-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [NOTE: IANAL or thoroughly versed in contract law and software licensing. Thus, if I have made any wrong assumptions here, they were done in good faith, and I appreciate any corrections. Please also note that if anything here is percieved to be "flaming" in any sense, I truly did not mean it to be so - my goal is to help contributing to both Fedora - my OS of choice - and FOSS at large.] Hello all, Forgive me if the header (and indeed this whole mail is a tad long, but I would like to address an issue which is very important to me personally, and which I believe must be dealt with in the interest of keeping FOSS truly free for everyone to use. The problem - ----------- At least one OSI-certified license today (the "W3 Software Notice and License") contains a provision like this: "By using this software in any way, you acknowledge that you have READ, UNDERSTOOD, and will comply with this license". In other words, the license seems to put a moral burden on the end- user to both read and understand the license in order to be granted any rigths to even use (let alone modify and distribute) the software it covers. There may be other licenses that have "lighter" provisions of the same type (such as "you understand that you may not remove or alter any copyright notices" and the like) in their text, and I will include those here for the sake of discussion, as falling into the same category. I believe restrictions like this are contrary to the spirit of FOSS. As the FSF definition says: "The freedom to run the program means the freedom for ANY KIND of person or organization to use it on any kind of computer system" (http://www.gnu.org/philosophy/free-sw.html, emphasis added) Licenses like this do not grant this freedom to everyone - it expressly grants it only (at least in the ethical sense) to people who can affirm that they have read and understood whatever the license requires them to read and understand. What this could mean in practice might be that end-users might have to pre-screen the licenses (including any third-party licenses) for packages they install, just to make sure they comply with the ethical side of these restrictions. Needless to say, that would put a large and impractical burden on the end-user, which I believe land us in a situation where we are no better off then in a proprietary environment, which (in my view) is unacceptable for any FOSS project. Possible workarounds - -------------------- I believe the perfect situation is ABSOLUTE freedom to run the software, without any extraordinary legal obligations toward the licensor, as is granted expressly by the GPLv2 ("There are no restrictions on running this software"). Again, legal or moral pre-reqs like this on free software excludes people who for any reason are not able to fulfill them (take into account that the license might only be available in english, or contain complex legal language, and you see the difficulty this will pose for most people who are not english-speaking lawyers). I believe it is possible to get around this problem, in fact, it may already be solved. Here are some suggestions: 1) Compile against GPL2+ code - Now I am not sure about this, but does not combining code under a GPL-compatible license with code under the GPL cause the combined work to fall under the GPL? If this is the case, does that mean that any terms of the GPL- compatible license (such as the W3C) can be ignored after such combination? In that case, the situation would be solved for packages that are combinations of the W3C licensed code and GPL code. 2) Display any "must-read" terms in the package manager - Hack the package manager to popup a shrink-wrap window where the user has to affirm they have read and understood what the license requires. I admit this is an awful, ugly solution. 3) Ban any licenses that would fall into this category (possible, since for now the only license of this type I know off is the W3C). 4) Petition license authors to provide global waivers that remove these provisions from the licenses (possible if it came from the community, perhaps not an individual). I appreciate any feedback on this issue, and of course I am personally willing to put in a lot of work to contribute to a solution of it. With kind regards, Christopher Svanefalk, Student, Computer Science, Univ. of Gothenburg. PS. the link to this mailing list at http://fedoraproject.org/wiki/Licensing#Discussion_of_Licensing points to the old archive at redhat.com, not the new list server at https://admin.fedoraproject.org/mailman/listinfo/legal DS. -----BEGIN PGP SIGNATURE----- Charset: UTF8 Version: Hush 3.0 Note: This signature can be verified at https://www.hushtools.com/verify wpwEAQMCAAYFAktvur0ACgkQQJM2U8zwlkYc3gQAhZp13/At9a2XKFodaYGhUBg2E0vC V1ErFnJYGHcuieZ21puYj7Ws2uj/4Iu4zimnUvjx6tlyNXgyI2BpMW1NpyuG5eu2k+IP f1Qn+yy4m8F7Ow6150/reNBegLsKZo3idOT/2dhJqeiOzOzt3BXVew5JE+uCPMckwcMX KDUlGpA= =1ee0 -----END PGP SIGNATURE----- _______________________________________________ legal mailing list legal@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/legal
