THE SPDX WIKI IS NO LONGER ACTIVE. ALL CONTENT HAS BEEN MOVED TO https://github.com/spdx

Difference between revisions of "Legal Team/Current Projects and Issues"

From SPDX Wiki
Jump to: navigation, search
Line 1: Line 1:
<p><strong>Current issues/topics (this is a general list and may not touch upon everything).</strong></p><p>LAST UPDATED: 7 Jan 2013</p><p><strong>1) License List</strong> <br />A) Licenses to add? <em>(GROUP)</em></p><ol><li>"old" MIT? see http://blog.gmane.org/gmane.comp.licenses.spdx.legal/day=20121201</li><li>FLORA License - decided not to add at this point in time, pending guidelines mentioned in #3 below. see http://blog.gmane.org/gmane.comp.licenses.spdx.legal/month=20121101 for most recent thread on the topic</li><li>Unlicense - see thread here: http://search.gmane.org/?query=unlicense&amp;group=gmane.comp.licenses.spdx.legal</li><li>add US Gov't works - add short identifier to list; see email from David Wheeler</li><li>add in Notes field for all GNU licenses that short identifier "GPL-2.0" = GPL v2 only and vice versa - more discussion on this?</li></ol><p>B) OSI outstanding issues: <em>(Jilayne)</em></p><ol><li>Artistic license issue</li><li>futher clarification on a few previous issues (were APSL-1.0, APSL-1.1, and GPL-2.0 ever approved?)</li><li>zlib/ libpng license clarification</li><li>Jabber Open Source License v1.0 -</li><li>Jabber Open Source License v1.0 – decided to add and in doing so noticed the archived text here (http://archive.jabber.org/core/JOSL.pdf)&nbsp;is not the same as the OSI has on their site (it was OSI approved). &nbsp;What do we do about this? (see attached .doc file for comparison.&nbsp;text says "draft" at bottom... decided because it's an&nbsp;old license to hold off and not add to list yet - and resolve with OSI (with goal of having on list b/c it was OSI approved and we endeavored to have all OSI licenses on SPDX list, even if old). license text also can be found at:&nbsp;http://code.google.com/p/jabber-net/wiki/FAQ_License</li></ol><p>C) GPL exceptions: <em>(ASSIGN)</em> <br />We don't have them all, there is also the issue of inconsistencies "in the wild" among named exceptions and actual text (i.e. not all exceptions found called Foo exception have the exact same text; how do we deal with this? <br />someone needs to take this on as a project...</p><p>D) Better system for saving/updating SPDX License List <em>(Jilayne to coordinate with Gary)</em> <br />Currently the SPDX-LL is kept and updated by Jilayne. This is not an optimal system (hit by a bus factor not accounted for). Need to change to some kind of respository that tracks changes and can be viewed by all (But not edited by all).</p><p><strong>2) Community outreach and list coordination</strong></p><ol><li>FSF license list match-up; found here:&nbsp;http://www.gnu.org/licenses/license-list.html -- licenses that need to be added? -- in progress DONE?</li><li>Fedora license list -- Jilayne has begun discussion with Tom Calloway, needs follow-up - <em>(ASSIGN)</em></li><li>Fossology - coordinate with Bob Gobeille, see http://www.fossology.org/projects/fossology/wiki/MatchSPDXLicenceIDs - ASSIGN</li><li>Gentoo - <em>(ASSIGN)</em></li><li>Suse list found here: https://docs.google.com/spreadsheet/pub?key=0AqPp4y2wyQsbdGQ1V3pRRDg5NEpGVWpubzdRZ0tjUWc (courtesy of Ciaran Farrell from 6/27/12 email list thread) - <em>(ASSIGN)</em></li><li>add page to wiki that outlines progress to this end and other lists we have or have yet to coordinate with - ASSIGN</li></ol><p><strong>3) General guidelines for what licenses are included on the SPDX License List <em>(GROUP)</em></strong> <br />General statement or guidelines needed in regards to the types of license that are to be included on the SPDX-LL; in particular in regards to requests for adding a new license. e.g., only open source licenses? what about freeware licenses? see meeting minutes from 31-Oct and 13-Nov for background and discussion thus far. draft of guidelines began by Tom Vidal <br />see http://spdx.org/wiki/spdx-license-list-guidelines-regarding-addition-or-rejection-licenses-proposed-add for overview of issue and latest revision - To Be Continued with larger group</p><p>A) Also review process for requesting a new license once above is done to see if anything should be updated as we refine the process, etc.&nbsp;http://spdx.org/content/spdx-license-list-process-requesting-new-licenses-be-added</p><p><strong>4) License Match Guidelines <em>(GROUP)</em></strong> <br />not enough people on 6/27 legal call for quorum/to complete; see meeting minute for 6/27 and several prior meetings. &nbsp;Matching guidelines updated as of 6/27, see http://spdx.org/wiki/spdx-license-list-match-guidelines</p><p><strong>5) Website updates <em>(Jilayne)</em></strong></p><ol><li>add page for explaining public domain discussion</li><li>update page re: change of "data license" from PddL to MIT</li><li>other past decisions further explained?</li></ol><p><strong>6) Formatting and "master list" for License List (i.e. actual license text files)</strong> <br />Currently the "master" consists of spreadsheet with list + individual .txt files for license text field = downloadable zip file.&nbsp; This is then converted into html pages for website.&nbsp; Peter, Gary, and Jilayne have had initial discussion on this issue; to be discussed further with more fleshed out proposal</p><p>A) PROPOSAL: License text files formatted in HTML instead of .txt files as default; can convert from there into text file with tool if people want that too;&nbsp; Option to use HTML to indicate some of matching rules?</p><p>B) For back-end management of License List overall: proposal to use and GIT repository in background for management &nbsp;- easier tracking of changes and gets it off Jilayne's desktop</p><p><strong>7) Recommendations or guidance on how to best determine license for a particular file</strong> <br />how to identify the license for an open source project - ex. Within the file versus whether there's a copying file on top of the directory ? provide guidance/suggstion (industry practice?) that license in the file is more determinate than the license in the directory</p><p>Should the legal group aggregate industry best practices and come up with a group of guidelines and provide some influence on that?</p>
+
<p>LAST UPDATED: 17 Jan 2013</p>
 +
 
