Subject: Re: For Approval: Common Precertification Development and Distribution License
From: Matthew Flaschen <matthew.flaschen@gatech.edu>
Date: Wed, 07 Mar 2007 15:14:05 -0500

Marc Whipple wrote:
> In fact, the Initial Developer, assuming it has submitted anything like
> a useful starting point, is assuming a huge competitive risk that later
> Contributors will submit one or two extremely minor Modifications and
> then use their access to catch up with or leapfrog the Initial
> Developer's progress.

Such leap-frogging is an intended benefit of open source.  One idea is
that if an initial developer can't get things together, someone else can
pick up the slack.

> Another list member (thank you, Mr. Swiger) has pointed out that he
> submitted a similar license some years ago and it was denied
> certification on this ground.

I wasn't around for that, but it does seem similar enough.

> If the territory has been covered, then it
> has, and I am certainly not going to try to reverse something that has
> been firmly established without more justification than, "If you don't
> do this, then we can't do an Open Source project in our industry because
> no one will participate." It is sad but true that not all applications
> will at this time support an Open Source approach. 

I understand that not all companies are ready for open source.  However,
 compromising the OSD gains nothing tangible in the short run and costs
a lot in the long run.

>> It appears that this limited time can only end (180 days) after
> certification.  That means a developer could create software that isn't
> certifiable, and it would permanently be non-commercial.  Thus, even if
> a limited non-commercial period were acceptable, this could end up being
> permanent.
> 
> [Marc Whipple] 
> 
> I won't deny that this is possible. As I pointed out, it is anticipated
> that the CPDDL will be used with software destined for certification. In
> some industries, non-certified software can't be used at all, and
> furthermore, any Contributor can submit a Modified Version for
> certification at any time, even if the Initial Developer or other
> Contributors don't want them to. The actual likelihood of
> non-certification being used as a tactical technique is vanishingly
> small, in my opinion.

I'm not so sure.  I think it could conceivably be abused.  There's been
a lot of gaming going on in open source lately, no pun intended.  It
seems equally easy to game the other way though; i.e. even with the
restrictions it shouldn't be hard to find a "independent certification
authority" to make an irrelevant certification.  So maybe this objection
isn't relevant.

>> This is a violation of OSD #5, "The license must not discriminate
> against any person or group of persons."
> 
> [Marc Whipple] 
> I submit that reading this limitation as a discrimination is too broad
> an application of the term. All licenses discriminate against persons or
> entities which violate their terms, at the very least by revoking some
> or all of the license rights.

Maybe I wasn't clear.  The discrimination here is granting one group
(developers) commercial distribution right, and withholding it from
another (users).  You should be aware that this list is consistently
accused of interpreting 5 & 6 too broadly.

> 
>>> We are not aware of any license which is entirely incompatible with
> the
> CPDDL, although any license which claims to grant unrestricted
>>> Commercial Use rights to Covered Software which has not yet been
> certified would create a conflict.
> 
>> Of course, all OSI-approved licenses do grant these unrestricted
> rights.
> 
> [Marc Whipple] 
> 
> Do all OSI-approved licenses grant rights to, for instance,
> misappropriated software integrated into a contribution? I don't think
> they do, or could.

No, of course not.  All I was saying is that your code couldn't be
redistributed under any other license.  That isn't itself a /problem/,
but it isn't a good sign either.

>> The license you want is not open source.
> 
> [Marc Whipple]
> 
> If it isn't, then it isn't, and I thank you for your time and effort in
> addressing the situation.

You're welcome.  Thank you for being respectful and communicating in
good faith.

Matthew Flaschen