For Approval: TrueCrypt Collective License Version 2.0

[Matthew Seth Flaschen]

> 2) We need the license to reflect the fact that the covered software is 
> cryptographic. We have a special part in the Disclaimer section 
> pertaining to cryptographic algorithms and their implementations. 
> 
> 3) We need to take into an account that the whole product is 
> distributed under multiple licenses. The TrueCrypt Collective License 
> includes all these licenses and refers to them as "component" licenses 
> and defines the relationships between all the individual licenses. It 
> is important to note that the component licenses do not permit changes 
> of the license terms for the work (or portions thereof) they cover. 
> Therefore they must be retained verbatim (and cannot be replaced by an 
> existing OSI-approved license). For the purpose of the approval 
> process, the component licenses shall not be considered as separate 
> licenses, but as integral parts of the TrueCrypt Collective License.

All of these licenses should be submitted separately, to allow their 
separate use.  You should also templatitize the license; this means 
replacing TrueCrypt and other terms specific to your company with 
generic terms like Product and Licensor; the copyright notice would 
clarify the owner of each specific piece of software.  This allows other 
companies to use the license.

> We will gladly work with you to resolve any possible problems with this 
> license.

You don't really need a TrueCrypt advert ("Based on TrueCrypt, freely 
available at http://www.truecrypt.org/"); you will already have a 
copyright notice.  Required adverts for each program your product is 
based on can become overwhelming.

There are probably other issues with the license.

Matthew Flaschen