[License-discuss] Discussion: AGPL and Open Source Definition conflict

Howard Chu hyc at openldap.org
Wed Aug 14 17:41:29 UTC 2019

Richard Fontana wrote:
> The precise question here seems to be whether the server operator can
> be said to be "prominently offer[ing]" the opportunity to receive the
> source code in this sort of case (the hypothetical where existing LDAP
> clients cannot recognize the extension). To the extent that's an OSD
> 10 issue, I guess it would be because in the context of particular
> technology standards, it may be impossible to "prominently offer" in
> any meaningful sense. But that goes back to the issue of whether
> "technology" in OSD 10 includes any specifically defined technology
> standard.

Expanding on this - I know of no technology standard that allows a low level
client library to prominently display anything to an end user, particularly
if that library is buried under multiple layers of other libraries. E.g.,
while LDAP software is commonly used for end-user authentication, it is seldom
used directly - it is most often used under PAM/NSS or SASL or any of a variety
of other intermediate security/authentication APIs. None of which provide any
particular mechanism to route low-level informational messages to the end user.

But imagine that such a mechanism existed. Then every time a system contacted
the LDAP server for authentication information, this "prominent offer" would
be transmitted over the network and displayed on the user's screen. This
would be happening not only every time the user logged in, but also every time
they even listed the files in a directory, or listed the active users on the
machine or any of a variety of routine system operations. Because every time
the OS wanted to map a list of numeric userIDs to textual user names could
be invoking a new LDAP session.

There's also ambiguity in the notion of remote user. The LDAP server might
be being contacted through a proxy/caching process (such as nscd, sssd, nssov, etc.)
in which case the entity that connects to the server is a machine account,
and far removed from any actual end users.

  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/

More information about the License-discuss mailing list