License Framework: Develop Best Practices
m at micheas.net
Tue Jun 15 08:01:43 UTC 2010
On Tue, 2010-06-15 at 08:21 +0100, Matthew Seaman wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> On 15/06/2010 07:46:27, Eric wrote:
> > It would seem from reading the various posting that the two missing features
> > are some sort of clean way of saying "this license or higher" and possibly
> > something along the lines of "like this licence" for cases where 99% is the
> > same as an existing OS licence, but I guess that last one comes down to a
> > point of purpose. Is the licence framework supposed to be a solid legal
> > structure or is it much like the pkg-descriptions just something we can
> > filter against and use to help guide us to the ports we want to install?
> I don't think the FreeBSD project could afford to have this license
> cataloging scheme regularly inspected by appropriate legal counsel for
> each of the various different jurisdictions around the world and for
> them to approve it as accurate and legally watertight.
I think that FreeBSD should piggy back on the OSI and just list
the following licenses:
http://www.opensource.org/licenses/alphabetical plus "other".
This could be a filter of sorts for those that want it. IANAL
but just listing the license should not be more or less risky
for the project than distributing the source code, and it might
even reduce the risk of distributing pre compiled binaries as
there is at least a good faith effort to comply with the
license(s) and make it easy for the end user to be aware of the
license(s) of the code.
> Given potential liabilities should the project attempt a binding
> framework without such checking, it would be horribly exposed should
> some FreeBSD user suffer and attempt to recoup consequential losses.
> Therefore, this should only be done on a 'best efforts' basis, and there
> should be prominent warnings that the license data may or may not be
> accurate and that end users *must* make their own verification that all
> software they are using is appropriately licensed.
I doubt the warning would shield the project from lawsuits about
ports that are currently being illegally distributed by the
project (if the do exist, I have not carefully check that none
of the GPL projects do not include GPL incompatible code and
vice versa.) Much less provide any protection for any packages
that are being distributed by the project.
The Handbook, the man pages, and the example make.conf file
should all carry the warning that the FreeBSD project does not
warranty nor indemnify anything in the ports collection,
including but not limited to the copyright tagging.
Just some late night thoughts.
> I feel that at this point I should declare that IANAL, so take
> everything I say here not as advice, but as my personal opinion.
> - --
> Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard
> Flat 3
> PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate
> JID: matthew at infracaninophile.co.uk Kent, CT11 9PW
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG/MacGPG2 v2.0.14 (Darwin)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
> -----END PGP SIGNATURE-----
> freebsd-ports at freebsd.org mailing list
> To unsubscribe, send any mail to "freebsd-ports-unsubscribe at freebsd.org"
Sometimes I wonder if I'm in my right mind. Then it passes off and I'm
as intelligent as ever.
-- Samuel Beckett, "Endgame"
More information about the freebsd-ports