[License-review] For approval: The Cryptographic Autonomy License (Beta 4)

VanL van.lindberg at gmail.com
Tue Dec 10 15:39:02 UTC 2019


Hi Nigel,

The most fundamental issue you bring up is this idea that someone may run
software and not be compliant. But it is not the running of the software
that would create noncompliance. Just as with other open source licenses,
it is the providing the software to other people that gives rise to the
duty to follow the license. People don't trip and fall and find that they
are offering a service over the Internet; they make a choice to adopt
particular software according to a particular license, and to offer that
software to others in a particular way.

If people don't want to comply with the CAL, then I agree that they should
not use CAL-licensed software.

Turning to your more specific points, you are not alone in having written
software here. The point that you seem to be missing is that anyone can
look at the software as they received it, then the software as it exists
after they add a user, and determine the difference. That is the point of
the safe deposit box analogy.  It doesn't really matter whether the
Recipient/user put the things in the box, or someone/something else put the
items in the box.

You also spend time worrying about mapping fields to export elements - or
to restate more generally, insisting that there needs to be a particular
technical implementation for data export. But software can be designed in
different ways - some better and some worse. I am not going to say that a
particular technically implementation is required.

For example, you claim it would be a real problem that someone might need
to use "database operations" to get data out of their system. I don't see
that accessing a database in your control is too much a burden. In fact, I
think in some cases that may be a good way to be compliant.

Thanks,
Van

>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensource.org/pipermail/license-review_lists.opensource.org/attachments/20191210/5e4232fa/attachment.html>


More information about the License-review mailing list