legal August 2009

legal@lists.fedoraproject.org

14 participants
18 discussions

Re: [Fedora-legal-list] CAcert.org license
by Tom Callaway 12 Feb '16

12 Feb '16

On Tue, 2008-12-09 at 23:03 +0100, Matthias Saou wrote: > > >>>>> "TC" == Tom \"spot\" Callaway <Tom> writes: > > > > TC> Given that it does not give permission for us to redistribute (the > > TC> cornerstone requirement for Content licenses), this license is not > > TC> acceptable for Fedora. > > > > I guess I'm glad I looked before approving the package, but I have to > > wonder: Do the cacert folks actually want anyone to use their > > certificates? I mean, this prevents basically everyone from using > > them, because they can't come with the OS or the browser. > > Personally, the more I read the document, the more I'm confused. > > "You may NOT distribute certificates or root keys under this > licence"... does this mean we can distribute under a different license? Well, sortof. The wording here is strange because you can get a different license from the CA issuer. We can't just pick a license, but the CA issuer might be willing to give us a different one. > Would it be worth getting in contact with CAcert.org in order to try > and have them allow us to redistribute the root certs under conditions > which are acceptable to the Fedora Project? Probably, yes. :) ~spot

4 6

Licensing issue in OpenLayers package (already in Fedora)
by Mathieu Bridon 13 Sep '09

13 Sep '09

Hi, The OpenLayers package (already in Fedora, owned by Cristian in CC and of which I'm a co-maintainer) bundles a JavaScript minimizer called jsmin [1]. I know this is bad practice to have a tool bundled like this, and I wanted to remove it from the source RPM and make it use a system version of jsmin that would be installed in its own package. However, I saw that jsmin had already been submitted to Fedora and was refused because the license specifies that « The Software shall be used for Good, not Evil. » [2] I discussed it with the OpenLayers devs (see attached IRC log) and it seems we have 2 possibilities. 1. The jsmin.py script was rewritten from scratch to mimic the behavior of the C original version. It currently contains the following license header: ==== # This code is original from jsmin by Douglas Crockford, it was translated to # Python by Baruch Even. The original code had the following copyright and # license. # # /* jsmin.c # 2007-01-08 # # Copyright (c) 2002 Douglas Crockford (www.crockford.com) # # Permission is hereby granted, free of charge, to any person obtaining a copy of # this software and associated documentation files (the "Software"), to deal in # the Software without restriction, including without limitation the rights to # use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies # of the Software, and to permit persons to whom the Software is furnished to do # so, subject to the following conditions: # # The above copyright notice and this permission notice shall be included in all # copies or substantial portions of the Software. # # The Software shall be used for Good, not Evil. # # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, # FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE # AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER # LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE # SOFTWARE. # */ ==== The part between JavaScript comments is the original problematic license (starts with « /* » and ends with « */ »). My question is, as this seems to be a « clean room implementation », could it have a different license than the original jsmin ? This would make the python version suitable for Fedora (correct me if I'm wrong) and that would allow me to build OpenLayers using it. 2. The second possibility is to simply build OpenLayers without jsmin. This would however result in a much bigger JavaScript file, leading to worse performances. That's a solution I'd rather avoid, but if this is the only possibility, I'll do it. Best regards, [1] http://www.crockford.com/javascript/jsmin.html [2] https://bugzilla.redhat.com/show_bug.cgi?id=455507 ---------- Mathieu Bridon (bochecha)

2 3

fedoraadmin.com trademark violation?
by Adam Miller 31 Aug '09

31 Aug '09

I stumbled across the website http://fedoraadmin.com/ and it first appeared to me as an eye soar and was going to try and contact its owner to see if we couldn't coordinate some redesign either with Fedora or non-Fedora centric resources just so that it would at least provide information to users in an eye pleasing manner. During this quest I formed the hunch that the owner probably lacks trademark approval for using the Fedora name in their domain name. I spoke with Paul W. Frields in #fedora-devel and he mentioned that I should post here, so I did. :) Many thanks, -Adam -- http://maxamillion.googlepages.com --------------------------------------------------------- () ascii ribbon campaign - against html e-mail /\ www.asciiribbon.org - against proprietary attachments

1 0

sip licensing bump in the road
by Rex Dieter 27 Aug '09

27 Aug '09

fyi, sip licensing fun on the way, http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=543730 , riverbank is being contacted for clarification of their intent. This impacts the qt/kde python bindings stack. -- Rex

1 0

Re: [Fedora-legal-list] "Old Style with legal disclaimer 4" MIT license
by Tom Callaway 21 Aug '09

21 Aug '09

On 08/21/2009 01:17 PM, Tom Lane wrote: > I also see that OSI's first page above notes that the "Simplified BSD > License" is effectively equivalent to the MIT license, but they do not > therefore lump them together. They are "Effectively equivalent", from a GPL compatibility perspective, and in the way that both licenses are permissive, but they are not in any way, identical. This is why they are not lumped together. > The reason I've got a problem with this is that "we use the BSD license" > is part of the Postgres project's self-identity and self-description, to > a degree perhaps not found elsewhere. This is silly. We use the "License:" field to track actual licensing data within Fedora, not any lies that upstream wishes to place in that field. If you're unwilling to stand behind the truth, then feel free to defer all flames around the fact that our license tag is accurate to me. > I agree that "License: BSD" is not sufficiently detailed for Fedora's > purposes, but it seems to me that that problem affects more than just > Postgres. Perhaps the right way forward is to ask people to distinguish > "4-clause BSD", "3-clause BSD", "2-clause BSD"; which I think covers > the significant variations. So, we already do this, in as much as the 4-clause BSD is "BSD with advertising", and all other BSD variants are almost identical in language and rights. The MIT license, while similar in intent, is wholly different in both language and rights. As I've said to Josh Berkus in private, I am entirely unwilling to lie about the license of the package simply because upstream is more comfortable with the lie. If the PostgreSQL upstream wishes to continue lying about about their own license to the world, I cannot prevent them. There are four basic authorities on FOSS licensing in our community: The FSF, the OSI, Debian, and Fedora. Every single one of these entities agrees on what is the "BSD license": OSI: http://opensource.org/licenses/bsd-license.php FSF: http://www.xfree86.org/3.3.6/COPYRIGHT2.html#5 (linked from http://www.gnu.org/licenses/license-list.html#ModifiedBSD) Fedora: https://fedoraproject.org/wiki/Licensing/BSD Debian: http://www.debian.org/misc/bsd.license (linked from http://www.debian.org/legal/licenses/) In fact, every one of them also agrees on what is the "MIT license" (to be fair, the FSF prefers it be referred to as the "X11 license"): OSI: http://opensource.org/licenses/mit-license.php FSF: http://www.gnu.org/licenses/license-list.html#X11License (They refer to it as X11) Fedora: https://fedoraproject.org/wiki/Licensing/MIT Debian: http://www.jclark.com/xml/copying.txt (linked from http://www.debian.org/legal/licenses/) If you compare the two licenses to the PostgreSQL license text: *** Permission to use, copy, modify, and distribute this software and its documentation for any purpose, without fee, and without a written agreement is hereby granted, provided that the above copyright notice and this paragraph and the following two paragraphs appear in all copies. IN NO EVENT SHALL THE UNIVERSITY OF CALIFORNIA BE LIABLE TO ANY PARTY FOR DIRECT, INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES, INCLUDING LOST PROFITS, ARISING OUT OF THE USE OF THIS SOFTWARE AND ITS DOCUMENTATION, EVEN IF THE UNIVERSITY OF CALIFORNIA HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. THE UNIVERSITY OF CALIFORNIA SPECIFICALLY DISCLAIMS ANY WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE SOFTWARE PROVIDED HEREUNDER IS ON AN "AS IS" BASIS, AND THE UNIVERSITY OF CALIFORNIA HAS NO OBLIGATIONS TO PROVIDE MAINTENANCE, SUPPORT, UPDATES, ENHANCEMENTS, OR MODIFICATIONS. *** It is clear that the PostgreSQL license is MIT. In fact, we have been listing this exact text on the Fedora MIT page for some time now (added in July 2008): https://fedoraproject.org/wiki/Licensing/MIT#Old_Style_with_legal_disclaime… The fact that PostgreSQL came from UC Berkeley and that the text of the PostgreSQL license was written by the University of California, Berkeley, may make it a "Berkeley Systems License", but it does NOT make it the "BSD license". With all due respect to you and the PostgreSQL upstream, we're not about to start lying about the licensing found on code, for anyone, or for any reason. If the PostgreSQL community wants the Fedora packages to say "License: BSD", then they have a single method to achieve that goal: Relicense the code base under the terms of the "BSD license". ~spot

