[License-discuss] Why CAVO Recommends GPLv3

[Tzeng, Nigel H.]

Gerv,

Without knowing how OSET intends to design their software or what vendors
provide today it¹s hard for me to say.

As long as the core vote counting and verification bits are open source
and can be externally verified then one vendor providing more vote
planning aids, analytics, financial tracking and collaboration tools are
part of their comprehensive suite as a competitive advantage doesn¹t
bother me overly much.  They do have to make money somehow and have some
kind of positive ROI for developing software systems.

That it¹s open source is a false sense of security.  Just because it¹s
open and important doesn¹t guarantee there are all that many white hat
eyeballs looking at it for defects. There has been some rather widely
reported instances where the ³given enough eyeballs² part of the equation
simply was never met.  I would rather see voting software that has passed
a rigorous IV&V process and formal proof of correctness for key bits.
This is expensive and difficult to replicate fully in an ad-hoc fashion
since it requires a skill set most folks, even most programmers, don¹t
have.

As far as being an anti-goal it depends on whether CAVO can demand that
all voting systems be GPL V3 or only recommend vendors to use GPL V3 if
they are open source at all.  If they cannot compel vendors to provide
complete open source solutions then the strategy of having an open source
requirement for just the important parts via a weak copyleft and not for
the entire package as required by a viral copyleft may be advantageous.

Even better is a reference implementation licensed under a weak copyleft
was provided as the common core piece of voting software.  As long as the
vendor can prove (and perhaps even in the formal sense) that their
proprietary portions don¹t adversely impact that common framework under
LGPL or MPL then that¹s a win over companies rejecting an open source
request outright because of overreach.

There is a point where companies simply wont give all their IP away in the
hopes that they get the support contract.  And if their product is far
more compelling and useful than a GPL V3 solution then they simply will
get purchased and used despite any advantages of open source solutions
over closed.  Open vs closed is just one trade off among many.

Regards,

Nigel

On 11/17/14, 8:56 AM, "Gervase Markham" <gerv at mozilla.org> wrote:

>On 14/11/14 19:55, Tzeng, Nigel H. wrote:
>> In our case the majority of the software being evaluated for open
>> sourcing is framework and utility functions that we believe would
>> provide value to our community.  We wish to insure that this framework
>> remains open source and commonly used but that all entities involved
>> (including us) are free to make proprietary plugins to extend the
>> functionality.  Whether GPL V3 with a plugin exception or LGPL or MPL is
>> the right answer remains to be seen.
>
>Surely putting proprietary bits onto a voting platform defeats the
>entire point?
>
>You may disagree on strategy with Larry, of course. But if one is
>convinced that voting software needs to be open source as a fundamental
>matter of transparency for the voters, then there's no need to choose a
>license which permits the addition of proprietary bits. In fact, it's an
>anti-goal.
>
>Gerv
>
>_______________________________________________
>License-discuss mailing list
>License-discuss at opensource.org
>http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss