[License-review] March 2019 Summary

Lukas Atkinson opensource at lukasatkinson.de
Mon Apr 1 11:49:45 UTC 2019 

In March, the License-Review mailing list saw the retraction of the SSPL
from review, and discussed a set of GPLv3 Additional Terms.

This summary can also be read online at
https://opensource.org/LicenseReview032019

The License-Discuss list (summarized at
https://opensource.org/LicenseDiscuss032019) was far more active. Among
other things, it discussed Van Lindberg’s upcoming Cryptographic Autonomy
License, and saw extensive discussion about the license review process:
whether the conduct of the list is appropriate, whether there might be
alternatives to using email, and whether PEP-style summaries would help.

*License Committee Report*

Richard Fontana provides the license committee report:

   -

   CFSL v1.4: The review period is over. Fontana explains why he thinks the
   license should be rejected. The OSI board subsequently rejected the license.
   -

   SSPL v2: MongoDB withdrew the license from review.
   -

   Twente License: A decision is due 2019-04-05.

*Server Side Public License, Version 2*

Eliot Horowitz announces that MongoDB retracts the SSPL from the OSI
approval process, citing a lack of community support as a reason.

Josh Berkus is disappointed in the withdrawal: “this license poses
interesting questions about how copyleft can be extended (or not) and how
the OSD’s clauses about software packaging need to change in a SaaS world.”
Berkus thinks the contents of the license were not appropriately
considered, and that too many responses were ad-hominem attacks.

This leads to extensive discussion of the License-Review process (see the
License-Discuss summary).

*GPL 3+ with Whonix Additional Terms*

Patrick Schleizer submits a set of Additional Terms for the GPLv3 for
review. These terms try to improve the limitation and disclaimer of
warranty in the GPL by incorporating language from the doom3 and micropolis
licenses.

This submission raises two governance questions:

   - Should the OSI review Additional Terms for the GPL? This is discussed
   in a separate section below.
   - Does it make sense for the OSI to review licenses that were not first
   reviewed by a lawyer? This is discussed on License-Discuss as “the pro-se
   license constructor”.

Brendan Hickey asks whether Schleizer had talked with the FSF about these
improvements. Patrick Schleizer links to such a message.

Schleizer wonders why the GPL allows indemnification terms without
containing such terms itself. Richard Fontana mentions this was done solely
for Apache 2.0 compatibility, and links to the GPLv3 rationale documents.

Fontana notices that the proposed terms use the word “nonwithstanding”
opposite to its intended effect.

Based on the feedback (see also the separate sections), Patrick Schleizer
decides to withdraw the license but intends to prepare a revised version.

*Should the OSI review GPL Additional Terms?*

Patrick Schleizer points out that the GPLv3 Additional Terms mechanism
allows “other non-permissive additional terms” to be removed by the user,
so that no Additional Terms can render the license non-free. Richard
Fontana thinks that if these Additional Terms don’t create a new license,
then that is a good argument that such Additional Terms are out of scope
for OSI review.

Bruce Perens argues that adding terms to a license necessarily creates a
new license, and points at the recent Commons Clause as an example where
simple additions had huge effect. But Schleizer points out that adding
Additional Terms is just an exercise of the rights under the GPL, and
shouldn’t be treated as a modification of the license.

Richard Fontana suggests the OSI shouldn’t review Additional Terms, if only
to limit license proliferation. Fontana notes the Additional Terms have
sometimes be misused, and that review could be valuable for *widely used*
Additional Terms. Fontana points out that the OSI did review two sets of
GPLv3 Additional Permissions though they behaved like separate licenses.
One is the LGPLv3.

Fontana also suggests that the OSI should defer to the FSF for review of
Additional Restrictions. Bruce Perens disagrees: The OSI shouldn’t give the
FSF special status that would exclude some licenses from a review here, in
particular not any kind of veto power. However, the OSI should respect the
FSF’s authority on the GPL and not review licenses that contain “GPL” in
their name.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensource.org/pipermail/license-review_lists.opensource.org/attachments/20190401/4820ea23/attachment.html>

More information about the License-review mailing list