1 0

Re: [Fedora-legal-list] "Old Style with legal disclaimer 4" MIT license
by Tom Callaway 20 Aug '09

20 Aug '09

On 08/20/2009 06:28 PM, Tom Lane wrote: > "Tom \"spot\" Callaway" <tcallawa(a)redhat.com> writes: >> I've fixed Postgresql's tag in CVS, there should be no need to push >> updates for it simply to fix this tag, but any future updates should >> retain the fixed license tag. > > I have a problem with you summarily doing this. The upstream does not > think the license is MIT, and this is going to cause an enormous amount > of confusion and possibly a PR disaster. The upstream can think whatever they want to, it is not the BSD license. This is the BSD license, as defined by the OSI, the Regents of the University of California, and Fedora: http://opensource.org/licenses/bsd-license.php That is NOT the license used by PostgreSQL. The intent of the license used by PostgreSQL is similar, but it is not identical. Notably, the BSD license says that the name of the copyright holders/contributors may not be used to "endorse or promote products derived from the software without specific prior written permission". That clause is absent from the PostgreSQL license. If the PostgreSQL upstream wants to relicense to the BSD license, that is something they can do, but we're not going to pretend it is BSD for the sake of PR, any more than we would pretend it is the "magic flying pony license" if they asked us to. ~spot

1 0

"Old Style with legal disclaimer 4" MIT license
by Jason L Tibbitts III 20 Aug '09

20 Aug '09

I was looking at a package which contains license text identical to: http://fedoraproject.org/wiki/Licensing/MIT#Old_Style_with_legal_disclaimer… (the review is https://bugzilla.redhat.com/show_bug.cgi?id=452321) The package maintainer and upstream contend this is BSD, not MIT. Personally I think the license tag is for Fedora's use, and so there shouldn't be any harm in just using MIT as the licensing page indicates. Still, I figured it would be good to double-check. - J<

2 3

Re: [Fedora-legal-list] Pylons license
by Alexander Todorov 20 Aug '09

20 Aug '09

Mathieu Bridon (bochecha) wrote: > On Thu, Aug 20, 2009 at 10:02, Alexander Todorov<atodorov(a)redhat.com> wrote: >> Hi folks, >> I'm playing with Pylons - a framework for web applications in Python. >> This is not present as a package in Fedora > > Actually it is: > https://admin.fedoraproject.org/pkgdb/packages/name/python-pylons > > About your licensing question, I let that to the experts :) > > Ahh, I didn't find it somehow. Thanks for the pointer. The rpm package says BSD in the License tag and it is in Fedora already so I guess it's OK. Regards, Alexander.

1 0

Pylons license
by Alexander Todorov 20 Aug '09

20 Aug '09

Hi folks, I'm playing with Pylons - a framework for web applications in Python. This is not present as a package in Fedora and it's license doesn't look like standard FOSS license: http://pylonshq.com/project/pylonshq/browser/LICENSE Can you tell me what license is this and if it is suitable for Fedora? Thanks, Alexander.

1 0

Pymol license review
by Gianluca Sforna 19 Aug '09

19 Aug '09

I just noticed this text in the F11 pymol license file: Open-Source PyMOL Copyright Notice ================================== The Open-Source PyMOL source code is copyrighted, but you can freely use and copy it as long as you don't change or remove any of the Copyright notices. The Open-Source PyMOL product is made available under the following open-source license terms: ---------------------------------------------------------------------- Open-Source PyMOL is Copyright (C) 1998-2003 Warren L. DeLano and Copyright (C) 2003-2009 DeLano Scientific LLC, Palo Alto, California, U.S.A., (www.delanoscientific.com) All Rights Reserved Permission to use, copy, modify, distribute, and distribute modified versions of this software and its built-in documentation for any purpose and without fee is hereby granted, provided that the above copyright notice appears in all copies and that both the copyright notice and this permission notice appear in supporting documentation, and that the names of Warren L. DeLano or DeLano Scientific LLC not be used in advertising or publicity pertaining to distribution of the software without specific, written prior permission. <cut> The License field in the RPM says: MIT and BSD and ZPLv2.0 and Bitstream Vera and OFL so I assume it changed at some point and grown the "without fee" clause, but right now that looks like not acceptable in Fedora anymore. Can anyone confirm my analysis? -- Gianluca Sforna http://morefedora.blogspot.com http://www.linkedin.com/in/gianlucasforna

2 1

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

legal August 2009