[License-review] Submission for review of Accountable Resolver License

Pamela Chestek pamela.chestek at opensource.org
Wed Jan 15 16:51:10 UTC 2025 

Dear License Review List:

Below is the recommendation of the License Review Committee that the 
Accountable Resolver License not be approved as an OSI-Approved license, 
to be voted on at the next Board meeting.

Best regards,

Pamela S. Chestek
Chair, Licensing Committee
Open Source Initiative

==========================

License: Accountable Resolver License version 1.0 (Exhibit A)
Submitted: October 21, 2024, 
https://lists.opensource.org/pipermail/license-review_lists.opensource.org/2024-October/005575.html
Decision date: due no later than the first Board meeting after December 
21, 2024

_License Review Committee Recommendation: _

Resolved that it is the opinion of the OSI that the Accountable Resolver 
License version 1.0 does not conform to the OSD and assure software 
freedom and the license is therefore not approved.

_Rationale Document_

Reasons for withholding approval: In section 4.6 the license expressly 
prohibits using the licensed software “to infringe, invade, breach, or 
otherwise fail to protect the privacy of any DID subject making use of 
the services provided by the Work.” This use restriction violates OSD 6, 
No Discrimination Against Fields of Endeavor.

The license is also poorly drafted, which would cause significant 
interpretation problems. For example, it claims to grant a license to 
“take any action with the Work that would infringe the non-patent 
intellectual property laws of any jurisdiction to which You are 
subject.” However, “intellectual property” is an ambiguous term, as 
exemplified by the statement in the license that “Licensor does not 
grant any license to the trademarks, service marks, or logos of 
Licensor, except to the extent necessary to comply with the attribution 
conditions in section 4.1 of this License.” A trademark is generally 
considered “intellectual property,” so the license both grants a license 
to trademarks in section 3.1(a)  and does not in section 3.2(b). 
Moreover, there are no “attribution conditions in section 4.1,” they are 
in section 4.3.

The license submitter did not respond to the issues raised on the 
license-review list.

/Exhibit A/

Accountable Resolver License version 1.0

1. Purpose

This License gives You unlimited permission to use and modify the 
software to which it applies (the “Work”), either as-is or in modified 
form, for Your private purposes while protecting the owners and 
contributors to the software from liability and subject to the 
accountability condition defined in section 4.6.

This license enables any person or organization to download, use, and 
modify the software for a Federated DID Resolver Server (the Work) to 
resolve DID documents with provisions to ensure that there is no 
third-party surveillance of the activities or metadata of individuals or 
organizations that make use of services provided by the Work as defined 
in section 4.6.

1.1    Definitions

1.1.1 DID
Decentralized Identifiers (DIDs), are a W3C standard. They provide a way 
to point to DID documents that contain cryptographic keys and metadata. 
A DID resolver is an application that resolves DIDs to their associated 
DID documents.

1.1.2 Licensor
Portable Data Corporation, operating as JLINC Labs, is the licensor of 
the Work and provides this Accountable Resolver License under the terms 
set out below.

1.1.3 Receiver
Any entity has the right to the Work by abiding with the terms set out 
in this license.

1.1.4 DID Subject
DID Subjects are natural persons or other entities identified by and 
capable of controlling the DID. The receiver of this license must 
respect the privacy of the DID Subject as set out in 4.6 below.

2. Receiving a License
In order to receive this License, You must agree to its rules. The rules 
of this License are both obligations of Your agreement with the Licensor 
and conditions to your License. You must not do anything with the Work 
that triggers a rule You cannot or will not follow.

2.1. Application
The terms of this License apply to the Work as you receive it from 
Licensor, as well as to any modifications, elaborations, or 
implementations created by You that contain any licensable portion of 
the Work (a “Modified Work”). Unless specified, any reference to the 
Work also applies to a Modified Work.

2.2. Offer and Acceptance
This License is automatically offered to every person and organization. 
You show that you accept this License and agree to its conditions by 
taking any action with the Work that, absent this License, would 
infringe any intellectual property right held by Licensor.

