[License-review] [EXTERNAL] Re: Review for the NIST Software License

Hale, Lucas M. (Fed) lucas.hale at nist.gov
Wed Jan 7 21:35:19 UTC 2026 

Hi All,

I finally managed to get meetings rescheduled after the shutdown and holidays to get answers to your questions.

First, the primary questions for submission.

1.            Describe what gap not filled by currently existing licenses that the new license will fill.
Any open source software created at NIST using federal funding is required to use the NIST software license. Software that originates primarily from NIST-funded work must operate under US government public access policies, which the NIST software license is compliant with.

2.            Compare it to and contrast it with the most similar OSI-approved license(s).
The NIST license is close to the MIT license in that it defines the copyright scope, usage rights, citation guidelines, and liability disclaimers.  It differs in that because it is the result of federally funded work it is not subject to copyright protection in the US to begin with rather than giving the copyright away.

3.            Describe any legal review the license has been through, including whether it was drafted by a lawyer.
The license was drafted by the NIST Office of Chief Council and has undergone internal review and revisions over the years.


As for other discussion and questions from the thread:

This license is associated with US government-sponsored work that is performed by government employees or others working at NIST. As stated above and in the license, there is inherently no copyright in the US with the associated work due to the US government public access policies.  However, it does specify usage permissions, terms and conditions, and disclaimers to protect against legal liability.

As for outside the US, the https://www.usa.gov/government-copyright page has this line: "The U.S. government may assert copyright outside of the United States for U.S. government works." My guess is that this allows for export-control over works to target countries, but I'm not sure if this is currently being done on public access works.

Cases where the work is copyright-protected would fall under other licenses.  For the "contractors" exceptions, from what I heard it is less of a loophole and more the result of contract negotiations between government organizations and external contractors/subcontractors. The idea is that the external party has or is developing proprietary tools and data that the government wants to use, so complex contracts with special provisions and clauses let the external party retain copyright control while the government has usage rights. But, as stated, that is outside the scope of the license under review.

Lucas

From: License-review <license-review-bounces at lists.opensource.org> On Behalf Of Hale, Lucas M. (Fed) via License-review
Sent: Tuesday, September 30, 2025 11:22 AM
To: License submissions for OSI review <license-review at lists.opensource.org>
Cc: Hale, Lucas M. (Fed) <lucas.hale at nist.gov>
Subject: [EXTERNAL] Re: [License-review] Review for the NIST Software License

Hi reviewers,

I reached out to those in charge of the NIST software policy and will meet with them and our Office of Chief Council to discuss and bring your questions to them. We'll hopefully get answers for moving forward in regards to both sides.

Note that since a US Government shutdown is imminent and at this moment likely, progress on the NIST side may take some time and I won't have email access during the down time. Hopefully it won't happen or be too long, but if you need to table/withdraw the review after a time period feel free to do so and we can try again when possible.

Lucas






From: Carlo Piana <carlo at piana.eu<mailto:carlo at piana.eu>>
Sent: Tuesday, September 30, 2025 4:58 AM
To: License submissions for OSI review <license-review at lists.opensource.org<mailto:license-review at lists.opensource.org>>
Cc: Hale, Lucas M. (Fed) <lucas.hale at nist.gov<mailto:lucas.hale at nist.gov>>
Subject: [EXTERNAL] Re: [License-review] Review for the NIST Software License

You don't often get email from carlo at piana.eu<mailto:carlo at piana.eu>. Learn why this is important<https://aka.ms/LearnAboutSenderIdentification>
Lucas,

if I understand correctly, this should not technically be a license, since the software is not subject to copyright in the USA as far as it has been created by NIST employees. I think that if software is not given protection in the state of first publication is not protected even elsewhere, under the Berne Convention, therefore this is basically a dedication to public domain, whose primary scope is the liability disclaimer(s).

However, the "provided that you keep intact this entire notice" is technically (US lawyers please help) a condition, that means this is a license with conditional grant, after all. The other condition-like provision uses the verb "should", which is more of an invite,  at face value.

I do not see anything that would prevent this text to be approved, maybe in the "non reusable" category. But could NIST give us their position on the above discussion, for the sake of clarity, please?

Cheers

Carlo (in his personal provisional view and capacity)


________________________________
Da: "Hale, Lucas M. (Fed) via License-review" <license-review at lists.opensource.org<mailto:license-review at lists.opensource.org>>
A: "license-review at lists.opensource.org<mailto:license-review at lists.opensource.org>" <license-review at lists.opensource.org<mailto:license-review at lists.opensource.org>>
Cc: "Hale, Lucas M. (Fed)" <lucas.hale at nist.gov<mailto:lucas.hale at nist.gov>>
Inviato: Lunedì, 29 settembre 2025 22:13:02
Oggetto: [License-review] Review for the NIST Software License
Hi OSI reviewers!

I would like to submit the National Institute of Standards and Technology (NIST) Software license for review to be included in your list.  This is the primary license that NIST staff are expected to use when releasing software.

The license complies with the Open Source Definition, including the OSD 3, 5, 6 and 9 criteria.

There are numerous projects using the NIST software.  For instance, there are 1.3K repositories at https://github.com/usnistgov that should all be using the license.  As such, it falls under the legacy category.

The NIST license is also listed on the main NIST website https://www.nist.gov/open/copyright-fair-use-and-licensing-statements-srd-data-software-and-technical-series-publications, and has an SPDX listing https://spdx.org/licenses/NIST-Software.html. Under both sites, it is titled "NIST Software License"

Thank you for your time and consideration!

Sincerely,

Lucas Hale


_______________________________________________
The opinions expressed in this email are those of the sender and not necessarily those of the Open Source Initiative. Communication from the Open Source Initiative will be sent from an opensource.org email address.

License-review mailing list
License-review at lists.opensource.org<mailto:License-review at lists.opensource.org>
http://lists.opensource.org/mailman/listinfo/license-review_lists.opensource.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensource.org/pipermail/license-review_lists.opensource.org/attachments/20260107/33ba415f/attachment-0001.htm>

More information about the License-review mailing list