[License-review] For approval: The Cryptographic Autonomy License (Beta 2)

[Josh Berkus]

Van,

So, I'm tackling this for the perspective of "as a software developer,
what are my questions about using anything under this license".  I'll
admit to not having re-read the entirely of the original discussion, so
if some of these questions were already covered, feel free to bounce me
to the archives.

Overall, the license is looking really good to me.

### 2.2. Offer and Acceptance

- I cannot make heads or tails of this paragraph.  What is it supposed
to mean?  Would there be a way to state that in language that would be
clearer to a layman?

Patent Clauses:

- These are very clear and well-stated.  I don't know how they do
legall, but as a developer I find them very straightforwards.

#### 4.2.1. No Withholding User Data

- Again, I don't have any opinion on enforcability, but the meaning here
is quite clear to me.
- For my part, I find this clause a natural extension of copyleft
principles, and as such not a violation of the OSD.
- Even further, as a database geek, I would love to see more
user-data-protection licenses.

#### 4.2.2. No Technical Measures that Limit Access

- This paragraph seems ripe for inadvertent violation.  For example, a
strict interpretation of this seems to read that you're not allow to
place any copy of the code under private-key encryption, even for your
own organization's use.  I'd love to see some of the "withold" or other
intent language here.

#### 4.2.3. No Legal or Contractual Measures that Limit Access

- Do we need an exemption here for government action? Not everyone has a
choice about some of these laws (like anti-circumvention).

### 5.3. Termination Due to Litigation

- Do you want to limit this to patent infringement?  What about other
types of legal action, such as claims for damages?

### 7.2. Choice of Jurisdiction and Governing Law

- This seems like it could be used to circumvent some of the provisions
of the license.  Comment?

-- 
Josh Berkus