 +
<p><strong>1) License List</strong>
 +
 
 +
<p><strong>1A) Licenses to add? <em>(Kirstin Newcomer to track progress and lead; GROUP to make decisions; may need to delegate research on particular licenses to others - ongoing, check in on this each call)</em></strong></p>
 +
<ol>
 +
    <li>"old" MIT? see http://blog.gmane.org/gmane.comp.licenses.spdx.legal/day=20121201</li>
 +
    <li>FLORA License - decided not to add at this point in time, pending guidelines mentioned in #3 below. see http://blog.gmane.org/gmane.comp.licenses.spdx.legal/month=20121101 for most recent thread on the topic</li>
 +
    <li>Unlicense - see thread here: http://search.gmane.org/?query=unlicense&amp;group=gmane.comp.licenses.spdx.legal</li><li>add US Gov't works - add short identifier to list; see email from David Wheeler</li>
 +
    <li>add in Notes field for all GNU licenses that short identifier "GPL-2.0" = GPL v2 only and vice versa - more discussion on this?</li>
 +
</ol>
 +
 
 +
<p><strong>1B) OSI outstanding issues: <em>(Jilayne - goal to have these resolved by end of June or next rev of SPDX-LL)</em></strong></p>
 +
<ol>
 +
    <li>Artistic license issue</li>
 +
    <li>futher clarification on a few previous issues (were APSL-1.0, APSL-1.1, and GPL-2.0 ever approved?)</li>
 +
    <li>zlib/ libpng license clarification</li>
 +
    <li>Jabber Open Source License v1.0 -</li>
 +
    <li>Jabber Open Source License v1.0 – decided to add and in doing so noticed the archived text here (http://archive.jabber.org/core/JOSL.pdf)&nbsp;is not the same as the OSI has on their site (it was OSI approved). &nbsp;What do we do about this? (see attached .doc file for comparison.&nbsp;text says "draft" at bottom... decided because it's an&nbsp;old license to hold off and not add to list yet - and resolve with OSI (with goal of having on list b/c it was OSI approved and we endeavored to have all OSI licenses on SPDX list, even if old). license text also can be found at:&nbsp;http://code.google.com/p/jabber-net/wiki/FAQ_License</li>
 +
</ol>
 +
 
 +
<p><strong>1C) GPL exceptions: <em>(Tom Vidal - goal to have this reasonably done by end of June)</em> </strong>
 +
    <br />We don't have them all and there are also the issue of inconsistencies "in the wild" among named exceptions and actual text (i.e. not all exceptions found called Foo exception have the exact same text; how do we deal with this?) </p>
 +
 
 +
<p><strong>1D) Better system for saving/updating SPDX License List <em>(Jilayne to coordinate with Gary - goal to have this done by end of February)</em> </strong>
 +
    <br />Currently the SPDX-LL is kept and updated by Jilayne. This is not an optimal system (hit by a bus factor not accounted for). Need to change to some kind of respository that tracks changes and can be viewed by all (But not edited by all).</p>
 +
 
 +
<p><strong>2) Community outreach and list coordination:</strong>Goal of coordinating with various other license lists to make sure SPDX has licenses from these lists and check short name matching (or create "translation" document if different)</p>
 +
 
 +
<p><strong>2A) Fedora license list <em>(Paul Madick - goal for first pass by end of first quarter?? TBD, Paul to report on timing next call)</em></strong><br>will need to check lists for discrepancies, i.e. are there licenses on Fedora list that are not on SPDX-LL and if so, decide to add; also need to create short-name matching matrix due to Fedora using different type of categorization for its short names.  Coordinate and communicate with Tom Calloway throughout.</p>
 +
 
 +
<p><strong>2B) Fossology (<em>ASSIGN)</em></strong>
 +
<br>coordinate with Bob Gobeille, see http://www.fossology.org/projects/fossology/wiki/MatchSPDXLicenceIDs - </p>
 +
 
 +
<p><strong>2C) Gentoo - <em>(ASSIGN)</em></p>
 +
 
 +
<p><strong>2D) Suse <em>(ASSIGN)</em>
 +
<br>list found here: https://docs.google.com/spreadsheet/pub?key=0AqPp4y2wyQsbdGQ1V3pRRDg5NEpGVWpubzdRZ0tjUWc (courtesy of Ciaran Farrell from 6/27/12 email list thread) </p>
 +
 
 +
<p><strong>2E) FSF license list match-up from&nbsp;http://www.gnu.org/licenses/license-list.html. completed for v1.17. any outstanding license questions were added to #1(A)</p>
 +
 
 +
<p><strong>3) General guidelines for what licenses are included on the SPDX License List <em>(Tom Vidal - conclude by end of March)</em></strong>
 +
<br />General statement or guidelines needed in regards to the types of license that are to be included on the SPDX-LL; in particular in regards to requests fo
 +
r adding a new license. e.g., only open source licenses? what about freeware licenses? see meeting minutes from 31-Oct and 13-Nov for background and discussion thus far. draft of guidelines began by Tom Vidal
 +
<br />see http://spdx.org/wiki/spdx-license-list-guidelines-regarding-addition-or-rejection-licenses-proposed-add for overview of issue and latest revision - To Be Continued with larger group</p>
 +
 
 +
<p><strong>3A) Also review process for requesting a new license</strong> once above is done to see if anything should be updated as we refine the process, etc.&nbsp;http://spdx.org/content/spdx-license-list-process-requesting-new-licenses-be-added</p>
 +
 
