covering the various Java projects) that are quite often found and may warrant having the license to match to
  • on the other hand, there are many, many nuanced versions of these licenses (e.g. Sun/Oracle Binary Licenses) and they change often, so it may be very difficult to capture all of them (this also intersects with matching issues) - is a partial list good enough, in such a case?
  • --> needs initial discussion with Legal Team, and possibly open up to broader SPDX community for feedback (in particular from users)

2) License Match Guidelines
not enough people on 6/27 legal call for quorum/to complete; see meeting minute for 6/27 and several prior meetings.  Matching guidelines updated as of 6/27, see http://spdx.org/wiki/spdx-license-list-match-guidelines

3) Website updates and refresh
A) New site now live, but many legal pages outdated, need to update (Jilayne has started this process, will need help and feedback)

B) FAQs? needs more work... where is this page? - ASSIGN

4) Formatting and "master list" for License List (i.e. actual license text files)  
Currently the "master" consists of spreadsheet with list + individual .txt files for license text field = downloadable zip file.  This is then converted into html pages for website.  Peter, Gary, and Jilayne have had initial discussion on this issue; to be discussed further with more fleshed out proposal

A) PROPOSAL: License text files formatted in HTML instead of .txt files as default; can convert from there into text file with tool if people want that too;  Option to use HTML to indicate some of matching rules?

B) For back-end management of License List overall: proposal to use and GIT repository in background for management  - easier tracking of changes and gets it off Jilayne's desktop

5) Recommendations or guidance on how to best determine license for a particular file
how to identify the license for an open source project - ex. Within the file versus whether there's a copying file on top of the directory → provide guidance/suggstion (industry practice?) that license in the file is more determinate than the license in the directory

Should the legal group aggregate industry best practices and come up with a group of guidelines and provide some influence on that?