Fork me on GitHub

Licensing: Your Feedback So Far

Posted by Bjarni on June 15, 2015

[ Note: I'm taking most of the week off to recharge my batteries and attend the Digital Citizenship and Surveillance Society conference and hackathon - the next weekly update will happen next Monday. ]

There are now 2 weeks left until we close the polls and choose a license for Mailpile 1.0. Some members of our community have written blog posts about what they would prefer, others have tweeted, and still others have sent us e-mail.

We may not agree with all of the points made, but it's a complex issue and your feedback matters. Thank you all!

This post is dedicated to preserving and publicizing your thoughts.

Blog Posts

Geir Freysson writes: Mailpile should use the Apache software license

The idea behind the Apache license is to, quoting Chairman Mao, “let a thousand flowers bloom” and allow as many people and companies as possible to build on the software regardless of whether the incentive is commercial or altruistic. read more

Franklin M. Siler writes: On choosing open licenses

The essential idea here is that I want my projects to contribute back, but I want to do so voluntarily. I particularly want to avoid a situation where I need to implement “special sauce” in a component, but then may have to release that code out into the marketplace- there’s no particularly good reason I would want to take on, say, a virally licensed webserver.

In terms of choosing feedstock, it’s often hit or miss, but I always look at the licenses before I start, particularly for “scaffolding code” that will wind up being the core of an app. read more

E-mail

From: Richard Stallman

I read your posting about the question of which license to use on your source code henceforth. I urge you to use the GNU Affero GPL.

The reason is simple: so that companies that improve Mailpile and put their versions into public use will make their improvements available to the Mailpile community. The AGPL would achieve this. The Apache license, which is a weak, permissive license, would not try.

Both of these licenses qualify as free/libre; neither of them is unethical. Given a choice between two ethically valid options, you should choose the one that is better in practice, and that is the GNU AGPL.

See http://gnu.org/licenses/license-recommendations.html and http://gnu.org/licenses/license-list.html

--
Dr Richard Stallman
President, Free Software Foundation (gnu.org, fsf.org)
Internet Hall-of-Famer (<internethalloffame.org)
Skype: No way! See stallman.org/skype.html.

From: Maxim Cournoyer

Dear mailpile team,

As stated on the mailpile homepage:

Mailpile is an effort to reclaim private communication on the Internet. A project to rescue our personal lives from the proprietary cloud and prevent our conversations from being strip-mined for corporate profit and government surveillance. Mailpile is taking e-mail back.

It is my opinion that the license that would better support these goals would be the GNU Affero GPLv3 license as it protects the freedom for anyone to audit the source of the software, no matter where and how it is deployed. From a security perspective this is a must.

Thanks for hearing my voice,

Maxim Cournoyer

From: Phil Hughes

First, about your tweet about being accused of bias. Yeah, when people bitch about your bias but in different directions, I do think it means you are in the middle. Being a Linux guy for 20+ years and ex-publisher of Linux Journal, this situation has happened to me many, many times.

My intent was to comment on "which is the better license" but, after reading your blog I really don't have "the right answer". Hopefully others will offer more thoughts so that the decision will become obvious.

My "bias" is that the GPL irritates me -- mostly because of RMS's "this is the only answer" attitude. I am 100% behind the goal of the GPL (and I think he knows that) but I also recognize the down-sides. For example, at one point Linus was asked what was his biggest error with Linux and he said "licensing it under the GPL".

His comment was about the "politics" of the GPL rather than the concept. That's pretty much my issue as well. It is hard to get those "afraid" of the GPL on board when you are put in a position where you need to defend RMS's politics.

We know that Apple picked a "we can do what we want" license for its base software. If BSD and Linux has both been under the same license, things probably would have been different. But, better? It is hard to say. Those who are actually there to innovate seem OK with the GPL. GPL or not, it is still hard to measure which license actually produces more innovation. I expect there are big wins for each.

So, now you see my bias and you also see that it didn't produce a decision.

Hopefully others will chip in.

--
Phil Hughes

From: Tim Herklots

The "Network Use is Distribution" feature of AGPL plus the no-sublicensing makes it much easier to detect license abuse.

If the code is detected somewhere in the wild, and source isn't available, AGPL is always violated.

The threat model that concerns me is someone big like Microsoft, Google, Facebook, Yahoo forking the cord and including an government-breakable alternative encryption type/method that their installs use by default or by rollback at the mailserver end. Mailpile would be forced to include this alternative for compatibility reasons, and the bad encryption becomes standardised with most people thinking that it is good.

Tim



top