[License-discuss] For Public Comment: The Libre Source License

Thorsten Glaser tg at mirbsd.de
Thu Aug 22 00:08:52 UTC 2019


Howard Chu dixit:

>A standard license clause of this form would also have ended the
>debate over disclosure of zero-day vulnerabilities and other such
>nonsense that plagues today's software world. I.e., you would have a
>clear obligation to inform the software authors of any flaws you
>discover in their code - first, before doing anything else with that
>knowledge.
>
>> What the FSF calls "freedom 0" was very specifically intended to not
>> put obligations on pure software use.  There is no obligation to
>> contribute, only a freedom to contribute (freedoms 2 and 3).
>
>I still believe the FSF erred here. Free software only grows if a
>community contributes back. It may be OK for a large corporation to
>toss software over a wall, but for individual hobbyist programmers
>trying to improve their work and support their users, this "pure use"
>freedom sucks people dry and burns them out.

Licences which require distribution of changes (outside of to whom
the changed work is distributed) are explicitly unacceptable to
Debian, whose DFSG are the “sister” of the OSD used by OSI.

In Debian, there are explicit “tests” one can use to verify the
freeness of a licence from a number of already-seen fallacies.

Two of these which often appear necessary are the Chinese Dissident
test (requirement to publish will endanger them as it makes identi‐
fication possible) and Desert Island test (a person stranded on an
island, no matter whether alone or with other deserted people, but
cut off, must be able to exercise all DFSG-conformant works inside
their limited-connectivity society).

I believe private modifications are not required permission from
the copyright owner, and any licences trying to coerce recipients
into agreement to a forced condition regarding them (by making
the granting of other rights conditional on that) questionable,
no scratch that, inacceptable.


Incidentally works covered by the AGPL are being removed from a
lot of institutions now due to the inability to deploy embargoed
security fixes. This isn’t just a licence issue, but the ability
to operate securely is clearly also relevant. (This was also ob‐
served near Debian.)

Thank you for listening,
//mirabilos
-- 
I believe no one can invent an algorithm. One just happens to hit upon it
when God enlightens him. Or only God invents algorithms, we merely copy them.
If you don't believe in God, just consider God as Nature if you won't deny
existence.		-- Coywolf Qi Hunt



More information about the License-discuss mailing list