[License-review] [CAVO] Submission of OSET Public License for Approval

Henrik Ingo henrik.ingo at avoinelama.fi
Tue Sep 8 07:45:44 UTC 2015


Tim

Sorry but a discussion of which license in your opinion is the best
open source license that everyone should use is simply not on topic
for this list. OSI is tasked with reviewing and approving licenses
that are considered to conform to the Open Source Definition. License
proliferation concerns compel the submitter to give some justification
to why yet another license is needed, but that is the extent of it.

OSI has approved government-oriented licenses in the past, such as the
EUPL. While it is easy to argue that such are completely superfluous,
it is also futile to fight the fact that governments are simply on the
tail end of history in this matter, going through the same exercise as
corporate lawyers did in 1999-2003. The positive part of the current
situation is at least that these licenses now go to great effort to
minimize license incompatibility issues by making sure they are
forward compatible with the mainstream open source licenseses, such as
GPL.

Henrik, who likes the GPL and is concerned about closed source
e-voting solutions with naive security.

On Mon, Sep 7, 2015 at 11:26 PM, Tim Mayer <timbmayer at gmail.com> wrote:
> Perhaps a review of the best, in my view,  fundamental and unique principal
> for securing our electronically captured and tabulated vote is appropriate
> at this juncture.
>
> That most important principal, again in my view, is the notion that the more
> folks that have access to the software code, including all the various code
> produced for the data base of captured and counting purposes, but the
> various machine codes, firmware, etc., the more folks that can and will
> actually evaluate its effectiveness, the better. Quite deliberately anathema
> to security through obscurity. Therefore, it would seem, proprietary
> software, whether disclosed, open, free, public, or otherwise, would have a
> negative impact on the fundamental notion of getting as many eyes on the
> code as possible.
>
> My understanding of the impact of having a particular license to go with a
> particular way of developing code, is to increase the involvement in the
> ongoing process by encouraging as much involvement as possible to get as
> many eyes as possible on the code.
>
> Whatever license and development process accomplishes this fundamental goal,
> that would be the way to go.
>
> It seems, that although Oset, and other schemas as well, may be alternatives
> that can be considered, my view is that ultimately, whether a license is OSI
> approved or not, that license must still be considered in light of
> alternative licenses development for the same purpose.
>
> Presently, the GPLv3 license, coupled with an open source community
> developed software, is by all measure, the electronic voting software
> solution that best reflects the fundamental goal of getting as many eyes as
> possible on the code.
>
> Whether Oset, or any other schema, can deliver, or even wants to reflect the
> fundamental principal of as many eyes as possible on the code, is the
> question to be answered.
>
> All other issues regarding licenses and code development are, although
> relevant, substantially immaterial to this fundamental principal.
>
> Thank you,
>
> Tim Mayer
>
> On Mon, Sep 7, 2015 at 11:39 AM, Lawrence Rosen <lrosen at rosenlaw.com> wrote:
>>
>> Heather Meeker wrote:
>> > If there is a difference, it would be a matter of national security or
>> > necessity of public interest that is not embodied in any law.
>> > I would expect that to be rare, but the clarification was important
>> > to our constituency.
>>
>> Now we get to policy issues that seriously concern me.
>>
>> What are these necessities of public interest that are NOT embodied in
>> law? Why should those ambiguous (so-called) national security or public
>> interests affect source or binary FOSS code in any way? These are OUR
>> elections we're talking about. There is enormous fear about OUR elections
>> software being restricted or abused for private reasons. There is an
>> important element of trust that certain FOSS licenses can help provide.
>>
>> That is why open source elections solutions are so critical to all of us.
>> That is why FOSS licenses matter for this solution stack.
>>
>> While it is true that the OSET license may be approved by OSI, it does not
>> mean that we should ever allow elections software to be affected by vague
>> "national security or necessity of public interest" that our legislatures
>> don't put into law.
>>
>> When they DO put it into law, of course, we'll all obey it regardless of
>> what our copyright licenses say.
>>
>> /Larry
>>
>>
>> -----Original Message-----
>> From: Meeker, Heather J. [mailto:hmeeker at omm.com]
>> Sent: Monday, September 7, 2015 11:01 AM
>> To: Josh Berkus <josh at postgresql.org>; License submissions for OSI review
>> <license-review at opensource.org>
>> Subject: Re: [License-review] Submission of OSET Public License for
>> Approval
>>
>> I was sidetracked because Section 4 is, for the most part, already in MPL
>> 2.0 (whereas 3.5B is the new language we added).  In Section 4, we added
>> "national security or necessity of public interest" to "statute, judicial
>> order, or regulation."  So if there is a concern generally with this
>> mechanism, it also exists for MPL 2.0.  If there is a difference, it would
>> be a matter of national security or necessity of public interest that is not
>> embodied in any law.  I would expect that to be rare, but the clarification
>> was important to our constituency.
>>
>> -----Original Message-----
>> From: Josh Berkus [mailto:josh at postgresql.org]
>> Sent: Thursday, September 03, 2015 2:58 PM
>> To: Meeker, Heather J.; License submissions for OSI review
>> Cc: Gregory Miller; John Sebes; christine at osetfoundation.org
>> Subject: Re: [License-review] Submission of OSET Public License for
>> Approval
>>
>> On 09/03/2015 02:49 PM, Meeker, Heather J. wrote:
>> > 2. Ability to adjust terms downstream
>> > This provision says you can "place additional conditions on the right
>> > granted" and that would not include additional grants of rights or waiver of
>> > conditions.  That distinction may sound like a legal technicality, but in
>> > open source licensing there is an important difference between license
>> > conditions -- which narrow a grant of rights -- and granting additional
>> > rights or removing conditions.  For example, in most copyleft licenses, you
>> > cannot place additional conditions on the exercise of the license at all, or
>> > remove any condition.   Our variation is actually very narrow -- only as
>> > required by law.  I take your point that states can pass crazy laws.  But if
>> > a law says a state can't use the software for elections except with
>> > restriction X, and the license (such as GPL) says you can't impose
>> > restriction X, then the state cannot use the software at all, and we are
>> > trying to avoid this result.
>>
>> Um ... no?
>>
>> I'm talking about clause 4, 4. Inability to Comply Due to Statue or
>> Regulation.  This quite clearly allows recipients to waive some or all of
>> the license provisions.
>>
>> --Josh Berkus
>> _______________________________________________
>> License-review mailing list
>> License-review at opensource.org
>> https://lists.opensource.org/cgi-bin/mailman/listinfo/license-review
>>
>> _______________________________________________
>> CAVO mailing list
>> CAVO at opensource.org
>> https://lists.opensource.org/cgi-bin/mailman/listinfo/cavo
>
>
>
> _______________________________________________
> License-review mailing list
> License-review at opensource.org
> https://lists.opensource.org/cgi-bin/mailman/listinfo/license-review
>



-- 
henrik.ingo at avoinelama.fi
+358-40-5697354        skype: henrik.ingo            irc: hingo
www.openlife.cc

My LinkedIn profile: http://fi.linkedin.com/pub/henrik-ingo/3/232/8a7



More information about the License-review mailing list