Re: Is AGPLv3 DFSG-free?
2008/9/13 Francesco Poli <frx@firenze.linux.it>:
> On Wed, 10 Sep 2008 20:36:54 -0500 Jordi Gutiérrez Hermoso wrote:
>> I have been interpreting the AGPL, and so far have not been challenged
>> on this interpretation, that these additional costs can be transferred
>> onto third parties for whom the cost is probably negligible, like code
>> hosting sites.
>
> I think this thread already saw more than one explanation of why this
> is not necessarily possible. For instance:
> http://lists.debian.org/debian-legal/2008/09/msg00016.html
Alright, let me see the objections in that message...
On Mon, 1 Sep 2008 05:39:59 -0400 Daniel Dickinson wrote:
> * if the application runs on a resource-limited server (think about
> a small embedded system...), I cannot use the same host
So? Put it up in Sourceforge or another server. What's the big deal
about using another server? The indefinite article "a" in the AGPL
clearly allows this.
> * if I don't want to publish the application (but only distribute it
> to my users), I cannot use a public hosting service
Sure you can, just use an authentication system. There are many public
hosting services that allow you to enforce an authentication system.
> * if I cannot afford the costs of ensuring it is available as long as
> the application runs, I cannot use another host owned or hired by me
Againt, those costs can be transferred to other agents for whom the
cost is presumably negligible.
2008/9/13 Francesco Poli <frx@firenze.linux.it>:
> On Wed, 10 Sep 2008 20:36:54 -0500 Jordi Gutiérrez Hermoso wrote:
>> The protests I have heard on this point is that perhaps
>> transferring these costs to third parties is not effective for various
>> reasons (anonymity and whatnot).
>
> The issue is not anonymity: the issue is that I could want to avoid
> making the application public (and only distribute it to my remote
> users). Again, see the above-cited message.
An authentication system seems to fix this (and I guess your next
objection will be some weird hypothetical and unlikely case where an
authentication system is technically difficult).
>
> [...]
>> > and additional cost of maintaining those modifications over
>> > time.
>>
>> For instances where the maintenance could be cumbersome, I think the
>> alternative methods of providing source, such as all at once when you
>> first transfer the software, could be effective.
>
> Suppose I never first transfered the software: I just run the
> application on my server. Your alternative method does not apply.
That's true, but you received the AGPLed software somehow in the first
place. Perhaps it's not fair of me to assume that if you were able to
receive the software, you cannot use the same symmetrical method to
distribute your modified source. But again, I have difficulty
envisioning a system where you're able to run a server that everyone
in the world can use to interface to but you cannot provide code to
anyone who uses this globally-available code.
> I hope you are not arguing that forcing me to implement http/ftp
> support complies with the DFSG...
No need for you to implement it, Sourceforge et al have already
implemented it for your benefit.
>
>> I have a hard time
>> imagining such a situation, so I don't think I fully understand the
>> impact of this protest against the AGPL. The cases of when the user is
>> given a device that has a local network interface can be solved by
>> giving the user the source on a separate medium when given the device;
>> this seems like a negligible cost too.
>
> Suppose I am not giving any physical device to anyone.
> My (modified) application runs on a small resource-limited server,
> talks a very simple network protocol (with no http/ftp support) and
> has remote users on the other side of an ocean...
> I don't think this is a particularly far-fetched example.
I do. Provide more details to make it plausible.
> And anyway, a work cannot claim to be Free Software, while forbidding
> some scenarios just because they are "weird".
Yes you can. Suppose aliens invade the Earth, closely monitor all
network traffic as well as sneakernet and instantly destroy anyone who
attempts to distribute source, but allow distribution of binaries. Oh
no! You cannot comply with the GPL anymore without being vapourised!
Clearly the GPL is non-free in this scenario.
>> > That's before we even get to the question of whether the AGPL allows
>> > the corresponding source to be unavailable at a given point in time
>> > when an person who interacts with the program at time T and then at
>> > time T+X requests the corresponding source.
>>
>> I am not sure. It might. The "opportunity to receive the Corresponding
>> Source" might be an opportunity in the future. To sue, you would
>> probably have to convince a judge that you were never given an
>> opportunity at all.
>
> An opportunity in the future?
> Like "click here, and wait for some 10 or 20 years, to get source" ?
Whatever a judge or local law interpreter deems reasonable. I think
most judges would deem a few days, maybe even a week or a month to be
reasonable, but not 10 years.
I am wildly guessing here, but I also see it highly improbable that
unless source isn't provided "soon", like within a month as was the
case with the recent Busybox GPL enforcement, that the lawsuits will
start to fly.
- Jordi G. H.
Reply to: