NOTE: Please publicize any license changes to your packages
Ralf Corsepius
rc040203 at freenet.de
Sun Jul 22 06:58:19 UTC 2007
On Sat, 2007-07-21 at 10:58 -0700, Toshio Kuratomi wrote:
> On 7/21/07, Ralf Corsepius <rc040203 at freenet.de> wrote:
> > On Sat, 2007-07-21 at 04:37 -0500, Rex Dieter wrote:
> > > Ralf Corsepius wrote:
> > >
> > > > On Fri, 2007-07-20 at 22:32 -0800, Jeff Spaleta wrote:
> > > >> On 7/20/07, Ralf Corsepius <rc040203 at freenet.de> wrote:
> > > >> > So, the new FESCo is going to act as the "Fedora License Police"
> > > >>
> > > >> Always so negative.
> > > >
> > > > Well, why should I change my opinion on something which had been
> > > > repeatedly discussed to death (E.g. on FPC meetings) and which I
> > > > consider to be "silly and naive"?
> > >
> > > And that was before GPLv3 was released, mind you...
> > A fact which doesn't matter at all
> >
> >
> > 1. Actually, the GPL case is a comparatively simple case, because it's
> > widely used.
> >
> > The situations rendering such "license tagging" absurd are the "not so
> > far spread" and "exotic" licenses, which
> > * FESCO will never be able to handle due to lack of legal knowledge.
> > * RPM's license-tag will not be able to handle without a "license tag"
> > registry/Fedora license tag administration office.
> >
> > 2. Package maintainers are supposed to check their packages for license
> > compatibility. Otherwise Fedora will need a "licensing police".
> >
> > 3. We did cover GPLv3 in our discussions on FPC meetings.
>
> I tend to agree that the problem is going to lie in the more exotic
> licenses. I think it would be *relatively* easy to mandate specifying
> GPLv2, GPLv2+, GPLv3, GPLv3+, LGPLv2, LGPLv2+, LGPLv3, LGPLv3+, (And
> is there an LGPLv2.1 as well?).
... and these are by far not all variants of the [L]GPLv2 ;)
Consider e.g. the "GPLv2 w/ <some exceptions>" and the "dual licensed
cases".
Also consider the impact on backporting patches against GPLv3'd versions
of a package to their GPLv2(+) predecessors.
E.g. the GCC project currently is discussing the legal impact of
back-porting upstream (==GPLv3) changes to older releases (e.g. gcc-4.2)
and/or vendor forks/branches (such as Apple's GCC or RH's).
Also, though the FSF has a GPL* compatibility matrix, they don't provide
much help for other licenses' compatibility. I.e. at least I consider
the implications of GPLv3'd run-time packages on packages being licensed
differently to be widely unclear at this point in time.
To put it differently: To which extend is the old "GPL* vs. free-license
compatibility list" still valid?
> (License proliferation, anyone?) But
> going further in the License tag is going to be descending into
> madness.
That's what I wanted to express - There lies madness and insanity inside
of the license tagging.
> I'll wait for spot's proposal before jumping the gun on what
> I believe to be practical.
IMO, it needs to be a copyright-specialized lawyer to be able to clarify
the situation. Neither the FPC, FAB nor FESCo are able to handle such
situations.
> I have a question that I would like answered before the Packaging
> Meeting that will help clarify some things for me: Who is the target
> audience of this information? The FPC decided not to establish
> guidelines WRT License tags (other than being accurate) before because
> the target audience was end-users and we decided that end users should
> never take the license tag as authoritative. If the target audience
> is internal developers, then the tag remains a hint.
IMO, the rpm license tag is both: informative to end-users and a hint to
developers. Active developers will have to carefully check a package
"they use" or "derive their works from" in any case.
Ralf
More information about the fedora-devel-list
mailing list