Subject: Re: Cubit Business management software - licensing
From: "Karsten M. Self" <kmself@ix.netcom.com>
Date: Sat, 23 Jul 2005 12:50:01 -0700
Sat, 23 Jul 2005 12:50:01 -0700
on Thu, Jul 21, 2005 at 02:39:03PM -0400, John.Cowan (jcowan@reutershealth.com) wrote:
> Karsten M. Self scripsit:
> 
> > > Also I do not want anyone to compile my code, php is executed as
> > > source code.
> > 
> > That would violate #3, "Derived Works".  Compiled code is a derived work
> > of the original work.
> 
> True.  But it wouldn't be inappropriate to forbid distribution of
> obfuscated versions, including a compiled version without source.

I don't understand the distinction.  How isn't this a derived work?

The GPL, as an example, mandates "preferred form" as the obligated
source distribution.  There's nothing in the GPL preventing distribution
as obfuscated source (say, for an obfuscated C contest).  But if there
is a  less  obfuscated source form, then  it  is the preferred form for
modifications, and the source disclosure obligations require it be made
available.

My read of OSD is that it allows obfuscated versions, but *requires* (#2)
source distribution in "preferred form".

 
> > > 3.???Cubit??? means the entire distribution, including all files,
> > > databases, source code, graphics, the name ???Cubit???, all systems,
> > > work flows, methods of operation and processes and any or all
> > > intellectual property implied or included in the Cubit Accounting and
> > > Business management software suite distributed or released in any
> > > fashion through any medium whatsoever.  4.???Distribution??? means any
> > > distribution of Cubit, making available thereof electronic or
> > > otherwise
> > 
> > This violates #8:  the license is specific to a product.
> 
> That's not what #8 means.  #8 forbids licenses of the form "You can
> only use this software in connection with (or as part of) our
> products."  Licenses that apply only to a single product aren't
> properly templatized, but they don't violate the OSD as such: see the
> Sybase Open Watcom Public License version 1.0, e.g.

Hrm.  Possibly.

 
> > > Any modifications to Cubit is governed by the terms of this license.
> > > Cubit is executed as source code and you may never compile, obscure or
> > > cause to obscure Cubit. You may not move this license or the top left
> > > Cubit graphic and link or the name Cubit from any Cubit file.
> > 
> > Violates OSD #3.
> 
> If properly toned down, however, I think it would pass muster.

I don't.
 
> > > General distribution:
> > > Any modification must be made available under the terms of this
> > > license to anyone that requests it 
> > 
> > This is an unusually broad disclosure obligation.  While you're free to
> > make it from a legal standpoint, and it doesn't violate the OSD, it
> > *does* run contrary to some standards of FSF Free Software and tests
> > used by some groups, such as Debian's "Desert Island" test:  how would I
> > distribute my modifications to any third party if I were stuck on a
> > desert island?
> 
> You are always excused from complying with license provisions that are
> impossible (physically) to perform.  The law may be a h'ass and a
> h'idiot, but it's not as stupid as all that.

First, to clarify, this isn't an OSD-specific criticism, the clause
doesn't, AFAICT, violate any OSD terms.  It *does* create conflicts with
several possible uses, an IMO undue burden on any third party developers
using the source base, and would ultimately be counterproductive.

I can think of situations which don't physically limit meeting this
obligation, but for which there would be compelling reasons not to wish
to do so, which would fall well within the bounds of existing accepted
free software licenses.

 
> > > Any application programming interface developed for Cubit must be
> > > licensed under this license or the latest version of the GPL as
> > > available from www.opensource.org 
> > 
> > <sniff><sniff>
> > 
> > Smells like a dual license.
> 
> Not for the product itself, but for any APIs developed for it.  

Point.  I had my comprehension bit off.

> I think this unconscionably restricts what people may do with
> software: it sets a dangerous precedent to let people constrain
> interoperability in this fashion.

It's probably also not legally defensible under copyright law, which is
where most free software licenses operate.   In fact this is attempting
to regulate an activity which seems to me to be entirely outside the
Cubit licenseholder's rights.


> > > Developer declarations:
> > > All developers declare that all modifications to Cubit are the
> > > developer's own original creation or that the developer has
> > > sufficient rights to grant the rights required in this license.
> > 
> > This should probalby be part of a separate affidavit attached to any
> > selected code contributions.
> 
> It comes from the AFL/OSL (the warranty of provenance) and is IMHO a
> Good Thing.

Warranties of provenance are a Good Thing.  I don't belive that the
passive declaration here is as useful as a method of specific
assignments.  Saying "you release this code under the terms of a 15,000
page license which includes a passive statement of provenace" seems
weaker than "you provided a copyright signoff for your submission
stating it was your work, or based on rightfully and compatibly licensed
existing work(s)" (e.g.:  the kernel.org signoff procedure).

Not a deal-breaker, but another bit of weakness in an already fatally
flawed license (from an OSD compliance standpoint).



IANAL, TINLA, YADA.


Peace.

-- 
Karsten M. Self <kmself@ix.netcom.com>        http://kmself.home.netcom.com/
 What Part of "Gestalt" don't you understand?
    Free Software Primer -- concepts you need to understand
    http://twiki.iwethey.org/Main/FreeSoftwarePrimer


["application/pgp-signature" not shown]