Subject: Re: License Question
From: Randy Terbush <randy@covalent.net>
Date: 16 May 2001 07:27:20 -0700

Creating binary only distributions of software is allowed under the
Apache license. The only requirement, as stated in the license is to
give credit to the ASF for the origin of the code.

-Randy Terbush
randy@covalent.net
randy@apache.org


Crispin Cowan <crispin@wirex.com> writes:
> Hi.  I wonder if folks could help clarify a question about the Apache
> license?
> 
> Because of the way Immunix security technology works (assorted
> compile-time hardening tools like StackGuard and FormatGuard) we're
> trying an interesting new twist on the open source business model.  We
> add value by developing and applying hardening technologies to open
> source products.  We want to claim that the binary files that result are
> proprietary to WireX, and charge a per-copy fee.  We are not attempting
> to change the license on the source code, and (in most cases) are not
> even creating private forks in the source code. We just want to charge
> for the service of producing & maintaining this hardened distro.  The
> packages come with various licenses:
> 
>    * GPL:  the GPL prohibits this scheme, so the GPL'd binaries are Free
>      Software[tm]
>    * BSD:  the BSD license would seem to have no conflict with this
>      scheme.  I've had one cranky user try to tell me that BSD prohibits
>      it, but I think that's goofy.  I find it difficult to believe that
>      BSD would permit private source forks with proprietary binaries,
>      but not permit what we're doing.
>    * Apache:  the Apache license  http://www.apache.org/LICENSE.txt says
>      that it can be redistributed in source and binary form, and does
>      not discuss whether fees may be charged for the files.  It does say
>      that "Products derived from this software may not be called
>      "Apache",nor may "Apache" appear in their name."  Is our immunized
>      Apache a derived product, and we may not call it "Apache"?  Or is
>      it actually Apache per se, and this clause does not bear on us?  Do
>      you have an opinion on whether our approach is compatible with the
>      Apache license?
> 
> If you want to read the discussion/context/flame-war, it's on our
> archives here
> http://mail.wirex.com/pipermail/immunix-users/2001-May/thread.html
> 
> Thanks,
>     Crispin
> 
> --
> Crispin Cowan, Ph.D.
> Chief Scientist, WireX Communications, Inc. http://wirex.com
> Security Hardened Linux Distribution:       http://immunix.org