THE SPDX WIKI IS NO LONGER ACTIVE. ALL CONTENT HAS BEEN MOVED TO https://github.com/spdx

Legal Team/Current Projects and Issues

From SPDX Wiki
< Legal Team
Revision as of 19:17, 17 January 2014 by Jlovejoy (Talk | contribs)

Jump to: navigation, search

SPDX Legal Team projects for 2014

This page will be updated throughout the year. We will try to not delete items, but mark them as "DONE" to serve as a record of progress over the course of the year.

LAST UPDATED: 17 Jan 2014

Licenses Under Review

This is an on-going task, which is tracked here: http://wiki.spdx.org/view/Legal_Team/License_List/Licenses_Under_Consideration Owner for updating/tracking: Dennis However, this list highlights the immediate or more complex tasks that need to be tackled

Various outstanding issues:

  1. Ruby License issue - Jilayne sent a detailed email to Sam from the Ruby project (also copying the SPDX Legal List and Bob Gobielle of FOSSology) on Jan 4th, with no response as of yet. See: http://article.gmane.org/gmane.comp.licenses.spdx.legal/796/
    1. Next step: Legal Team to come up with definitive naming proposal?
    2. need to resolve immediately and for v1.20 release of License List
  2. add older Do What the F*ck You Want license - short identifier issue

Fedora List

Owner: Zac Under review via Google doc, here: https://docs.google.com/spreadsheet/ccc?key=0AmVnI0dGKEo1dENVVHFNeG5hQjAyYjQ3bm1VVUdjOFE#gid=1 (if you don't have access, just ask)

  1. overriding principle: inclined to add Fedora "good" licenses to SPDX License List, unless very compelling reason not to; and create short-name comparison matrix (to track where short identifiers may not align)
  2. we need to step the pace on this - how?
    1. could we get through "good" list by first week of Feb?

License Matching Guidelines - create license templates

Owner: Jilayne

  1. go through licenses to determine which ones need markup as per License Matching Guidelines and provide information to Daniel so he can create actual template file
    1. discuss any issues or questions to this end on Jan 16 and Feb 6 call as needed
    2. goal to complete by early February and release full set of templates with v1.20 of SPDX License List

Legal Team recruitment

  • how do we get more people involved?
  • who to target and how to reach them?
  • ask for help from LF or via grassroots effort or both? other ideas?

License Expression Review & GPL exceptions

Owner: Mark Gisi & Tom Vidal

  • Review of how SPDX spec deals with expressing various licensing scenarios in totality; e.g. using "and" and "or" for conjunctive and disjunctive license; how short identifiers play into this; revisit "or later" / "only" version issue and license exceptions
  • We don't have all or the GPL exceptions - need to add to SPDX-LL. There are also the issue of inconsistencies "in the wild" among named exceptions and actual text (i.e. not all exceptions found called Foo exception have the exact same text; how do we deal with this?)
  • Mark Gisi to schedule special call for initial discussion

Alignment with other license lists

Coordinate with various other license lists to make sure SPDX has licenses from these lists and check short name matching (or create "translation" document if different) Here are some other lists we may want to look at once Fedora is completed:

FOSSology

owner: TBD assigned

Gentoo

owner: TBD assigned

Suse

owner: TBD assigned

Other "side" projects

Moving SPDX License List to Git repository

  • to work on after release of v1.20
  • Jilayne to coordinate with Gary

OSI outstanding issues

  1. zlib/ libpng license clarification
  2. Jabber Open Source License v1.0 – archived text here (http://archive.jabber.org/core/JOSL.pdf) is not the same as the OSI has on their site (it was OSI approved). What do we do about this? need to resolve with OSI (with goal of having on list b/c it was OSI approved and we endeavored to have all OSI licenses on SPDX list, even if old). license text also can be found at: http://code.google.com/p/jabber-net/wiki/FAQ_License
  3. various OSI approved (but old or deprecated) licenses don't have corresponding link on OSI site; OSI to update and then SPDX to add link to SPDX-LL - check this??

License Ref short identifiers

better way to identify licenses not on SPDX-LL (spec issue) or to reference other external license list that have greater set of licenses than SPDX-LL

Recommendations or guidance on how to best determine license for a particular file

'how to identify the license for an open source project - ex. Within the file versus whether there's a copying file on top of the directory ? provide guidance/suggstion (industry practice?) that license in the file is more determinate than the license in the directoryShould the legal group aggregate industry best practices and come up with a group of guidelines and provide some influence on that?