Subject: Re: Are implicit dual-licensing agreements inherently anti-open?
From: David Barrett <dbarrett@quinthar.com>
Date: Fri, 22 Jul 2005 01:49:08 -0700

Michael Bernstein wrote:
> On Thu, 2005-07-21 at 17:34 -0700, David Barrett wrote:
> 
>>But it seems to me that *at worst*, if the ID is wholly malicious in 
>>every possible way, the greatest harm he can cause is... not 
>>redistribute contributions.  I mean, the *absolute worst case scenario* 
>>is really not bad at all as anybody can just take the whole body of 
>>source code, set up an alternate repository, and manage it like any 
>>other open-source project.  Problem solved.
> 
> Not really. The ID is set up perpetually as the sole proprietary free
> rider. In the worst-case scenario, the ID (and no one else) can continue
> to use the forked code as the basis for their proprietary product, even
> though they are now expending no effort to maintain it.

Ok, so the worst possible outcome is that the initial developer 
freeloads on a successful open source project?  And... that's it?

Both the severity and probability of this outcome is certainly a value 
judgment.  I wager you believe the severity is high, and the probability 
is likely -- and I won't try to convince you otherwise.  But I 
personally believe developers aren't so easily manipulated, nor are 
initial developers so Machiavellian.


>>Furthermore, you seem to be discounting that there's any possible way 
>>that such an arrangement could go "right".  I mean, do you disagree that 
>>it's possible an ID could be smart, could treat his community of 
>>contributors fairly, and could actually release code in an open way -- 
>>code that probably wouldn't have been released at all otherwise -- such 
>>that he and everyone benefits?
> 
> Ah, but in the positive scenarios, the normal dynamics of open-source
> licensing with a dual-licensing business model would suffice, and the
> additional safeguards (in the form of perpetual special privileges) in
> the OVPL for the ID are unnecessary.

"Would suffice" is another judgment call.  In your case, I recognize you 
see the hassle of gathering contributor agreements to be negligible. 
That's fair; I recommend you do so.  But in my case, I'm a nomad.  I 
literally have no physical address that lives longer than a month.  It's 
not possible (or, at least, convenient) for me to harvest physical 
contributor agreements because of the simple matter -- to where would 
they send them?  Likewise, I live out of a tiny backpack.  I don't have 
a file cabinet.  Even if I received all this paperwork, where would I 
keep it?  In my case, "normal dynamics" do not suffice.

I'm not trying to convince you that you should use the OVPL.  I'm not 
trying to convince you you should contribute to the OVPL.  I'm just 
asking that you accept that there are others who need, would use, and 
would contribute under the OVPL.

I enjoy and appreciate your personal opinions on the matter.  But what I 
really want is precise feedback on where the OVPL violates OSI 
principles, or where it includes language that is unenforceable under 
certain jurisdictions.  And if you don't see any such conflicts, I'd 
like you to state that, too.


> I do realize that these are not *necessarily* arguments against OSD
> compliance (I'll leave that determination to others).
> 
> I would however argue that the OVPL does not represent a useful (from
> the OSI's point of view) innovation in software licensing, and I
> strongly urge you to reconsider whether you truly need the special
> privileges the OVPL grants to the ID.

That's fair and useful feedback -- thank you.  But I respectfully 
disagree.  I believe the inclusion of an implied contributor agreement 
does in fact serve as a useful innovation, does not conflict with OSI 
principles, and is necessary for certain people and situations.

Such as me, and mine.

-david