[License-review] For approval: The Cryptographic Autonomy License (Beta 2)

Kevin P. Fleming kevin+osi at km6g.us
Fri Aug 23 01:08:39 UTC 2019


On Thu, Aug 22, 2019 at 4:52 PM Pamela Chestek <pamela at chesteklegal.com> wrote:
>
>  It's not the ease of compliance, it's the fact that there is a compliance requirement at all when no other license has one in the same circumstance.

The AGPL also imposes a compliance requirement in your hypothetical
situation. If you install an AGPL-licensed plugin in your website (in
any manner, even choosing it from a plugin repository offered by the
website software project's operators), and the users of your website
interact with that plugin over the network, then you are obligated to
provide the source code to your users if the copy you are operating
*has been modified*. It is not clear whether the license is only
triggered by modifications that you made, or by modifications made by
the party who provided the software to you, but if it is only
triggered when *you* make modifications then there is a
aircraft-carrier-sized escape hatch in the AGPL. In any case, as the
operator of the website you would need to be aware of this requirement
and be able to determine whether the copy you are operating can be
considered *modified*.



More information about the License-review mailing list