[License-discuss] Extending copyleft and out-of-the-box compliance

Florian Weimer fw at deneb.enyo.de
Thu Mar 19 23:04:46 UTC 2020


* Henrik Ingo:

> On Thu, Mar 19, 2020 at 10:22 PM Florian Weimer <fw at deneb.enyo.de> wrote:
>
>> I was a bit surprised to learn that the CAL was accepted, given that
>> its copyleft extensions have the same major problem as the AGPL.
>
> Note that the CAL specifically does not share this problem. It simply
> requires you to provide a copy of the source and user data, but doesn't
> mandate a specific user interface or other mechanism for doing so.

The CAL has the *exact same problem* if it is applied to software that
lacks a built-in mechanism for identifying the relevant sources and
the user data (let alone providing a built-in downloading mechanism).

My problem with these licenses is *not* that the requirements are
particularly onerous (maybe they are in practice, but so is the
notification requirement in the HPND licenses, it seems), but that the
license is so vague in what is actually required.  A typical example
is a library licensed under the AGPL that does not handle anything
network-related.  What are the source code distribution requirements
for a program that happens to have a network-related component?  (This
is where the “GPL for open core” part comes from—any serious
commercial user will pay for different, clearer license terms.)

If these programs had a built-in compliance mechanism, it would at
least become clear what the author intended.

But even if a program licensed under the CAL had all those built-in
facilities, using the software would still not be automatically
compliant, because any user must make arrangements for complying with
the license *after* any use of the software has ended (where any
built-in access mechanisms have stopped working, of course).

Not sure why people keep bringing up the CAL.  I did not mention it.



More information about the License-discuss mailing list