Subject: Re: Open Source and Contributor Agreements
From: Ben Tilly <btilly@gmail.com>
Date: Fri, 25 Nov 2005 23:17:13 -0800

 Fri, 25 Nov 2005 23:17:13 -0800
On 11/25/05, David Barrett <dbarrett@quinthar.com> wrote:
> Still seeking closure on this.  Can anyone confirm or deny the following
> reasoning:

I can give my personal take on it.

> - Open source has an unstated principle that all contributors are equal;
> nobody has any greater or lesser rights to the source than anyone else
> (copyright excluded).

No.

It has the principle that contributers deserve to have explicit input
into what happens to their contributions.  However if I submit a
couple of patches to Perl, I do not have rights equalling Larry
Wall's.

> - Groups who maintain a branch of an open project but restrict "commit"
> privileges to those who grant extra rights that group -- even with the
> best intentions -- are fundamentally subverting the openness of the
> project.

Yes.

> - This anti-open practice is grudgingly tolerated due to its prevalance
> among some of the most respected, influential, and long-lived open
> source projects.

It is accepted in the community because it results in open source code
being contributed that would not be otherwise.  But there have been
cases where projects that tried to assert too much control generated
forks.  (There have been more that have just been ignored.)

I would guess that OSI accepts it in part because they are concerned
with copyright rather than the details of project management.  And
whatever might be said about how it is managed, users do get the code
with a copyright statement that the OSI board likes.

> - However, this tolerance is contigent upon the contributor agreement
> being cumbersome, thereby ensuring nobody accidentally trades away
> rights that a "true" open source project withholds.

I don't know the reasoning of the board.

Certainly it is good for the legal rights to be simple and clear so
that contributers won't find themselves accidentally giving
permissions that they might not want to give.  Remember that software
developers are expected to understand the idea of these licenses
without having a lawyer on hand to highlight key issues.  An opt-out
agreement does add complexity.

Certainly there is also a difference between the board accepting
something because, "Our approved licenses don't stop people from doing
this" and because "We approve of a license that makes it clear that
someone will do this".  The latter involves much more active
acceptance of the practice.

> - Because an opt-out contributor agreement integrated into the license
> is too easy, it's too likely to cause people to accidentally give rights
> to the maintainer, and thus too anti-open to be approved by the OSI.
>
> Is this accurate?

It sounds about right to me.  But then again I'm no more privy to the
reasoning of the board than you are.

Cheers,
Ben