2.3. Compliance and Remedies
Any failure to act according to the terms and conditions of this License 
places Your use of the Work outside the scope of the License and 
infringes the intellectual property rights of the Licensor. In the event 
of infringement, the terms and conditions of this License may be 
enforced by Licensor under the intellectual property laws of any 
jurisdiction to which You are subject. You also agree that either the 
Licensor or a Recipient (as an intended third-party beneficiary) may 
enforce the terms and conditions of this License against You via 
specific performance.

3. Permissions and Conditions

3.1. Permissions Granted

Conditioned on compliance with section 4, and subject to the limitations 
of section 3.2, Licensor grants You the world-wide, royalty-free, 
non-exclusive permission to:

a) Take any action with the Work that would infringe the non-patent 
intellectual property laws of any jurisdiction to which You are subject; and

b) Take any action with the Work that would infringe any patent claims 
that Licensor can license or becomes able to license, to the extent that 
those claims are embodied in the Work as distributed by Licensor.

3.2. Limitations on Permissions Granted
The following limitations apply to the permissions granted in section 3.1:

a) Licensor does not grant any patent license for claims that are only 
infringed due to modification of the Work as provided by Licensor, or 
the combination of the Work as provided by Licensor, directly or 
indirectly, with any other component, including other software or hardware.

b) Licensor does not grant any license to the trademarks, service marks, 
or logos of Licensor, except to the extent necessary to comply with the 
attribution conditions in section 4.1 of this License.

4. Conditions
If You exercise any permission granted by this License, such that the 
Work, or any part, aspect, or element of the Work, is distributed, 
communicated, made available, or made perceptible to a non-Affiliate 
third party (a “Recipient”), either via physical delivery or via a 
network connection to the Recipient, You must comply with the following 
conditions:

4.1. Provide Access to Source Code
Subject to the exception in section 4.4, You must provide to each 
Recipient a copy of, or no-charge unrestricted network access to, the 
Source Code corresponding to the Work.

The “Source Code” of the Work means the form of the Work preferred for 
making modifications, including any comments, configuration information, 
documentation, help materials, installation instructions, cryptographic 
seeds or keys, and any information reasonably necessary for the 
Recipient to independently compile and use the Source Code and to have 
full access to the functionality contained in the Work.

4.1.1. Providing Network Access to the Source Code
Network access to the Notices and Source Code may be provided by You or 
by a third party, such as a public software repository, and must persist 
during the same period in which You exercise any of the permissions 
granted to You under this License and for at least one year thereafter.

4.1.2. Source Code for a Modified Work
Subject to the exception in section 4.5, You must provide to each 
Recipient of a Modified Work Access to Source Code corresponding to 
those portions of the Work remaining in the Modified Work as well as the 
modifications used by You to create the Modified Work. The Source Code 
corresponding to the modifications in the Modified Work must be provided 
to the Recipient either a) under this License, or b) under a Compatible 
Open-Source License.

A “Compatible Open-Source License” means a license accepted by the Open 
Source Initiative that allows object code created using both Source Code 
provided under this License and Source Code provided under the other 
open source license to be distributed together as a single work.

4.1.3. Coordinated Disclosure of Security Vulnerabilities
You may delay providing the Source Code corresponding to a particular 
modification of the Work for up to ninety (90) days (the “Embargo 
Period”) if:

a) the modification is intended to address a newly-identified 
vulnerability or a security flaw in the Work,

b) disclosure of the vulnerability or security flaw before the end of 
the Embargo Period would put the data, identity, or autonomy of one or 
more Recipients of the Work at significant risk,

c) You are participating in a coordinated disclosure of the 
vulnerability or security flaw with one or more additional Licensees, and

d) Access to the Source Code pertaining to the modification is provided 
to all Recipients at the end of the Embargo Period.


4.2. No Legal or Contractual Measures that Limit Access
You may not contractually restrict a Recipient’s ability to 
independently exercise the permissions granted under this License. You 
waive any legal power to forbid circumvention of technical protection 
measures that include use of the Work, and You waive any claim that the 
capabilities of the Work were limited or modified as a means of 
enforcing the legal rights of third parties against Recipients.

