[License-discuss] comprehensiveness (or not) of the OSI-approved list [was Re: [License-review] For Legacy Approval: LBNL BSD]

Henrik Ingo henrik.ingo at avoinelama.fi
Wed May 22 08:47:13 UTC 2019 

On Mon, May 20, 2019 at 4:43 AM Richard Fontana <rfontana at redhat.com> wrote:
> On Sun, May 19, 2019 at 1:30 AM Stephen Paul Weber
> <singpolyma at singpolyma.net> wrote:
> >
> > ‎> Saying "OSI's list isn't very useful in contracts or scanners" does carry an implicit question that I've probably also said explicitly on occasion: if people don't, by and large, refer exactly to the OSI list in their documents and scanners, then what is it for?
> >
> > I frequently see thing very *like* what you describe, but less legally formal than a contract (such as submission policies to contests or app-store-like aggregators, etc) say "submissions must be under an OSI-approved license" and similar words. Occasionally in an effort to seem inclusive policies will say "OSI or FSF approved" or some such, but I've never been under the impression that this was because either list if deficient, but rather that the policy didn't want to "choose sides".
>
> The latter, at least, may be a special case of what I'd consider a
> more politically sophisticated use of the OSI list (and FSF list).
> Both lists are valuable in many situations because they are maintained
> by authorities that are (largely) respected and seen as neutral, in a
> certain sense that is perhaps not true of, say, the Blue Oak Council,
> or the Fedora project for that matter. The desire not to choose sides
> is also seen in the use (declining, I think) of the "FOSS" and "FLOSS"
> acronyms.

To put this all in context:

- According to many imprecise metrics, 99% of all open source software
in the world is covered by a list of about 20 licenses
(https://web.archive.org/web/20190115063327/https://www.blackducksoftware.com/top-open-source-licenses)
- OSI list is 82 licenses, plus 15 retired or superceded licenses. So
it follows that this covers way more than 99% of open source software
ever written.
- Naturally there will be a lot more licenses that also do comply with
the OSD. Especially if they are trivial variations of an approved
license.
- When we say that software is only open source if released with an
OSI approved license, it really comes with this rounding error that
0,0..1% of software exists that is also open source. In practical
terms this is small enough that it is not worth to mention separately,
rather the "fundamenalist" statement is close enough.

Personally I do believe new OSD conforming licenses like (possibly)
LBNL BSD should be approved when the license steward could be bothered
to submit it. Otoh nobody should expect the OSI to actively seek and
approve the long tail of licenses just to build a complete list. There
is clearly no value in that task, not even for the use cases mentioned
in this thread (contracts, standards and other licenses referring to
"the OSI list").

> By the way, one of the reasons why Fedora historically did not rely on
> the OSI list was that in Fedora's earlier years (mid-2000s) the OSI
> was beginning to develop a reputation of being inappropriately
> influenced by commercial stakeholders. I can't say whether this was
> fair or not, but I vividly remember the viewpoint existing in that
> time period. This is worth keeping in mind when considering some of
> the recent criticism leveled at OSI for "rejecting" licenses put
> forward by commercial entities or license stewards that primarily have
> a business model motivation for the proposed license.
>

This remains a valid concern, but doesn't seem like the modern OSI is
under such threat. IMO it's good to be aware that erring too far in
either direction will cause the same outcome.

Btw, OSIs role today may be much more important than back then, as the
role of Linux distros as kingmakers has faded. In my observation most
developers today use Apple laptops and AWS services. Whether some
software is included in Debian or Fedora is no longer a matter of life
or death, as it arguably was in 2000.

henrik



-- 
henrik.ingo at avoinelama.fi
+358-40-5697354        skype: henrik.ingo            irc: hingo
www.openlife.cc

My LinkedIn profile: http://fi.linkedin.com/pub/henrik-ingo/3/232/8a7

More information about the License-discuss mailing list