On Wed, 2014-01-22 at 11:52 -0500, Richard Fontana wrote:
On Wed, Jan 22, 2014 at 11:27:28AM +0000, Mark McLoughlin wrote:
Contributors sign the CLA and this grants the OpenStack Foundation a license (which is slightly more broad than ALv2) to the code. The Foundation then distributes the code under ALv2.
You're saying that our copyright notices also signifies that contributors are also granting a license under ALv2 directly to whomever receives a copy of the code.
Not 'signifies' but certainly gives the impression. If I see in a source file
Copyright 2014 eNovance
Licensed under the Apache License 2.0 [etc. boilerplate]
That would reasonably be understood to mean eNovance is granting a license directly under ALv2. This is in part because AFAIK all other projects that use these kinds of CLAs only have copyright notices from the privileged entity, if there are copyright notices at all (ignoring third-party code from other projects).
Now of course when looking at such things you always have to keep in mind that they may be bad approximations of whatever the truth is. Nonetheless when explicit legal notices like this are contained in source files there is a natural tendency to assume they mean what they say.
Sounds reasonable.
But I also say this because a number of times I've heard it suggested that OpenStack has this deliberate duplicative licensing policy, which seems then to shape the meaning of 'Copyright eNovance, Licensed under the Apache License...'. That's partly why I've brought it up a few times, in the hopes that someone will tell me I'm wrong (or right). I think perhaps in the end this is all a matter of confusion but if so it might be useful to clear it up. Normally, a CLA is a substitute for direct licensing under the outbound project license. So with respect to a given copyright holder, if a CLA hasn't been signed, fine, the license is the outbound license. That's how most ALv2 projects work, after all. If a CLA has been signed, it is nonstandard for the contributor to be additionally granting a separate license under the Apache License. I will admit that at the moment I am confused about what is supposed to be going on in this respect in OpenStack. Maybe this supposition about duplicative licensing is a misunderstanding on my own part.
FWIW, if it's intentional, I've never heard it articulated or defended by anyone. I just had a quick look at Nova and Swift's early history. I've lost my notes, so from memory: - Swift just has Copyright OpenStack LLC or OpenStack Foundation since the beginning, except for one tiny exception - Nova originally was Copyright Anso Labs, then in June 2010 NASA notices were added and in July 2010 the Anso notices were removed. - In July/August 2010, OpenStack LLC, Citrix, FathomDB, etc. notices started appearing gradually So, my guess would be that the Anso guys naturally favoured direct licensing when launching Nova and when Rackspace/OpenStack LLC came on the scene with a CLA it was seen as a natural thing to add to the existing copyright notices. Whether a discussion about removing the copyright notices ever happened when it was decided to add a CLA, I have no idea. But the CLA was there from July 2010: https://web.archive.org/web/20100722183712/http://wiki.openstack.org/HowToCo... I struggle to imagine anyone in July 2010 recognizing what they were doing as "duplicative licensing" and consciously deciding to take that approach over the ASF approach. But maybe someone who was around then can shed more light on it.
I'd agree with Sean that <20% of our contributors understand this distinction (or its practical significance). In fact I'd guess it's approaching 0% :)
The distinction is ultimately minor, but there's something about it that bothers me if it turns out to be in some sense intentional. If there is a desire to have everyone sign a CLA, the project shouldn't have any expectation that CLA signers additionally grant a similar though overall slightly less permissive license. If there is some belief that everyone is granting Apache Licenses, then there shouldn't be any CLA.
I guess my interpretation is that yes, everyone is granting Apache Licenses but we all also grant some additional rights (I don't know what they are exactly) to the foundation (I don't know why exactly). That's a pretty worthless defensive of our CLA regime though :)
Ok, wow - I never understood that most CLA-using projects don't have individual per-file copyright notices.
Yes, this is a key to my whole argument, even if I turn out to be the one who is confused, in which case I apologize for wasting anyone's time. If I'm confused, though, there's a good chance that some others are as well, and as unimportant as this all might be it seems better to have less confusion.
Again to contrast things with ASF projects, I know what's going on there. For a given project, if you regard it as a set of Apache Licenses and a set of CLAs, the 'big' Apache License is granted by the ASF and some 'smaller' Apache Licenses are being granted by minor contributors,
I'm with you until here ... However, I'm still struggling to understand the benefit of the ASF being granted a special license. Why can't it be licensed the code under the Apache License? Or is the benefit of this situation that the vast bulk of code is licensed outbound from a single licensor? Is that a benefit in terms of a perception, or some "single throat to choke" legal benefit? or?
Then you have a bunch of CLA-based licenses that are (nontransparently) granted to everyone, mostly granted by individuals. (You may also have 'software grants' licensed broadly to the ASF for large code donations.)
Say what? :)
I don't have the same certainty about what's happening in OpenStack. But I don't want to exaggerate the importance or significance of this. It's more of an annoyance.
Am I right in saying you're being the dog with the proverbial bone on this because clarifying this could help to undermine the need for our CLA regime? Thanks, Mark.