[License-discuss] Rejected license list [was Re: TrueCrypt license (not OSI-approved; seeking history, context).]

Luis Villa luis at lu.is
Mon Oct 14 23:35:20 UTC 2013


On Mon, Oct 14, 2013 at 4:06 PM, Karl Fogel <kfogel at opensource.org> wrote:

> On Mon, Oct 14, 2013 at 5:32 PM, Luis Villa <luis at lu.is> wrote:
> > Might be a good idea to finally start the list of non-open licenses
> someone
> > suggested a few months ago ;)
>
> Oh, that is *such* a good idea.
>
> This is the "list of licenses that people often mistake for being open
> source, or whose authors claim are open source, but are actually not
> or at least have not been evaluated by the OSI", right?
>

Slightly more broad than that: a list of licenses that we have rejected,
including the rationales for rejection. Your list would presumably be a
subset, as some licenses might have been submitted and rejected without a
later, false claim to being open source.

Luis


> -K
>
> > On Oct 14, 2013 2:28 PM, "Tom Callaway" <tcallawa at redhat.com> wrote:
> >>
> >> On 10/14/2013 09:32 PM, Karl Fogel wrote:
> >> > Obviously, I'd like to see TrueCrypt be truly open source.  The ideal
> >> > solution is not to have them remove the words "open source" from their
> >> > self-description, but rather for their software to be under an
> >> > OSI-approved open source license
> >>
> >> I have not looked at the TrueCrypt license (in depth) in quite some
> >> time, but when Fedora and Red Hat reviewed it in 2008, not only was it
> >> non-free, it was actually dangerous.
> >>
> >> (from 2008):
> >>
> >>
> http://lists.freedesktop.org/archives/distributions/2008-October/000273.html
> >>
> >>
> http://lists.freedesktop.org/archives/distributions/2008-October/000276.html
> >>
> >> They appear to have reworded some concerning parts of that license,
> >> however, when we pointed out these concerns to them directly in 2008,
> >> their response was to forcefully (and rather rudely) reply that the
> >> problems caused by their license wording were not problems, but
> >> intentional. That alone gave us serious concern as to the intentions of
> >> the upstream, especially given the nature of the software under that
> >> license.
> >>
> >> Notable is that Section VI.3 appears to be the same in the TrueCrypt
> >> license as it was in 2008. It is arguably necessary for any Free or Open
> >> Source license to waive some "intellectual property rights" in order to
> >> share those rights (which default to being exclusive to the copyright
> >> holder) with others. This section was noted to the TrueCrypt upstream
> >> (in 2008) as potentially conflicting with the rest of the license, and
> >> again, they pointed out that they were aware of the potential conflict
> >> and that it was _intentional_.
> >>
> >> In short, we were forced to conclude the license was worded the way that
> >> it was (with clever wording traps) as a sort of sham license.
> >>
> >> For what it is worth, I'm not sure the OSI should voluntarily spend any
> >> time or effort on the TrueCrypt license unless the TrueCrypt copyright
> >> holder brings it forward themselves with a willingness to address these
> >> issues in a serious and reasonable fashion.
> >>
> >> The fact that there are other FOSS implementations for TrueCrypt (most
> >> notably tc-play (https://github.com/bwalex/tc-play) minimizes the need
> >> to resolve these issues with the upstream, which is why Fedora stopped
> >> attempting to do so quite some years ago.
> >>
> >> ~tom
> >>
> >> ==
> >> Fedora Project
> >> _______________________________________________
> >> License-discuss mailing list
> >> License-discuss at opensource.org
> >> http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensource.org/pipermail/license-discuss_lists.opensource.org/attachments/20131014/9940b0c0/attachment.html>


More information about the License-discuss mailing list