Unique identifier for licenses

Mathieu Gervais (IDEAS) Mathieu.Gervais at morganstanley.com
Mon May 2 15:26:49 UTC 2011


Many thanks. This proposed course of action makes sense to me.
I think establishing such identifiers would be helpful for the community and
a small but good addition to OSI's offering.

-mathieu

On Sun, May 1, 2011 at 22:41, Karl Fogel <kfogel at red-bean.com> wrote:

> "Mathieu Gervais (IDEAS)" <Mathieu.Gervais at morganstanley.com> writes:
> >Right. I was hoping OSI would just seed with the initial SPDX list..
> >and then take it from there (and then SPDX have the wisdom to leverage
> >whatever addition OSI did so there is no fork).
> >Maybe I'm dreaming :)
> >Do you know where I should ask?
>
> You're asking in the right place, at least for OSI.  Here's what I'd
> like to do:
>
>  1) For every license for which there is a SPDX identifier, make sure
>     that http://opensource.org/licenses/IDENTIFIER exists and is
>     canonical (i.e., does not redirect).  In some cases, we will need
>     to redirect existing pages to the new page, of course.
>
>  2) For any OSI-approved license for which there is no SPDX identifier,
>     create one using the same algorithm SPDX used.  Also, at least try
>     to contact them and get them to sign off on the acronym choice :-).
>
> Regarding (1), my only caveat is that I don't yet know if OSI considers
> some of its abbreviations to be canonical -- i.e., shouldn't redirect.
> Does anyone here know the answer to that?
>
> (Descriptions of licenses would, of course, also reference the canonical
> abbreviation, and distinguish it from colloquial abbrevations -- though
> should list them all, being a primary reference.)
>
> Assuming there's no reason *not* to be in sync, then SPDX and OSI should
> stay in sync.  But it would be premature to commit to this until we
> actually have that conversation.  I'll try to start that conversation
> (or maybe there already is one, in which case I'll try to find it :-) ).
>
> There's no reason any of this needs to bottleneck OSI's license approval
> process.  Approving a license need not be simultaneous with establishing
> a canonical abbreviation for it, although in practice they probably can
> be (and ideally would be) simultaneous.
>
> -Karl
>
> >On Mon, Apr 18, 2011 at 12:30, David Dillard
> ><david_dillard at symantec.com> wrote:
> >
> >
> >        Actually, you’d still have a problem.  When the OSI approved a
> >    new license that license would not have an identifier until the
> >    SPDX group gave it one unless there was an agreement that the OSI
> >    would create identifiers that SPDX would use and assuming OSI was
> >    willing to take on that task.
> >
> >
> >
> >    I’m somewhat skeptical that either organization would agree to
> >    something like that, but it doesn’t hurt to ask :-)
> >
> >
> >
> >
> >
> >        From: Mathieu Gervais (IDEAS)
> >    [mailto:Mathieu.Gervais at morganstanley.com]
> >    Sent: Monday, April 18, 2011 12:17 PM
> >    To: David Dillard
> >    Cc: license-discuss at opensource.org
> >    Subject: Re: Unique identifier for licenses
> >
> >
> >
> >
> >
> >    Many thanks for the reply. That's an interesting suggestion.
> >    On the other hand, I'm a bit worried that these short form names
> >    don't appear anywhere on opensource.org.
> >    Any chances OSI could add them to
> >    http://www.opensource.org/licenses/alphabetical ? i.e. after the
> >    license name, have "(short-form = XXX)"
> >    That would eliminate the reliance on another party that might
> >    diverge or just not be updated when there is a license added by
> >    OSI.
> >    I know this creates an admin burden, but given these guys seems to
> >    have done most of the legwork, I think it would actually be a
> >    worthy addition to OSI's offering (small, but with value).
> >    (should I send this request to another particular group? I'm
> >    hoping OSI folks are reading this list...)
> >
> >    Thanks,
> >
> >    -mathieu
> >
> >
> >        On Mon, Apr 18, 2011 at 12:09, David Dillard
> >    <david_dillard at symantec.com> wrote:
> >
> >
> >        You might try using the short form identifiers for licenses as
> >    found in the SPDX spec (see Appendix I).
> >
> >
> >
> >    http://spdx.org/system/files/spdx-v1beta.draft20100807_1.pdf
> >
> >
> >
> >
> >
> >
> >
> >        From: Mathieu Gervais (IDEAS)
> >    [mailto:Mathieu.Gervais at morganstanley.com]
> >    Sent: Monday, April 18, 2011 9:14 AM
> >    To: license-discuss at opensource.org
> >    Subject: Unique identifier for licenses
> >
> >
> >
> >
> >    Hi,
> >
> >    We are improving internal tooling to keep track of open source
> >    libraries licenses.
> >    What do you recommend in order to uniquely identify licenses?
> >
> >    We want to leverage OSI's catalogue of licenses in order to not
> >    reinvent the wheel, but it doesn't look like a slam dunk since the
> >    naming is not that consistent.
> >    For example, for BSD the name seen on these 2 pages is different:
> >
> >            http://www.opensource.org/licenses/alphabetical
> >
> >            http://www.opensource.org/licenses/bsd-license
> >    (I prefer the one on the alphabetical list, since it does hint
> >    which flavor of BSD we are talking about -- "new and simplified").
> >
> >    So the question is, what would be the best/recommended (short)
> >    identifier that is likely to stay stable?
> >    I see the following choices:
> >     a) name as listed on
> >    http://www.opensource.org/licenses/alphabetical
> >     b) name as listed on the license page itself: e.g.
> >    http://www.opensource.org/licenses/bsd-license
> >
> >         ( this seems a non starter given that not all page have the
> >    same format, some of them have the license name written as "Open
> >    Source Initiative OSI - license name:Licensing" (see bsd), some
> >    have just the license name (e.g. AGPL)
> >
> >     c)use the short name in the url of the license itself, i.e.:
> >
> >        http://www.opensource.org/licenses/bsd-license   => use
> >    license name="bsd-license"
> >
> >        http://www.opensource.org/licenses/mit-license   => use
> >    license name="mit-license"
> >
> >        http://www.opensource.org/licenses/gpl-2.0    => use license
> >    name="gpl-2.0"
> >
> >
> >    Although we could use full URLs, I'd prefer using a short,
> >    meaningful name. (the full URL would really amount to option c
> >    anyway).
> >
> >    I'm not going to hold it against you if this ever changes, but I'd
> >    like to know that I at least have a shot at using something that
> >    is likely to be relatively stable for the foreseeable future.
> >    It also seems to me adding this to the FAQ could make sense since
> >    I'm certainly not the only one trying to refer to licenses in your
> >    catalogue.
> >
> >    I understand this is a bit nitpicking, but since we are doing
> >    this, we might as well try to do it right.
> >
> >    Let me know if my question is not clear and thanks in advance for
> >    your help.
> >
> >    -mathieu
> >
> >    PS: ultimately we do store and refer to the actual license txt
> >    included in the distribution of each library, but this is for the
> >    purpose of categorization in our internal repository.
> >
> >
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensource.org/pipermail/license-discuss_lists.opensource.org/attachments/20110502/9311814e/attachment.html>


More information about the License-discuss mailing list