THE SPDX WIKI IS NO LONGER ACTIVE. ALL CONTENT HAS BEEN MOVED TO https://github.com/spdx

Difference between revisions of "Legal Team/Minutes/2015-09-17"

From SPDX Wiki
Jump to: navigation, search
(Created page with "== Attendees == * Kate Stewart * Sam Ellis * Mary Hardy * Dennis Clark * Mark Gisi * Jilayne Lovejoy == Agenda == 1) Announcements/updates: a) formatting issue with standa...")
 
 
(6 intermediate revisions by 2 users not shown)
Line 9: Line 9:
 
== Agenda ==
 
== Agenda ==
  
1) Announcements/updates:
+
'''1) Announcements/updates:'''
a) formatting issue with standard headers on HTML pages for license list has now been fixed (thanks, Gary!)
+
* a) formatting issue with standard headers on HTML pages for license list has now been fixed (thanks, Gary!)
b) LinuxCon Europe is in a few weeks: talks related to SPDX by Jilayne http://sched.co/3xVB  and Phil Odence and Dave Marr - http://sched.co/4GGz
+
* b) LinuxCon Europe is in a few weeks:  
Also, there will be a Supply Chain Mini-Summit on the Thursday, see more info here: http://events.linuxfoundation.org/events/linuxcon-europe/extend-the-experience/supply-chain-summit
+
** talks related to SPDX by Jilayne http://sched.co/3xVB  and Phil Odence and Dave Marr - http://sched.co/4GGz
Supply Chain Mini-Summit - anyone going? Jilayne, Kate
+
** there will be a Supply Chain Mini-Summit on the Thursday, see more info here: http://events.linuxfoundation.org/events/linuxcon-europe/extend-the-experience/supply-chain-summit - anyone going? Jilayne, Kate
 
- participating via phone or conference might be hard, but Kate will look into getting a phone in the room. considering it is challenging to follow along remotely.  Otherwise, we’ll take notes.
 
- participating via phone or conference might be hard, but Kate will look into getting a phone in the room. considering it is challenging to follow along remotely.  Otherwise, we’ll take notes.
c) Working on proposal for pull request process for license list templates (and possibly other aspects of changes to license list) - will submit a full proposal to legal team when something more concrete is ready (see http://wiki.spdx.org/view/Legal_Team/Minutes/2015-08-06 for initial discussion/reference)
+
* c) Working on proposal for pull request process for license list templates (and possibly other aspects of changes to license list) - will submit a full proposal to legal team when something more concrete is ready (see http://wiki.spdx.org/view/Legal_Team/Minutes/2015-08-06 for initial discussion/reference)
  
 
+
'''2) SPDX License List v2.2 is scheduled to be released at the end of this month! ''' 
2) SPDX License List v2.2 is scheduled to be released at the end of this month!  
+
* a) Additions to license list. We got some answers back from Fedora on licenses on their list we wanted to add, but couldn’t find text for, etc. Original question/issue and response listed here, with decision from today's call:
a) got some answers back from Fedora on licenses on their list we wanted to add, but couldn’t find text for, etc. Can we add:
+
** Interbase Public License / Interbase - http://www.borland.com/devsupport/interbase/opensource/IPL.html - link broken, can’t find license. Does Fedora have it archived somewhere? Is this still used / do we need to add to SPDX-LL? FEDORA: Here is an archived copy: https://web.archive.org/web/20060319014854/http://info.borland.com/devsupport/interbase/opensource/IPL.html Firebird is still under this license, still used in Fedora.
 
+
*** DECISION: to add. no markup needed.
i)  Interbase Public License / Interbase - http://www.borland.com/devsupport/interbase/opensource/IPL.html - link broken, can’t find license. Does Fedora have it archived somewhere? Is this still used / do we need to add to SPDX-LL?
+
** Sendmail License / Sendmail /  http://www.sendmail.org/ftp/LICENSE - link from Fedora site does not go to license. We intend to add, but wanted to confirm that we have the correct license that you meant due to broken link - can you confirm that this the correct license here: http://www.sendmail.com/pdfs/open_source/sendmail_license.pdf FEDORA: That is the correct sendmail license. We have updated our link.
ANSWER: Here is an archived copy:
+
*** DECISION: to add. no markup needed.
https://web.archive.org/web/20060319014854/http://info.borland.com/devsupport/interbase/opensource/IPL.html
+
** Crystal Stacker License / Crystal Stacker -  https://fedoraproject.org/wiki/Licensing/CrystalStacker - license on Fedora site does not match license in download. (full explanation was in previous email thread) - please review and see if you agree with the recommendation at the end of the email here http://article.gmane.org/gmane.comp.licenses.spdx.legal/779/match=crystal FEDORA: Updated the Crystal Stacker entry in the Fedora license list to add the missing disclaimer text. License now matches license in download. I do not believe there is a different source license vs binary license here.
Firebird is still under this license, still used in Fedora.
+
*** DECISION: add it as Fedora has it.   
DECISION: to add. no markup needed.
+
 
