THE SPDX WIKI IS NO LONGER ACTIVE. ALL CONTENT HAS BEEN MOVED TO https://github.com/spdx
Legal Team/Minutes/2018-11-29
From SPDX Wiki
Attendees
- Jilayne Lovejoy
- Bradley Kuhn
- Alexios Zavras
- Karen Copenhaver
- Steve Winslow
- Karen Sandler
- Richard Fontana
- Gary O’Neall
- Paul Madick
- Brad Edmondson
Agenda
1) discussion of “license exceptions” description and particular requests for additions - see https://lists.spdx.org/g/Spdx-legal/message/2445 for some background
- discussed Linux kernel enforcement statement - https://github.com/spdx/license-list-XML/issues/655 and GPL Cooperation Commitment - https://github.com/spdx/license-list-XML/issues/714
- By putting kernel enforcement statement on SPDX list helps to shows that it’s out there and enables use via identifier. Acknowledged that enforcement statement is copyright holder-specific, but it's people might do vetting and figure out what files the enforcement statement applies to across the board (where all copyright holders have signed enforcement statement). At this point, there are big chunks of code that could be under license with kernel enforcement statement, so may not be so hard to determine that. As more kernel copyright holders sign-up, this will get easier, so good to have identifier for that eventuality
- question as to if kernel enforcement statement "changes" the license or just about how certain copyright holders enforce the license?
- it’s an additional permission, it uses contractual language; then GPL Cooperation Commitment follows with more explicit language
- problem with "change" is can be interpreted as changing the entire license or changing an aspect (modifying, excepting, augmenting, additional permission) but not changing the over-arching license. Exceptions - as on SPDX License List thus far - are the latter. Description does state that these things are not stand alone licenses.
- Regarding GPL CC: drafted for projects to be used by new projects or existing projects where adoption of commitment can be done for apply as of date
- question as to whether language for corporate and individual versions are similar enough to project version that we can accommodate with matching markup and use one identifier. This needs to be investigated as part of implementation.
- Richard to help provide diff; Alexios to help with SPDX markup potential, so all can then review/discuss
- question as to whether language for corporate and individual versions are similar enough to project version that we can accommodate with matching markup and use one identifier. This needs to be investigated as part of implementation.
discussion of “additional restrictions” - if something didn’t take a license out of open source definition, then could still include it. “modifiers” are things that could have legal impact on licenses
does kernel enforcement statement change the license?
- variants for the Google patent grant - https://github.com/spdx/license-list-XML/issues/646
- is this really an additional exception or a license itself