Re: DEP5: License section

To: debian-project@lists.debian.org
Subject: Re: DEP5: License section
From: Charles Plessy <plessy@debian.org>
Date: Fri, 17 Dec 2010 01:19:38 +0900
Message-id: <[🔎] 20101216161938.GA19471@merveille.plessy.net>
In-reply-to: <[🔎] 20101216150151.GB17403@upsilon.cc>
References: <[🔎] 1292442846.2611.52.camel@havelock.lan> <[🔎] 20101216123621.GA18399@merveille.plessy.net> <[🔎] 20101216150151.GB17403@upsilon.cc>

Le Thu, Dec 16, 2010 at 04:01:51PM +0100, Stefano Zacchiroli a écrit :
> On Thu, Dec 16, 2010 at 09:36:21PM +0900, Charles Plessy wrote:
> 
> > For DEP5: http://dep.debian.net/deps/dep5
> 
> Uhm, this unfortunately is not the latest draft

Sorry for this, I had to jump in the train where I did the work, so I grabbed
the easiest to download. I just looked at the bzr version and it looks the
same.

> >  - SPDX contains a BSD-3-Clauses and a BSD-3-Clauses license, where
>                      ^^^^^
> 		     one of these two is a typo, I take?

Yes, BSD-4-Clauses

> >    some parts (year, copyright, organization) are substituted with
> >    placeholders. This can not work with DEP5, because of its
> >    standalone license sections.
> 
> If I understand correctly, that simply means that SPDX offers a more
> compact representation of something that in DEP-5 will be more verbose,
> is that it? If yes, it's not a big deal and can be changed later on,
> without affecting backward compatibility.

In DEP-5, if there are two files with their license derived from the BSD
license by changing the year, copryight and organisation name, we need to use a
different short name for each, otherwise there is the possibility to infringe
or at least mess with one of the licenses, by displaying the wrong organisation
name in the non-endorsement clause. I do not know how SPDX solves the problem.
But I note that they are inconsistent with the BSD-2-Clauses, that has no
placeholders, so they may probably change one or the other at some point.

> >  - ‘or any later version’ is represented in SPDX as a different
> >    license, with a short name ending by a plus, like ‘GPL-3.0+’.
> 
> How is this different from DEP5?

Not much, but in my understanding of DEP5, GPL-3.0+ is not a different license
from GPL-3.0. The information that any later version is acceptable is usually
found outside the license's text, such as in a README or in the files
boilerplates. Consistently, it is acceptable to point at /usr/share/common-licenses/GPL-3
for a GPL-3.0+ work. But this difference is probably very pedantic…

> >  - SPDX's MIT license is from:
> >    http://www.opensource.org/licenses/mit-license.html.
> 
> I don't get this difference, can you please expand?

DEP-5 notes that several variants of the MIT license exist. I simply indicated
which is the one chosen by SPDX.

Cheers,

-- 
Charles Plessy
Tsurumi, Kanagawa, Japan

Reply to:

Follow-Ups:
- Re: DEP5: License section
  - From: Jonas Smedegaard <dr@jones.dk>

References:
- DEP5: License section
  - From: Lars Wirzenius <liw@liw.fi>
- Re: DEP5: License section
  - From: Charles Plessy <plessy@debian.org>
- Re: DEP5: License section
  - From: Stefano Zacchiroli <zack@debian.org>

Prev by Date: Re: DEP5: License section
Next by Date: Re: DEP5: License section
Previous by thread: Re: DEP5: License section
Next by thread: Re: DEP5: License section
Index(es):
- Date
- Thread