OpenLDAP license

Frank Hecker frank at collab.net
Thu Apr 12 16:01:20 UTC 2001 

David Johnson wrote:
> Okay, I see what you're getting at, and thus what Ryan was getting at. Some
> of our assumptions on "what is Open Source" might not match the actual thing
> itself. My assumption, at least, was that the OSI Certification Mark was
> applied to the software, and not the license.

The term the OSI certification page uses is actually "software
distribution", which I interpret to mean "software as distributed". I
think this is a better term in context than plain "software"; it
emphasizes that what is at issue is not just the actual code itself but
the entire "offering" to the user, including any terms and conditions
associated with the software as distributed.

> I wouldn't change the OSD at all.

Nor would I.

> But I would make it so that the software
> itself had to comply with the OSD, and not merely its license. How exactly to
> do this is another matter.  One possible solution is to add to the list of
> requirements for using the Certification Mark.

I agree that the OSI requirements for using the mark need to be
tightened up. I won't presume to suggest how to do that. However I will
note that doing such "tinkering" may not be as straightforward as it
might appears. The wording of the requirements already shows evidence
(at least to me) of some "lawyering".

For example, note that the requirements do not state that the software
be "distributed under the terms of" an approved license (or similar
phrasing; they state that the mark can be used for any software
distribution that "contains, and meets the requirements of, any license
on the approved list ..." The MPL, for example, explicitly allows
software executables to be distributed under a license other than the
MPL (MPL section 3.6). So it is perfectly possible to contemplate, say,
a binary Mozilla distribution being distributed under a license
prohibiting redistribution of the binaries.

As I read the OSI requirements, this distribution could still use the
OSI mark as long as a copy of the MPL were included, directly or by
reference (the "software distribution ... contains ... [a] license on
the approved list"), and as long as the distribution terms were
consistent with the provisions of MPL 3.6 and related sections (the
"software distribution ... meets the requirements of ... [a] license on
the approved list"). (Thus, for example, per MPL 3.6 the license for the
binary version can't attempt to limit your rights in the source code
version distributed separately under the MPL.)

Incidentally, this example is not all that hypothetical. The Netscape 6
binaries are distributed under a license that is clearly not an
OSD-compliant license

http://home.netscape.com/download/client_netscape6.html

(it prohibits redistribution, among other things) but that does
reference the NPL and MPL and includes notices required by NPL/MPL 3.6.
As it happens, Netscape 6 contains some non-Mozilla code for which
source code is not available; however if Netscape 6 contained only
Mozilla code then I believe it would meet the OSI requirements and could
use the mark, despite the fact that the Netscape 6 license itself is not
an approved license.

> > In fact, just for fun, let's say that if anyone asks me "where's the
> > source code", I reply "Oh, you can get that. All you need to do is to
> > send me $1M and a self-addressed envelope, and I'll send you a copy of
> > the source." Again, were I to do this, on what grounds could OSI prevent
> > me from continuing to use its certification mark to promote my software?
> 
> And what's wrong with that? If you can somehow demonstrate that the $1M is
> reasonable, go for it! (If that's what M$ charges, a court could very well
> agree with you) But the source code has to come with the same terms as the
> binary.

I spoiled my example. I meant to add that the terms for the source code
would be proprietary. Thus in my hypothetical example the source code
distribution would not be "OSI Certified Open Source Software" but the
binary distribution would be.

Frank
-- 
Frank Hecker            work: http://www.collab.net/
frank at collab.net        home: http://www.hecker.org/

More information about the License-discuss mailing list