<html><head><meta http-equiv="content-type" content="text/html; charset=utf-8"></head><body dir="auto">Having thought more about this and the way that the SSPL FAQ reads I would recommend that the OSI continue to evaluate whether SSPL violates the OSD even if withdrawn. And if it does, to make it clear that it does violate the OSD.<div><br></div><div>Otherwise their SSPL FAQ would read like the CC0 FAQ in that it was submitted but later withdrawn but they believe it to meet the OSD and therefore implies it is open source since it was never explicitly rejected.</div><div><br></div><div>While there was disagreement on CC0 on the patent clause there was debate and it is a FOSS license as CC0 has FSF approval. </div><div><br></div><div>SSPL does not appear likely to pass but Mongo has already switched to it and implies it is open source even before the 60 days have run out partly under the “we submitted it to the OSI” banner. Should it sit in limbo then they can continue to state this. Should they withdraw the license they can say “we withdrew it just like CC0 which is open source”.</div><div><br></div><div>Maybe I’m paranoid but I really disliked the spin in the FAQ and the fact that they switched licenses already without either FSF or OSI approving the SSPL as FOSS.</div><div><br></div><div>Developers don’t always pay attention and given they have stated any updates to older versions moving forward are SSPL a developer just grabbing a security update suddenly means you’re not under AGPL anymore but SSPL.</div><div><br></div><div>That’s NOT operating in good faith as an “open source company”. Which isn’t in their core values page anyway.</div><div><br></div><div><a href="https://www.mongodb.com/company#core-values">https://www.mongodb.com/company#core-values</a></div><div><br></div><div>I found nothing obvious about the license change on the download pages but I was surfing it with my phone. Other than the press release and the activity here it appears to be a silent change. Maybe if I downloaded it I would get a banner or something but I’m on my phone.</div><div><br><div id="AppleMailSignature" dir="ltr">Sent from my iPhone</div><div dir="ltr"><br>On Oct 18, 2018, at 3:19 PM, Jim Jagielski <<a href="mailto:jim@jaguNET.com">jim@jaguNET.com</a>> wrote:<br><br></div><blockquote type="cite"><div dir="ltr"><span>Well said. And if I had any standing, I'd vote +1 in response.</span><br><span></span><br><blockquote type="cite"><span>On Oct 17, 2018, at 2:52 AM, Bradley M. Kuhn <<a href="mailto:bkuhn@ebb.org">bkuhn@ebb.org</a>> wrote:</span><br></blockquote><blockquote type="cite"><span></span><br></blockquote><blockquote type="cite"><span>Richard Fontana came by IRC channels to find me today noting:</span><br></blockquote><blockquote type="cite"><blockquote type="cite"><blockquote type="cite"><span>* fontana is curious to know bkuhn's thoughts on the MongoDB license</span><br></blockquote></blockquote></blockquote><blockquote type="cite"><span></span><br></blockquote><blockquote type="cite"><span>I missed him, but later opened license-review folder and found three posts</span><br></blockquote><blockquote type="cite"><span>from him on the thread, so I will simply reply to his request here.</span><br></blockquote><blockquote type="cite"><span></span><br></blockquote><blockquote type="cite"><span>I frankly think the OSI should not waste its time reviewing a license like</span><br></blockquote><blockquote type="cite"><span>this. This is not simply another slightly-differently-worded,</span><br></blockquote><blockquote type="cite"><span>obviously-Open-Source highly-permissive license that needs an OSI rubber</span><br></blockquote><blockquote type="cite"><span>stamp. By contrast, MongoDB's license (and their submission to OSI on the</span><br></blockquote><blockquote type="cite"><span>same day of publication) is a campaign by a well-resourced for-profit company</span><br></blockquote><blockquote type="cite"><span>to reframe what copyleft is.</span><br></blockquote><blockquote type="cite"><span></span><br></blockquote><blockquote type="cite"><span>A decade ago, the Affero GPL, authored by a small charity, was hotly debated</span><br></blockquote><blockquote type="cite"><span>in the community, and there was lobbying to oppose its approval by OSI.</span><br></blockquote><blockquote type="cite"><span>OSI took many months to decide about AGPL (November to</span><br></blockquote><blockquote type="cite"><span>March), and while I don't think license committee discussion of that era are</span><br></blockquote><blockquote type="cite"><span>archived publicly, I assume it was a complex topic for consideration, even</span><br></blockquote><blockquote type="cite"><span>though Affero GPL had been promulgated in draft form for comment for years</span><br></blockquote><blockquote type="cite"><span>before, and discussed rather extensively as part of FSF's public and lengthy</span><br></blockquote><blockquote type="cite"><span>GPLv3 process. In other words, even after many years of public discussion to</span><br></blockquote><blockquote type="cite"><span>consider whether the Affero clause fit the OSD, the OSI still needed months</span><br></blockquote><blockquote type="cite"><span>to think about it one last time.