[License-discuss] [License-review] CC withdrawl of CC0 from OSI process

Lawrence Rosen lrosen at rosenlaw.com
Fri Mar 2 19:45:16 UTC 2012


Mike Milinkovich wrote:
> I don't disagree with this, but I feel obliged to point out that "
> truly independent open source softare developers" sometimes make available
> combinations of code which violate license terms. And their work is
> then included in the work of others. Given the ease with which open source
> code can be transmitted and re-combined in today's world, the failure of
one
> is quickly amplified by many. This leaves consumers - whether they be
> corporations or downstream OSS organizations - in the position of
> identifying and addressing their errors.
>
> I am not suggesting that there is a solution to this. I just wanted to
> make it clear that it is a big problem, not a small one. Unfortunately, 
> I've never seen an attempt to collectively share the results of due
> diligence work, so the effort is wastefully replicated by each and every
> consumer.

I agree with you about the problem. I have repeatedly suggested that Apache
do code scans on its distributed software so that every downstream customer
doesn't have to do it. But we have neither the interest nor the money to
deal with hypothetical problems in a volunteer environment. We exercise
diligence, but it is rather ad hoc.

How does Eclipse help solve the problem for its software? 

/Larry


> -----Original Message-----
> From: license-discuss-bounces at opensource.org [mailto:license-discuss-
> bounces at opensource.org] On Behalf Of Mike Milinkovich
> Sent: Friday, March 02, 2012 11:24 AM
> To: license-discuss at opensource.org
> Subject: Re: [License-discuss] [License-review] CC withdrawl of CC0
> from OSI process
> 
> > -----Original Message-----
> > A truly independent open source software developer probably has
> nothing
> > to fear other than personal embarrassment. It is the larger
> companies,
> > including acquirers or consolidators of open source software and the
> > corporate users of that software, who need to undertake due
> diligence. For
> > them, reading and understanding open source licenses isn't rocket
> science;
> it
> > is merely a cost of doing software business. These companies already
> pay
> for
> > lawyers to advise them, as they should. :-)
> 
> Larry,
> 
> I don't disagree with this, but I feel obliged to point out that "
> truly
> independent open source softare developers" sometimes make available
> combinations of code which violate license terms. And their work is
> then
> included in the work of others. Given the ease with which open source
> code
> can be transmitted and re-combined in today's world, the failure of one
> is
> quickly amplified by many. This leaves consumers - whether they be
> corporations or downstream OSS organizations - in the position of
> identifying and addressing their errors.
> 
> I am not suggesting that there is a solution to this. I just wanted to
> make
> it clear that it is a big problem, not a small one. Unfortunately, I've
> never seen an attempt to collectively share the results of due
> diligence
> work, so the effort is wastefully replicated by each and every
> consumer.
> 
> 
> 
> 
> _______________________________________________
> License-discuss mailing list
> License-discuss at opensource.org
> http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss





More information about the License-discuss mailing list