+
ii) Sendmail License / Sendmail /  http://www.sendmail.org/ftp/LICENSE - link from Fedora site does not go to license. We intend to add, but wanted to confirm that we have the correct license that you meant due to broken link - can you confirm that this the correct license here:
+
http://www.sendmail.com/pdfs/open_source/sendmail_license.pdf 
+
ANSWER: That is the correct sendmail license. We have updated our link.
+
DECISION: to add. no markup needed.
+
 
+
iii) Crystal Stacker License / Crystal Stacker -  https://fedoraproject.org/wiki/Licensing/CrystalStacker - license on
+
Fedora site does not match license in download. (full explanation was in previous email thread) - please review and see if you agree with the
+
recommendation at the end of the email.
+
ANSWER: Updated the Crystal Stacker entry in the Fedora license list to add the missing disclaimer text. License now matches license in download. I do not believe there is a different source license vs binary license here.
+
JL: further explanation re: previous email thread to be provided on call
+
DECISION: add it as Fedora has it.   
+
 
 
b) To continue (pick back up) our momentum for adding license exceptions, please review the 5 license exceptions highlighted in light green here: https://docs.google.com/spreadsheets/d/11AKxLBoN_VXM32OmDTk2hKeYExKzsnPjAVM7rLstQ8s/edit?pli=1#gid=0 for potentially adding to v2.2 
+
* b) To continue (pick back up) our momentum for adding license exceptions, please review the 5 license exceptions highlighted in light green here: https://docs.google.com/spreadsheets/d/11AKxLBoN_VXM32OmDTk2hKeYExKzsnPjAVM7rLstQ8s/edit?pli=1#gid=0 for potentially adding to v2.2 (see spreadsheet for full info, summary here:)
- ADD:
+
** DigiRule-FOSS-exception - ADD
DigiRule-FOSS-exception - ADD
+
** Fawkes exception - ADD
Fawkes exception - ADD
+
** Oracle FOSS exception - there are two-ish.  Sam has info that the one in row 1 is the short form of the long form in row 7 (from Sam’s email in July 2, 2015). need to review further, on hold
Oracle - FOSS exception - there are two-ish.  Sam has info that the one in row 1 is the short form of the long form in row 7 (from Sam’s email in July 2, 2015)
+
** Franz Lisp - don’t add, old and no one has seen it in the wild
Franz Lisp - don’t add, make note to people to review list and if they want to champion something that we didn’t add, then do so
+
** OpenVPN OpenSSL - ADD
— OpenVPN OpenSSL - ADD
+
** Also discussed whether all exceptions on this list should be added.  Many of these were from research done to collect various exceptions and not necessarily requested by anyone.  As such, we have tried to add the most common ones, but people should review list and if they want to champion something that we didn’t add, then please do so.
 
+
c) Also, let’s discuss a couple items related to existing exceptions that we didn’t quite get to for v2.1:
+
* c) Also, let’s discuss a couple items related to existing exceptions that we didn’t quite get to for v2.1:
i) WxWindows - the text in the exception we have versus what is on the OSI site is not the same!! The only differences are: we have "3.1" instead of "3.0" in the first clause; and "your" instead of "the user's" in the second clause. See http://opensource.org/licenses/WXwindows and http://spdx.org/licenses/WxWindows-exception-3.1.html - what we have is consistent with what is here: https://www.wxwidgets.org/about/licence/
+
** WxWindows - the text in the exception we have versus what is on the OSI site is not the same!! The only differences are: we have "3.1" instead of "3.0" in the first clause; and "your" instead of "the user's" in the second clause. See http://opensource.org/licenses/WXwindows and http://spdx.org/licenses/WxWindows-exception-3.1.html - what we have is consistent with what is here: https://www.wxwidgets.org/about/licence/ - should we accommodate this difference somehow?  
·         should we accommodate this difference somehow? If so, due to this already being on the license list, this seems like it should be a priority to resolve for v2.1 release
+
*** DECISION: leave as we have it, since it’s current with the Wx website. let OSI know there is discrepancy and see what they have to say
DECISION: leave as we have it, since it’s current with the Wx website. let OSI know there is discrepancy and see what they have to say
+
** Classpath-exception-2.0 - why do we have 2.0 and the note saying it’s typically used with GPL-2.0? the Fedora example has it being used with all GPL versions and there doesn’t seem to have other versions. worth removing the “2.0” in the short identifier?
 
+
*** DECISION: remove note about “typically used with GPLv2”, leave short identifier as is
ii) Classpath-exception-2.0 - why do we have 2.0 and the note saying it’s typically used with GPL-2.0? the Fedora example has it being used with all GPL versions and there doesn’t seem to have other versions. worth removing the “2.0” in the short identifier?
+
DECISION: remove note about “typically used with GPLv2”, leave short identifier as is
+
 
+
3) License matching templates/markup: 
+
We have a task to add markup to some of the standard headers and have also had input to add/edit markup on existing licenses.  As a result of the latter, it has been raised that perhaps the markup could be improved. Before adding more markup (to standard headers, license text or both), it seemed prudent to start a discussion as to whether the existing markup is effective.  Please ponder the following questions:
+
a) have you used the existing markup for matching purposes?
+
i) if no, why not?
+
ii) if yes, has it been helpful/effective?  Could it be improved, and if so, how? (this will likely involve putting forward a proposal for review)
+
 
