On Mon, Nov 03, 2003 at 02:14:52AM +1100, Martin Michlmayr - Debian Project Leader wrote: > * Branden Robinson <[EMAIL PROTECTED]> [2003-10-21 15:00]: > > In sum, I think the two-year gestation process on debian-legal was > > necessary to give this joint committee of Debian and the FSF a > > tractable task to deal with. > > Yes, I fully agree with this, and appreciate the hard work -legal has > done to clearly identify the problems. My original mail tried to > answer your question about the "presence of GNU FDL-licensed works in > sarge" and not give a historical rundown.
Well, it doesn't take a historical rundown to keep from saying "I'm very delighted to finally see a productive discussion on this topic [now that it's being handled by a committee, and not the debian-legal list]". Nevertheless, thanks for the clarification. There are people who feel that all of the discussions on -legal are a big waste of time (we should all "get back to hacking", presumably), and it's good to know you don't share that opinion. (After all, some developers prefer to spend some of their time playing Tetrinet instead of hacking, and *they* don't come under censure by their peers, as far as I've seen.) > > > either. I'd just like to remind you that we had a fair number of > > > GPLed packages linked against SSL and we even released with those > > > packages. > > > > I'm afraid I don't see the relevance of this line of argument; I > > know of no one who has advocated retroactively changing > > already-released versions of Debian to come into conformance with > > My point was that we knew about the SSL linking problem before the > release. The SSL linking problem isn't a DFSG-freeness issue; it's a license compatibility issue. Firstly, I was unaware that we knowingly and deliberately shipped packages (in woody, you're saying?) such that we likely contravened the GNU GPL. Are you sure we hadn't collected even informal grants of permission from the upstream copyright holders in those cases? Secondly, the Social Contract binds us to producing a distribution of 100% Free software. Last I checked, the OpenSSL library is DFSG-free, and the GNU GPL as generally applied is a DFSG-free license. We cannot violate clause 1 of the Social Contract by shipping such things in a release. Linking GPLed apps with the OpenSSL library, if done deliberately, may be tortious and stupid, but it's not a violation of our explicit founding principles. We could change that, of course, by amending the Social Contract to state that we shall scrupulously adhere to the vagaries of copyright law in every political jurisdiction to which we distribute software, and that we shall abide by every copyright holder's interpretation of copyright law and the language of a license, no matter how absurd. Or maybe we shouldn't. To do what I just described would, I think, place to much power in the hands of third parties, and rob Debian of much control over its own destiny. How many of us want to promote the language of the U.S.'s Digital Millenium Copyright Act as an ideal co-equal with the other goals of our Social Contract? In practice we already hew pretty close to both of those (respecting countries' laws without question, and accepting copyright holder's license interpretations without question), as a review of the traffic on debian-legal will reveal, but I think those are pragmatic concerns. The reason is simple: we don't want our developers or our users exposed to criminal or civil liability if we can help it. So, if what you claim is true, are you saying that you feel that the fact that we exposed ourselves to legal risk by knowingly violating the GPL with our last release means we shouldn't sweat the language of the Social Contract today? I'm not so sure, myself; I think we should be trying *harder* to hold to our principles, not look back on our past errors and throw in the towel like defeated perfectionists. -- G. Branden Robinson | The greatest productive force is Debian GNU/Linux | human selfishness. [EMAIL PROTECTED] | -- Robert Heinlein http://people.debian.org/~branden/ |
signature.asc
Description: Digital signature
