SAN FRANCISCO—There was much discussion about the provisions contained in the first draft of the GNU General Public License 3.0 at the Open Source Business Conference here Feb. 14, including the anti-DRM wording, the license compatibility clause and the complete corresponding source code requirements.
Mark Ratcliffe, a partner at DLA Piper Rudnick Gray Cary US and the general counsel for the Open Source Initiative, said some 600 comments had already been made about the draft document, with the final version of the license expected to be released in January 2007.
A number of topics came up for discussion during a session titled “GPL 3.0: Progress and Process” and moderated by Karen Copenhaver, the executive vice president and general counsel for Black Duck Software.
Ratcliffe wanted to know how the license addresses the issue of what patent rights are passed on downstream for those companies with cross-licensing agreements or inbound patent licenses, while McCoy Smith, a senior attorney at Intel, said the language in the current GPL 2.0 is unclear about the issue of a patent license and patent rights.
“The question that will probably be most debated going forward is the extent to which the patent grant in GPL 3.0 differs from what was said by the Free Software Foundation on patents and the rights granted in GPL 2.0,” he said.
On the issue of “Liberty or Death in GPL 3.0″—the section of the draft license that deals with how third-party patents are covered for code that one person wants to share with another, and what the rights are in that case—Smith said GPL 2.0 addresses this issue.
“But the question is how this has changed from the way it was understood in GPL 2.0, and what the impact is on corporations who exchange patents or enter into inbound patent licenses,” he said.
Richard Fontana, a lawyer with the Software Freedom Law Center, who is actively involved in the discussion process around the draft license, said the current GPL has been in use for a long time without any updates, and that the main effort in revising the license is clarifying those aspects of GPL 2 that are unclear or have led to varying interpretations that the Free Software Foundation disagrees with.
“This is, in some sense, the codification of how the FSF has interpreted the license over the years. But we have also gone beyond that and looked at issues that were not present in the 1990s when the current license was released, like digital rights management [DRM], which was not a factor in 1991,” Fontana said, adding that the draft also looks at software patents in a more comprehensive way than it had in 1991.
The draft license has taken a cautious and moderate stance on those issues, particularly around DRM, he said, as this is the first free license to take on this relatively new issue. “But it would be wrong to say that GPL 3 is a radical change or rewrite,” he said.
The draft license formalizes and codifies the implied patent license grant in GPL 2.0, Fontana said.
With regard to the Complete Corresponding Source Code requirements that have been criticized by Linus Torvalds, the Linux kernel project leader, Fontana said this requirement goes beyond anti-DRM in some respects.
“I think Torvalds has misread the provision,” Fontana said, adding that Torvalds probably also has a philosophical difference with the FSF. The license is clear that keys are required if they are needed to make the software run, he said.
Torvalds has said that it is not the new Digital Restrictions Management section that he objects to, but rather a new part that “seems to disallow digitally signed binaries (or rather: you can sign the binaries any way you want, but you have to make your private keys available).”
On the DRM front, there is little the GPL can do to fix this, and this is a matter that needs to be taken up by the legislature, Fontana said.
But, that being said, the license also makes it difficult for people to use the GPL to invoke DRM protections, “and we want to make sure that if they are going to invoke DRM restrictions that they cant use our license to do that,” he said.
Also, on the issue of derivative works, Fontana said the draft license has not changed the language that defines what a derivative work is, “and I dont think that we can.”
But Lawrence Rosen, a partner with Rosenlaw & Einschlag, said people want to know whether, if they linked two pieces of work together, this creates a derivative work. “People do not know if that is the case here, and the license is not entirely clear about the obligation to release source code, and that uncertainty hurts potential adoption of the GPL,” he said.
Rosen said he is still trying to figure out what the wording of the license actually means. “You have to make sure that all the words fit together, and right now, Im nor sure they actually do, so its useful to have all these committees looking at it,” he said.
Rosen also wants to know how and why this license differs from others, and is looking forward to hearing from the FSF about that. He unsure that all the language in the license has legal effect and what the drafters are hoping the legal effect of the license will be.
Mike Milinkovich, the executive director of the Eclipse Foundation, stressed that code licensed under the EPL (Eclipse Public License) remain EPL code under any condition.
Milinkovich has previously told eWEEK that Eclipse is hoping that Version 3 of the LGPL (Lesser GPL) can be made compatible with the EPL to the point where LGPL code could be used within Eclipse projects.
That would “dramatically improve the status quo in our view. Unfortunately, only time will tell if this will come to pass, as the revision process for the LGPL has not even started yet,” he said.
With regard to the proliferation of open-source licenses, Ratcliffe said there are some 56 such software licenses and the issue of how those can be linked together remains a challenge. But the OSI will be announcing some solutions on this front in the next four to six weeks, he said.
But, while the draft GPL 3.0 license is more flexible than its predecessor, Ratcliffe questioned whether it goes far enough to cover the increasing number of companies putting in open-source software stacks.