[License-discuss] Discussion: AGPL and Open Source Definition conflict

Howard Chu hyc at openldap.org
Wed Aug 14 18:45:42 UTC 2019 

Bruce Perens via License-discuss wrote:
> OpenLDAP does not provide an interactive user interface, so that provision of AGPL does not apply to it. It provides an interface meant to  work only with
> programs,  rather than a human being. In contrast, the first generation of internet servers where intended to respond to connection from the telnet program, and
> provide a human readable help message.
> 
> If you want to err on the side of caution, a message which is visible by sniffing the network connection would fulfill the responsibility. If your server is
> incapable of providing such a message, I would submit that this is an error in the protocol design. In the case of LDAP, such messages should have been
> tolerated during the connect stage. In contrast, connecting to an HTTP server allows all sorts of verbiage to pass by in a form guaranteed to be ignored by the
> software.

I think, along with DNS, the protocol was designed for efficiency. Given the volume of
requests that such servers are expected to handle, adding extraneous messages would more
than double their bandwidth requirements and kill their responsiveness.

At any rate, it was up till now ambiguous what constitutes a remote user, but I'm fine
with the interpretation that this requirement only affects servers with human-readable
network interfaces.
> 
> Thanks
> 
> Bruce
> 
> On Wed, Aug 14, 2019, 6:27 AM Howard Chu <hyc at openldap.org <mailto:hyc at openldap.org>> wrote:
> 
>     Clause #10 of the definition https://opensource.org/docs/osd
> 
>     10. License Must Be Technology-Neutral
> 
>     No provision of the license may be predicated on any individual technology or style of interface.
> 
>     I note that the Affero GPL https://www.gnu.org/licenses/agpl-3.0.en.html clause #13
> 
>     13. Remote Network Interaction; Use with the GNU General Public License.
> 
>     Notwithstanding any other provision of this License, if you modify the Program, your modified version must prominently offer all users interacting with it
>     remotely through a computer network (if your version supports such interaction) an opportunity to receive the Corresponding Source of your version by providing
>     access to the Corresponding Source from a network server at no charge, through some standard or customary means of facilitating copying of software.
> 
>     violates the OSD clause #10. This issue arose specifically in the case of OpenLDAP when
>     Oracle relicensed BerkeleyDB 6.x using AGPL. There is no available mechanism in the LDAP
>     Protocol to allow us to comply with clause #13 of the AGPL. I believe the same is true of
>     many common internet protocols such as SMTP, FTP, POP, IMAP, etc., which thus now precludes
>     servers for these protocols from using BerkeleyDB. It appears to me that AGPL is plainly
>     incompatible with the OSD and should not be an OSI approved license.
> 
>     This is no longer a pressing issue for us since we have subsequently abandoned BerkeleyDB
>     in favor of LMDB. But I thought I should point it out since it may affect other projects.



-- 
  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/

More information about the License-discuss mailing list