Subject: Re: Policy for attribution
From: Chuck Swiger <>
Date: Tue, 11 Jul 2006 12:39:32 -0400

Russ Nelson wrote:
> I think we need to develop a policy for attribution, e.g. "Based on
> TrueCrypt, freely available at".  This is
> just one example of many.  I don't see community consensus surrounding
> attribution.  Please discuss.

The canonical example would be the old-style BSD license versus the new one. 
Clearly, both licenses are OSD-compliant and both have been approved by the 
OSI board.

The second one (that does not require attribution) seems to be preferred for 
several reasons: less documentation overhead, avoids being incompatible with 
the GPL, etc.  However, I don't see much difference between requiring 
attribution to the authors and, say, the output mandated in GPL clause 2c.


I don't think the TrueCrypt license should be approved as-is, not because of 
the attribution requirement, but since it incorporates references to at least 
three or four other licenses.

Perhaps a useful direction for improvement would be to consider, what would 
the TrueCrypt license look like if someone started a new project from scratch.

If a license is never going to be especially suitable for someone else to use 
in unrelated projects, it doesn't seem like getting OSI-board approval for it 
is going to be very useful....