[openstack-dev] legal-discuss mailing list [was Re: NOTICE files]

Mark McLoughlin markmc at redhat.com
Tue Apr 23 21:34:24 UTC 2013 

Hey Dims,

On Tue, 2013-04-23 at 16:39 -0400, Davanum Srinivas wrote:
> Hi all,
> 
> Let me start with IANAL :)
> 
> At the ASF, the root directory of each project has a NOTICE file (same
> directory as the LICENSE) file. This file is for collecting copyright,
> attribution etc. and per the Apache License 2.0 (Section 4.d) [1]
> requires those who create derivative works using our code to carry
> those along as well. Please see the following examples.
> 
> https://svn.apache.org/viewvc/httpd/httpd/trunk/NOTICE?view=log
> https://svn.apache.org/viewvc/axis/axis2/java/core/trunk/NOTICE.txt?view=log
> https://svn.apache.org/viewvc/geronimo/server/trunk/NOTICE?view=log
> 
> Do we have a mechanism that serves the same purpose? Should we adopt
> this practice?

Interesting question! Can we shelve the question for a short time? :)

Given some recent discussions amongst the TC, during the Foundation
board meeting last week I brought up the issue of the technical
community needing more support from subject matter experts on legal
matters such as this.

The examples I gave were:

 * Changing of OpenStack LLC copyright notices

 * Licensing compliance
   * e.g. copying and pasting BSD code
   * e.g. GPL licensed shell script

 * Licensing policy for dependencies
   * e.g. ALv2, MIT, BSD, LGPL assumed fine
   * What about e.g. GPL, AGPL?
   * Policy vs review process

When it comes to actual formal legal advice, we do have the option of
asking the Foundation to have its council review a matter and this may
occasionally be necessary. However, in many cases such as this, what we
really want is for knowledgeable people to share their experiences from
other projects, explain their understanding of the rationale for various
approaches, share what they perceive to be issues with what we're doing,
etc. Even if we did have legal council give us formal advice, we need a
way to discuss that amongst ourselves and with interested subject matter
experts.

Anyway, the blindingly obvious suggestion from Richard Fontana is that
we create a legal-discuss mailing list like many other projects have
done. The advantage to such a list is that subject matter experts could
actually follow that list, but they'd never be able to cope with the
volume on openstack-dev.

The only concern anyone has raised to date was from the Foundation's
legal council that messages on the list could be construed as legal
advice, but we can put appropriate disclaimers about the place the allay
that fear. Everyone else I talked to (including e.g. Alice King, who
co-ordinates the Legal Affairs Committee) thinks it's a fine idea.

This question would be a perfect first topic for discussion on the new
list :)

Cheers,
Mark.

More information about the OpenStack-dev mailing list