On 12/13/2009 02:49 PM, Robin H. Johnson wrote:
On Sun, Dec 13, 2009 at 10:44:05PM +1100, Daniel Black wrote:
Recently this got produced as a draft license for parties distributing
CAcert's root certificate(s) (like us).
https://svn.cacert.org/CAcert/Policies/Agreements/3PVDisclaimerAndLicence.html
That's a pretty dense license. I can see why you had a headache.
I believe that in it's current form, we will have to make sure we have a
liability disclaimer to users for the license, but that should be about
it.
First, I am not a lawyer.
The 3PV license does require that the user be presented with:
http://www.cacert.org/policy/NRPDisclaimerAndLicence.php
I'm not sure that simply posting the link in an einfo would satisfy the
requirements. We might need to post the full text to qualify as having
presented it to the user - not sure about that. I don't see anything in
there that requires interaction though (hitting a yes button or anything
like that).
The license itself is fairly short - we only need to post the NRP and
not the 3PV license. The 3PV is a license for Gentoo to distribute
content to users under the NRP. Users who don't redistribute the key
don't need to worry about it.
An option would be to RESTRICT=mirror their root key, and install it
directly from their site, assuming they don't start messing with the
URL. Then we can just put the license in the ebuild like any other.
Since we don't redistribute anything copyrighted, Gentoo itself doesn't
enter into any license agreement.
Only issue with that is that it is often bundled with a bunch of others
and I don't know that you can restrict only one URL in the ebuild.