 +
<p><strong>4) License Match Guidelines <em>(GROUP - needs an owner and would like to make a priority)</em></strong>
 +
    <br />not enough people on 6/27 legal call for quorum/to complete; see meeting minute for 6/27 and several prior meetings. &nbsp;Matching guidelines updated as of 6/27, see http://spdx.org/wiki/spdx-license-list-match-guidelines</p>
 +
 
 +
<p><strong>5) Website updates <em>(Jilayne - time frame TBD)</em></strong></p>
 +
<ol>
 +
    <li>add page for explaining public domain discussion</li>
 +
    <li>update page re: change of "data license" from PddL to MIT</li>
 +
    <li>add page to wiki that outlines progress regarding varioud license list coordination (OSI, FSF, Fedora, etc.) we have or have yet to coordinate with</li>
 +
    <li>other past decisions further explained?</li>
 +
</ol>
 +
 
 +
<p><strong>6) Formatting and "master list" for License List (i.e. actual license text files) <em>(Phil)</em></strong>
 +
    <br />Currently the "master" consists of spreadsheet with list + individual .txt files for license text field = downloadable zip file.&nbsp; This is then converted into html pages for website.&nbsp; Peter, Gary, and Jilayne have had initial discussion on this issue; to be discussed further with more fleshed out proposal</p>
 +
<p>PROPOSAL: License text files formatted in HTML instead of .txt files as default; can convert from there into text file with tool if people want that too;&nbsp; Option to use HTML to indicate some of matching rules?</p>
 +
 
 +
 
 +
<p><strong>7) Recommendations or guidance on how to best determine license for a particular file</strong> <br />how to identify the license for an open source project - ex. Within the file versus whether there's a copying file on top of the directory ? provide guidance/suggstion (industry practice?) that license in the file is more determinate than the license in the directory</br>Should the legal group aggregate industry best practices and come up with a group of guidelines and provide some influence on that?</p>

Revision as of 17:49, 17 January 2013

LAST UPDATED: 17 Jan 2013

1) License List <p>1A) Licenses to add? (Kirstin Newcomer to track progress and lead; GROUP to make decisions; may need to delegate research on particular licenses to others - ongoing, check in on this each call)

  1. "old" MIT? see http://blog.gmane.org/gmane.comp.licenses.spdx.legal/day=20121201
  2. FLORA License - decided not to add at this point in time, pending guidelines mentioned in #3 below. see http://blog.gmane.org/gmane.comp.licenses.spdx.legal/month=20121101 for most recent thread on the topic
  3. Unlicense - see thread here: http://search.gmane.org/?query=unlicense&group=gmane.comp.licenses.spdx.legal
  4. add US Gov't works - add short identifier to list; see email from David Wheeler
  5. add in Notes field for all GNU licenses that short identifier "GPL-2.0" = GPL v2 only and vice versa - more discussion on this?

1B) OSI outstanding issues: (Jilayne - goal to have these resolved by end of June or next rev of SPDX-LL)

  1. Artistic license issue
  2. futher clarification on a few previous issues (were APSL-1.0, APSL-1.1, and GPL-2.0 ever approved?)
  3. zlib/ libpng license clarification
  4. Jabber Open Source License v1.0 -
  5. Jabber Open Source License v1.0 – decided to add and in doing so noticed the archived text here (http://archive.jabber.org/core/JOSL.pdf) is not the same as the OSI has on their site (it was OSI approved).  What do we do about this? (see attached .doc file for comparison. text says "draft" at bottom... decided because it's an old license to hold off and not add to list yet - and resolve with OSI (with goal of having on list b/c it was OSI approved and we endeavored to have all OSI licenses on SPDX list, even if old). license text also can be found at: http://code.google.com/p/jabber-net/wiki/FAQ_License

1C) GPL exceptions: (Tom Vidal - goal to have this reasonably done by end of June)
We don't have them all and there are also the issue of inconsistencies "in the wild" among named exceptions and actual text (i.e. not all exceptions found called Foo exception have the exact same text; how do we deal with this?)

1D) Better system for saving/updating SPDX License List (Jilayne to coordinate with Gary - goal to have this done by end of February)
Currently the SPDX-LL is kept and updated by Jilayne. This is not an optimal system (hit by a bus factor not accounted for). Need to change to some kind of respository that tracks changes and can be viewed by all (But not edited by all).

2) Community outreach and list coordination:Goal of coordinating with various other license lists to make sure SPDX has licenses from these lists and check short name matching (or create "translation" document if different)

2A) Fedora license list (Paul Madick - goal for first pass by end of first quarter?? TBD, Paul to report on timing next call)
will need to check lists for discrepancies, i.e. are there licenses on Fedora list that are not on SPDX-LL and if so, decide to add; also need to create short-name matching matrix due to Fedora using different type of categorization for its short names. Coordinate and communicate with Tom Calloway throughout.

2B) Fossology (ASSIGN)
coordinate with Bob Gobeille, see http://www.fossology.org/projects/fossology/wiki/MatchSPDXLicenceIDs -

2C) Gentoo - (ASSIGN)</p> <p>2D) Suse (ASSIGN)
list found here: https://docs.google.com/spreadsheet/pub?key=0AqPp4y2wyQsbdGQ1V3pRRDg5NEpGVWpubzdRZ0tjUWc (courtesy of Ciaran Farrell from 6/27/12 email list thread) </p> <p>2E) FSF license list match-up from http://www.gnu.org/licenses/license-list.html. completed for v1.17. any outstanding license questions were added to #1(A)</p> <p>3) General guidelines for what licenses are included on the SPDX License List (Tom Vidal - conclude by end of March)
General statement or guidelines needed in regards to the types of license that are to be included on the SPDX-LL; in particular in regards to requests fo r adding a new license. e.g., only open source licenses? what about freeware licenses? see meeting minutes from 31-Oct and 13-Nov for background and discussion thus far. draft of guidelines began by Tom Vidal
see http://spdx.org/wiki/spdx-license-list-guidelines-regarding-addition-or-rejection-licenses-proposed-add for overview of issue and latest revision - To Be Continued with larger group</p> <p>3A) Also review process for requesting a new license once above is done to see if anything should be updated as we refine the process, etc. http://spdx.org/content/spdx-license-list-process-requesting-new-licenses-be-added</p> <p>4) License Match Guidelines (GROUP - needs an owner and would like to make a priority)
not enough people on 6/27 legal call for quorum/to complete; see meeting minute for 6/27 and several prior meetings.  Matching guidelines updated as of 6/27, see http://spdx.org/wiki/spdx-license-list-match-guidelines</p> <p>5) Website updates (Jilayne - time frame TBD)</p>

  1. add page for explaining public domain discussion
  2. update page re: change of "data license" from PddL to MIT
  3. add page to wiki that outlines progress regarding varioud license list coordination (OSI, FSF, Fedora, etc.) we have or have yet to coordinate with
  4. other past decisions further explained?

<p>6) Formatting and "master list" for License List (i.e. actual license text files) (Phil)

   
Currently the "master" consists of spreadsheet with list + individual .txt files for license text field = downloadable zip file.  This is then converted into html pages for website.  Peter, Gary, and Jilayne have had initial discussion on this issue; to be discussed further with more fleshed out proposal</p>

<p>PROPOSAL: License text files formatted in HTML instead of .txt files as default; can convert from there into text file with tool if people want that too;  Option to use HTML to indicate some of matching rules?</p>


<p>7) Recommendations or guidance on how to best determine license for a particular file
how to identify the license for an open source project - ex. Within the file versus whether there's a copying file on top of the directory ? provide guidance/suggstion (industry practice?) that license in the file is more determinate than the license in the directory</br>Should the legal group aggregate industry best practices and come up with a group of guidelines and provide some influence on that?</p>