+
This is a discussion that will not be completed on Thursday’s call and should extend to other groups. As such, I have copied the Tech team here. We will also raise this discussion at the Supply Chain Mini-Summit in Dublin, Thursday afternoon, Oct 8
+
  
Please also add thoughts (preferably in a new section or with your initials if added to others) here: http://wiki.spdx.org/view/Legal_Team/Templatizing
+
'''3) License matching templates/markup: ''' We have a task to add markup to some of the standard headers and have also had input to add/edit markup on existing licenses.  As a result of the latter, it has been raised that perhaps the markup could be improved. Before adding more markup (to standard headers, license text or both), it seemed prudent to start a discussion as to whether the existing markup is effective.  Please ponder the following questions:
- people who commented via email
+
* a) have you used the existing markup for matching purposes? if no, why not? if yes, has it been helpful/effective?  Could it be improved, and if so, how? (this will likely involve putting forward a proposal for review)
 +
* there were already various emails with feedback to this end, but we did not have time to discuss further on this call.  We will pick this up on the next call and will also raise this discussion at the Supply Chain Mini-Summit in Dublin, Thursday afternoon, Oct 8
 +
** Please also add thoughts (preferably in a new section or with your initials if added to others) here: http://wiki.spdx.org/view/Legal_Team/Templatizing
  
Jilayne needs to use headphones on calls (otherwise there is an annoying echo)
+
'''other notes:'''
 +
* Jilayne needs to use headphones on calls (otherwise there is an annoying echo for everyone else)

Latest revision as of 18:58, 17 October 2015

Attendees

  • Kate Stewart
  • Sam Ellis
  • Mary Hardy
  • Dennis Clark
  • Mark Gisi
  • Jilayne Lovejoy

Agenda

1) Announcements/updates:

- participating via phone or conference might be hard, but Kate will look into getting a phone in the room. considering it is challenging to follow along remotely. Otherwise, we’ll take notes.

  • c) Working on proposal for pull request process for license list templates (and possibly other aspects of changes to license list) - will submit a full proposal to legal team when something more concrete is ready (see http://wiki.spdx.org/view/Legal_Team/Minutes/2015-08-06 for initial discussion/reference)

2) SPDX License List v2.2 is scheduled to be released at the end of this month!  

  • b) To continue (pick back up) our momentum for adding license exceptions, please review the 5 license exceptions highlighted in light green here: https://docs.google.com/spreadsheets/d/11AKxLBoN_VXM32OmDTk2hKeYExKzsnPjAVM7rLstQ8s/edit?pli=1#gid=0 for potentially adding to v2.2 (see spreadsheet for full info, summary here:)
    • DigiRule-FOSS-exception - ADD
    • Fawkes exception - ADD
    • Oracle FOSS exception - there are two-ish. Sam has info that the one in row 1 is the short form of the long form in row 7 (from Sam’s email in July 2, 2015). need to review further, on hold
    • Franz Lisp - don’t add, old and no one has seen it in the wild
    • OpenVPN OpenSSL - ADD
    • Also discussed whether all exceptions on this list should be added. Many of these were from research done to collect various exceptions and not necessarily requested by anyone. As such, we have tried to add the most common ones, but people should review list and if they want to champion something that we didn’t add, then please do so.
  • c) Also, let’s discuss a couple items related to existing exceptions that we didn’t quite get to for v2.1:
    • WxWindows - the text in the exception we have versus what is on the OSI site is not the same!! The only differences are: we have "3.1" instead of "3.0" in the first clause; and "your" instead of "the user's" in the second clause. See http://opensource.org/licenses/WXwindows and http://spdx.org/licenses/WxWindows-exception-3.1.html - what we have is consistent with what is here: https://www.wxwidgets.org/about/licence/ - should we accommodate this difference somehow?
      • DECISION: leave as we have it, since it’s current with the Wx website. let OSI know there is discrepancy and see what they have to say
    • Classpath-exception-2.0 - why do we have 2.0 and the note saying it’s typically used with GPL-2.0? the Fedora example has it being used with all GPL versions and there doesn’t seem to have other versions. worth removing the “2.0” in the short identifier?
      • DECISION: remove note about “typically used with GPLv2”, leave short identifier as is

3) License matching templates/markup:  We have a task to add markup to some of the standard headers and have also had input to add/edit markup on existing licenses.  As a result of the latter, it has been raised that perhaps the markup could be improved. Before adding more markup (to standard headers, license text or both), it seemed prudent to start a discussion as to whether the existing markup is effective.  Please ponder the following questions:

  • a) have you used the existing markup for matching purposes? if no, why not? if yes, has it been helpful/effective?  Could it be improved, and if so, how? (this will likely involve putting forward a proposal for review)
  • there were already various emails with feedback to this end, but we did not have time to discuss further on this call. We will pick this up on the next call and will also raise this discussion at the Supply Chain Mini-Summit in Dublin, Thursday afternoon, Oct 8

other notes:

  • Jilayne needs to use headphones on calls (otherwise there is an annoying echo for everyone else)