4.3. Provide Notices and Attribution
You must retain all licensing, authorship, or attribution notices 
contained in the Source Code (the “Notices”), and provide all such 
Notices to each Recipient, together with a statement acknowledging the 
use of the Work. Notices may be provided directly to a Recipient or via 
an easy-to-find hyperlink to an Internet location also providing Access 
to Source Code.

4.4. Scope of Conditions in this License
You are required to uphold the conditions of this License only relative 
to those who are Recipients of the Work from You. Other than providing 
Recipients with the applicable Notices and Access to Source Code nothing 
in this License requires You to provide processing services to or engage 
in network interactions with anyone.

4.5. Combined Work Exception
As an exception to condition that You provide Recipients Access to 
Source Code, any Source Code files marked by the Licensor as having the 
“Combined Work Exception,” or any object code exclusively resulting from 
Source Code files so marked, may be combined with other Software into a 
“Larger Work.” So long as you comply with the requirements to provide 
Recipients the applicable Notices and Access to the Source Code provided 
to You by Licensor, any other Software in the Larger Work as well as the 
Larger Work as a whole may be licensed under the terms of your choice.

4.6 Respect for DID subject’s Privacy
You may not use the permissions granted under this License to infringe, 
invade, breach, or otherwise fail to protect the privacy of any DID 
subject making use of the services provided by the Work.

Privacy, for the purpose of this license, means a duty of care for the 
protection and confidentiality of any data generated by the operation of 
the Work, such as server logs or any other logs or metadata, that would 
enable the surveillance or correlation of the activities of the DID 
subject or other entities identified in the DID document by the Receiver 
or third parties, unless the Receiver is legally compelled otherwise.

Further, the Receiver may not make use of, or give or sell any such 
generated data, or any data within a DID document, for any purpose other 
than to make DID documents resolvable.


5. Term and Termination
The term of this License begins when You receive the Work, and continues 
until terminated for any of the reasons described herein, or until all 
Licensor’s intellectual property rights in the Software expire, 
whichever comes first (“Term”). This License cannot be revoked, only 
terminated for the reasons listed below.

5.1. Effect of Termination
If this License is terminated for any reason, all permissions granted to 
You under Section 3 by any Licensor automatically terminate. You will 
immediately cease exercising any permissions granted in this License 
relative to the Work, including as part of any Modified Work.

5.2. Termination for Non-Compliance; Reinstatement
This License terminates automatically if You fail to comply with any of 
the conditions in section 4. As a special exception to termination for 
non-compliance, Your permissions for the Work under this License will 
automatically be reinstated if You come into compliance with all the 
conditions in section 2 within sixty (60) days of being notified by 
Licensor or an intended third party beneficiary of Your noncompliance. 
You are eligible for reinstatement of permissions for the Work one time 
only, and only for the sixty days immediately after becoming aware of 
noncompliance. Loss of permissions granted for the Work under this 
License due to either a) sustained noncompliance lasting more than sixty 
days or b) subsequent termination for noncompliance after reinstatement, 
is permanent, unless rights are specifically restored by Licensor in 
writing.

5.3. Termination Due to Litigation
If You initiate litigation against Licensor, or any Recipient of the 
Work, either direct or indirect, asserting that the Work directly or 
indirectly infringes any patent, then all permissions granted to You by 
this License shall terminate. In the event of termination due to 
litigation, all permissions validly granted by You under this License, 
directly or indirectly, shall survive termination. Administrative review 
procedures, declaratory judgment actions, counterclaims in response to 
patent litigation, and enforcement actions against former Licensees 
terminated under this section do not cause termination due to litigation.

6. Disclaimer of Warranty and Limit on Liability
As far as the law allows, the Work comes AS-IS, without any warranty of 
any kind, and no Licensor or contributor will be liable to anyone for 
any damages related to this software or this license, under any kind of 
legal claim, or for any type of damages, including indirect, special, 
incidental, or consequential damages of any type arising as a result of 
this License or the use of the Work including, without limitation, 
damages for loss of goodwill, work stoppage, computer failure or 
malfunction, loss of profits, revenue, or any and all other commercial 
damages or losses.

7. Other Provisions

7.1. Affiliates
An “Affiliate” means any other entity that, directly or indirectly 
through one or more intermediaries, controls, is controlled by, or is 
under common control with, the Licensee. Employees of a Licensee and 
natural persons acting as contractors exclusively providing services to 
Licensee are also Affiliates.

7.2. Choice of Jurisdiction and Governing Law
A Licensor may require that any action or suit by a Licensee relating to 
a Work provided by Licensor under this License may be brought only in 
the courts of a particular jurisdiction and under the laws of a 
particular jurisdiction (excluding its conflict-of-law provisions), if 
Licensor provides conspicuous notice of the particular jurisdiction to 
all Licensees.

7.3. No Sublicensing
This License is not sublicensable. Each time You provide the Work or a 
Modified Work to a Recipient, the Recipient automatically receives a 
license under the terms described in this License. You may not impose 
any further reservations, conditions, or other provisions on any 
Recipients’ exercise of the permissions granted herein.

7.4. Attorneys’ Fees
In any action to enforce the terms of this License, or seeking damages 
relating thereto, including by an intended third party beneficiary, the 
prevailing party shall be entitled to recover its costs and expenses, 
including, without limitation, reasonable attorneys’ fees and costs 
incurred in connection with such action, including any appeal of such 
action. A “prevailing party” is the party that achieves, or avoids, 
compliance with this License, including through settlement. This section 
shall survive the termination of this License.

7.5. No Waiver
Any failure by Licensor to enforce any provision of this License will 
not constitute a present or future waiver of such provision nor limit 
Licensor’s ability to enforce such provision at a later time.

7.6. Severability
If any provision of this License is held to be unenforceable, such 
provision shall be reformed only to the extent necessary to make it 
enforceable. Any invalid or unenforceable portion will be interpreted to 
the effect and intent of the original portion. If such a construction is 
not possible, the invalid or unenforceable portion will be severed from 
this License but the rest of this License will remain in full force and 
effect.

7.7. License for the Text of this License
The text of this license is released under the Creative Commons 
Attribution-ShareAlike 4.0 International License, with the caveat that 
any modifications of this license may not use the name “Accountable 
Resolver License” or any name confusingly similar thereto to describe 
any derived work of this License.




On 10/21/2024 10:39 AM, Victor Grey via License-review wrote:
> To the OSI community, this is a request for approval for a new special-purpose open source license, as attached. The license is intended for software that provides registration and resolution services for Decentralized Identifiers (DIDs -https://w3c.github.io/did-core/). Such software may be used as a standalone service or incorporated into any other software to provide DID resolution services for any purpose, conditioned on it not being used to violate the privacy rights of end users of the service.
>
> It is based on the Cryptographic Autonomy License (CAL-1.0) and is identical to CAL-1.0 with the exceptions of section 1 and portions of section 4.
>
> * We believe and affirm that the license complies with the Open Source Definition, including specifically that it meets OSD 3, 5, 6 and 9.
>
> * The license is currently being used in a private beta of a Federated ID service offered by JLINC Labs, and is already planned to be incorporated in several other businesses, to become public this year or early next year.
>
> * The license steward and submitter is Victor Grey, on behalf of the Portable Data Corporation DBA JLINC Labs, reachable atvictor at jlinc.com.
>
> * The license shall be known as the Accountable Resolver License version 1.0.
>
> * There are no unique identifiers by other projects or proposed tags.
>
> * We believe it fills a gap in necessary privacy requirements for these types of services that we have found in no other license.
>
> * As stated above, it is based on CAL-1.0.
>
> * It has not been through any other legal review by us.
>
> Many thanks for your attention,
> Victor Grey
>
>
> _______________________________________________
> The opinions expressed in this email are those of the sender and not necessarily those of the Open Source Initiative. Communication from the Open Source Initiative will be sent from an opensource.org email address.
>
> License-review mailing list
> License-review at lists.opensource.org
> http://lists.opensource.org/mailman/listinfo/license-review_lists.opensource.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensource.org/pipermail/license-review_lists.opensource.org/attachments/20250115/d9ec2b97/attachment-0001.htm>

More information about the License-review mailing list