[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Final text of AGPL v3



On Mon, Nov 19, 2007 at 11:26:21PM +0100, Francesco Poli wrote:
> The term "user" is not clearly defined.  If I get an "access denied"
> error page through a browser, am I a user of the web application?  When
> I visit a portal, am I a user of the browser?  Of the portal
> application, as well?  Of the server-side scripting engine, perhaps?  Of
> the web server?  Of the kernel the web server runs on top of?  Of the
> router OS?  And so forth...
> 
> Where do we draw the line?

I'm inclined to say, "At common sense", taking into account the
intended functionality of the software. So someone getting an "access
denied" message is not a "user" of the software (even though the
software might need to be executed to generate that error). 

Similarly, as I said in my previous email a few minutes ago, while the
definition of "interaction" could be clearer, I think it has to be
taken as meaning "interaction" in a direct, top-of-the-stack sort of
way. As for the kernel, scripting engine etc., as a remote user you
don't interact with those directly, but only through the intermediary
applications sitting on top of them.

> This restriction compels *whoever runs the modified version* of the
> Program to accommodate the source code on the server or,
> alternatively, to set up and maintain a separate network server to
> provide source code: this may be a significant cost in some cases.

> This is ultimately a use restriction (from the point of view of
> whoever runs the modified version of the Program)

The highlighted wording is incorrect. Clause 13 only attaches *to the
person who makes the modifications*. It does *not* apply to someone
else who uses the software as so modified. To my mind this is a major
loophole in the APGL - what you might call the "get a friend to modify
it for you" loophole - but it's not a "use restriction".

> private use of the modified version on a publicly accessible server. 
> I'm *not* quite convinced that forbidding private use on a publicly
> accessible server should be considered as an acceptable restriction. 

I'm not sure I understand what "private use on a publicly accessible
server" means, unless this flows out of the question as to whether an
"access denied" error counts as "use" or "interaction".

> Anyway, it's a cost (a significant one, in some cases) associated with
> running the modified version of the Program.

No, it's a cost associated with *modifying* the program, as is the
cost of supplying the source code under the regular GPL.

> This is a use restriction, that may be associated with a significant
> cost. Does this restriction meet the DFSG? I think it fails to meet
> them.

Others on this list are more familiar with the DFSG and how it is
applied in practice, and I will leave it to them to comment on this
further. But I stress again: clause 13 does not apply to those who
*use* the software (whether in original or modified form); it only
applies to those who *modify* the software.

As I say, I'm not 100% convinced about the AGPL. I can understand the
intention behind it, but wonder what "unintended consequences" it may
have. But now that it is here, I think we need to work on the
assumption that it is intended to work, and try to read it on that
basis until someone comes up with a clearly insuperable objection
(Which may have happened on this list before I even hit "send"!),
rather than trying to find extreme interpretations of its provisions.

John



Reply to: