[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

RE: [Non-DoD Source] Re: Checking the ARL's scheme for releasing software

> -----Original Message-----
> From: Francesco Poli [mailto:invernomuto@paranoici.org]
> Sent: Saturday, March 25, 2017 12:30 PM
> To: Karan, Cem F CIV USARMY RDECOM ARL (US) <cem.f.karan.civ@mail.mil>
> Cc: debian-legal@lists.debian.org
> Subject: [Non-DoD Source] Re: Checking the ARL's scheme for releasing 
> software
> On Mon, 20 Mar 2017 14:15:14 +0000 Karan, Cem F CIV USARMY RDECOM ARL
> (US) wrote:
> > Good morning, my name is Cem Karan.
> Hello!
> [...]
> > I have been in discussion with the Open Source Initiative (OSI,
> > Caution-https://opensource.org/) on their license-discuss mailing list
> > to develop a method that ARL can use to safely and legally release
> > ARL-developed code as Open Source.  Marc Jones suggested on that list
> > that I contact Debian to see what Debian thoughts are.
> Thanks for doing so.
> What follows are my own personal opinions.
> Please note that I am *not* an official member of the Debian Project (I am 
> just an external contributor) and I cannot speak on behalf of
> the Project.

No problem, I just wanted to get a feel for what people think.

> [...]
> > we'd like to use a scheme that was
> > suggested on code.mil:
> >
> > 1) All code that does not have copyright attached is released under
> > the Creative Commons Zero (CC0,
> > Caution-https://creativecommons.org/publicdomain/zero/1.0/).
> This looks fine to me, with the only possible caveat that CC0 explicitly 
> refuses to waive patent rights:
> Caution-https://opensource.org/faq#cc-zero

ARL's internal process involves waiving its own IP rights; see 
for the relevant portion of ARL's policy.

The immediate question is 'what about the rights of others?'  In that case, if 
ARL has a contract with the relevant parties already, then ARL will try to 
work to obtain the necessary rights to release the software.  If ARL can't 
obtain those rights, then it won't release the software.

That said, ARL is just as capable of accidentally treading on the rights of 
others as anyone else is, so it is entirely possible that ARL will release 
material in good faith that has IP entanglements of some kind; after all, you 
can't guard against things you don't know about.  ARL cannot indemnify others 
against this kind of accident.

> >
> > 2) ARL-controlled projects choose an OSI-approved license to accept
> > contributions under (e.g. Apache 2.0).  If a contribution has
> > copyright attached, then the contributors must license the
> > contribution under the OSI-approved license to the ARL.  Contributions
> > that have no copyright attached must be licensed to the ARL under CC0.
> OK.
> >
> > 3) The works are combined and distributed with a note similar to the
> > following: "The portions of this work that do not have copyright
> > attached are distributed under the CC0 license.  The portions of this
> > work that have copyright attached are distributed under the Apache 2.0 
> > license."
> Looks clear enough to me.
> >
> > Will this scheme meet Debian's idea of Open Source software?
> Personally, I think this scheme would be suitable to comply with the DFSG.
> Obviously, I don't know what other debian-legal regulars think, nor whether 
> the Debian FTP Masters will consider works released
> according to this scheme as acceptable for the Debian main archive...
> --
>  Caution-http://www.inventati.org/frx/
>  There's not a second to spare! To the laboratory!
> ..................................................... Francesco Poli .
>  GnuPG key fpr == CA01 1147 9CD2 EFDF FB82  3925 3E1C 27E1 1F69 BFFE

Cem Karan

Attachment: smime.p7s
Description: S/MIME cryptographic signature

Reply to: