Hi all -- any thoughts on this? Would it make things easier if we changed to a "whitelist" license policy, or is the rationale below for the structure of the FOSS exception sufficient?
Cheers, William On Fri, Mar 4, 2016 at 6:55 PM, William Whyte <wwh...@securityinnovation.com > wrote: > Hi all, > > Sorry for the delay responding: I've been traveling, then sick. > > On patents: Yes, the license at > https://github.com/NTRUOpenSourceProject/ntru-crypto/blob/master/LICENSE.md > grants a license to use the patents under GPL v2 or higher. > > On the FOSS Exception, > https://github.com/NTRUOpenSourceProject/ntru-crypto/blob/master/FOSS%20Exception.md: > the intent here is to protect the effectiveness of the GPL. As noted, > clause 2b requires that "The Derivative Work does not include any work > licensed under the GPL other than the GPLed NTRU". The idea of this is that > it prevents someone from creating a Derivative Work that is simply two > GPLed modules stuck together under a more permissive license, which would > be possible if it were not for this clause, and which would circumvent the > intent of the GPL. > > (For background, this was derived from > https://www.mysql.com/about/legal/licensing/foss-exception/) > > Currently, I don't see any mention of GPL or of a FOSS Exception in the > Tor License, https://gitweb.torproject.org/tor.git/plain/LICENSE. That > implies that Tor could if it wanted to incorporate libntruencrypt under > this FOSS Exception, but that would prevent it from incorporating any other > GPL library. > > The alternative that Ian mentioned, > http://www.gnu.org/licenses/gpl-faq.en.html#GPLIncompatibleLibs, is more > of a whitelist approach. If that'd be easier we can make that licensing > statement, though I think the current FOSS exception actually covers Tor's > requirements. > > Thoughts? > > Cheers, > > William > > > > > On Sat, Feb 27, 2016 at 10:54 AM, Jim Wright <jim.wri...@oracle.com> > wrote: > >> Do not give up hope, no change has yet occurred, and more voices calling >> attention to the problematic consequences of this choice may yet change >> their minds. :-) >> >> >> > I have also repeatedly written to them in order to recommend the >> > adoption of the 3-clause BSD license [2], the Expat license [3], or the >> > zlib license [4]. >> > >> > [2] https://spdx.org/licenses/BSD-3-Clause >> > [3] http://www.jclark.com/xml/copying.txt >> > [4] http://www.zlib.net/zlib_license.html >> > >> > I have never received any reply whatsoever... :-( >> > >> > >> > -- >> > http://www.inventati.org/frx/ >> > There's not a second to spare! To the laboratory! >> > ..................................................... Francesco Poli . >> > GnuPG key fpr == CA01 1147 9CD2 EFDF FB82 3925 3E1C 27E1 1F69 BFFE >> >> >