</span><br></blockquote><blockquote type="cite"><span></span><br></blockquote><blockquote type="cite"><span>MongoDB had no public process for this license. Experts in copyleft</span><br></blockquote><blockquote type="cite"><span>licensing were not asked for input before the license was officially</span><br></blockquote><blockquote type="cite"><span>released. The OSI was (apparently) not included early in the drafting</span><br></blockquote><blockquote type="cite"><span>process as OSI has been when other copylefts (e.g., GPL, MPL).</span><br></blockquote><blockquote type="cite"><span>Moreover, as others have mentioned in this thread, this license is</span><br></blockquote><blockquote type="cite"><span>essentially a modified version of a license under the purview of another</span><br></blockquote><blockquote type="cite"><span>steward who publicly urges license drafters to *not* do what MongoDB did.</span><br></blockquote><blockquote type="cite"><span></span><br></blockquote><blockquote type="cite"><span>Copyleft licenses are a different breed, and there is clever (and</span><br></blockquote><blockquote type="cite"><span>difficult-to-interpret) drafting in the OSD to allow copyleft licenses to</span><br></blockquote><blockquote type="cite"><span>qualify. I think it's totally reasonable that OSI needs a higher standard</span><br></blockquote><blockquote type="cite"><span>for copylefts than other types of licenses.</span><br></blockquote><blockquote type="cite"><span></span><br></blockquote><blockquote type="cite"><span>Furthermore, I think it is completely reasonable for the OSI to reject a</span><br></blockquote><blockquote type="cite"><span>license review request not necessarily for the content of the license, but</span><br></blockquote><blockquote type="cite"><span>on grounds that a public process of comment and discussion were not used to</span><br></blockquote><blockquote type="cite"><span>draft a license containing a major policy change in FOSS licensing. The</span><br></blockquote><blockquote type="cite"><span>copyleft community has evolved from a single drafter vetting the drafts</span><br></blockquote><blockquote type="cite"><span>through a single law firm (as RMS did for the Emacs Public License, GPLv1</span><br></blockquote><blockquote type="cite"><span>and GPLV2), to a community process. copyleft-next should be the standard,</span><br></blockquote><blockquote type="cite"><span>and license stewards of copyleft licenses should be required to explain</span><br></blockquote><blockquote type="cite"><span>why they *didn't* follow a process similar to copyleft-next's process as</span><br></blockquote><blockquote type="cite"><span>part of their application to OSI.</span><br></blockquote><blockquote type="cite"><span></span><br></blockquote><blockquote type="cite"><span>I therefore suggest the OSI ask MongoDB to withdraw its submission, and ask</span><br></blockquote><blockquote type="cite"><span>MongoDB to go back and engage in a public comment and drafting process.</span><br></blockquote><blockquote type="cite"><span>--</span><br></blockquote><blockquote type="cite"><span>Bradley M. Kuhn</span><br></blockquote><blockquote type="cite"><span></span><br></blockquote><blockquote type="cite"><span>Pls. support the charity where I work, Software Freedom Conservancy:</span><br></blockquote><blockquote type="cite"><span><a href="https://sfconservancy.org/supporter/">https://sfconservancy.org/supporter/</a></span><br></blockquote><blockquote type="cite"><span></span><br></blockquote><blockquote type="cite"><span>_______________________________________________</span><br></blockquote><blockquote type="cite"><span>License-review mailing list</span><br></blockquote><blockquote type="cite"><span><a href="mailto:License-review@lists.opensource.org">License-review@lists.opensource.org</a></span><br></blockquote><blockquote type="cite"><span><a href="http://lists.opensource.org/mailman/listinfo/license-review_lists.opensource.org">http://lists.opensource.org/mailman/listinfo/license-review_lists.opensource.org</a></span><br></blockquote><span></span><br><span></span><br><span>_______________________________________________</span><br><span>License-review mailing list</span><br><span><a href="mailto:License-review@lists.opensource.org">License-review@lists.opensource.org</a></span><br><span><a href="http://lists.opensource.org/mailman/listinfo/license-review_lists.opensource.org">http://lists.opensource.org/mailman/listinfo/license-review_lists.opensource.org</a></span><br></div></blockquote></div></body></html>