[License-review] For approval: The Cryptographic Autonomy License (Beta 4)

McCoy Smith mccoy at lexpan.law
Thu Jan 2 18:03:49 UTC 2020

>>From: License-review <license-review-bounces at lists.opensource.org> On Behalf Of Simon Phipps
>>Sent: Thursday, January 2, 2020 4:53 AM
>>To: License submissions for OSI review <license-review at lists.opensource.org>
>>Subject: Re: [License-review] For approval: The Cryptographic Autonomy License (Beta 4)



>>On Thu, Jan 2, 2020 at 3:38 AM Richard Fontana <rfontana at redhat.com <mailto:rfontana at redhat.com> > wrote:

It matters whether proprietary relicensing is the primary use case for
at least a couple of reasons. First, there is the long general history
of this technique being used, in effect, as a disguised attempt to
inhibit software freedom, particularly for commercial users. 


>>I'm interested in wider consideration of the community norms for this use case. Do you by any chance have a pointer to the archives of the discussion of this use case as it related to the design and >>approval of AGPL (not just at OSI obnviously as it was brought here fully formed)? I realise the license was created independently of the companies abusing it, but the consideration of creation of license >>terms ripe for abuse would obviously still apply and I would like to study the prior discussion as I was only involved in the GPLv3 process and not the AGPL process.


I also thought of AGPL in this context, in particular in response to Bradley’s comment that “I can't find an example when OSI approved a novel copyleft license that hadn't yet been used in practice and therefore had no track record of use for any FOSS project”


As far as I can tell, AGPLv1 never got on the OSI list, nor did v2 (which I believe was intended only as a transitional license).  AGPLv3 was submitted in January 2008 (https://lists.opensource.org/pipermail/license-review_lists.opensource.org/2008-January/000058.html); AGPLv3 was finalized in November 2007 (so it was submitted to OSI two months after its drafting was completed).  It was approved in March 2008, with very little discussion on the mailing list (https://lists.opensource.org/pipermail/license-review_lists.opensource.org/2008-March/000096.html ). So AGPLv3 went from finalization to OSI approval in a mere 4 months.


Given that AGPLv1 had been around for several years, and v3 was designed (AFAIK) to concord it with GPLv3, whether AGPL was ever a “novel copyleft license that hadn’t yet been used in practice” is probably a question upon which there will be different opinions.  The Remote Network Interaction provision of AGPLv3 was not “novel” (it had been in AGPLv1 circa 2002), and the other “new” parts of AGPLv3 inherited their “novelty” from GPLv3.


For what it’s worth.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensource.org/pipermail/license-review_lists.opensource.org/attachments/20200102/24680169/attachment-0001.html>

More information about the License-review mailing list