Feeds

OSI approves 'badgeware' license

Socialtext wins with CPLA

Remote control for virtualized desktops

OSCON The Open Source Initiative (OSI) shocked the world today by approving a "badgeware" style license.

Members of the OSI board, speaking here at OSCON, announced that Socialtext's Common Public Attribution License (CPAL) received its blessing this morning. The license proves similar to non-OSI approved badgeware or attribution licenses used by numerous open source companies. Some leaders of the OSI have been attacking companies such as Sugar CRM and CentricCRM for claiming to be "open source" companies despite relying on the unapproved attribution licenses.

"We have been at this for more than nine months," Ross Mayfield, CEO and cofounder of enterprise Wiki maker Socialtext, told us in an interview. "We have taken the legal hit, and the reputation hit. I don't want to be too proud that we won out in the end, but we did."

The so-called badgeware licenses have proved tricky, as many open source purists fear they will result in the egregious display of logos and other celebratory material. Such licenses ask that users of open source products make the origins of their code clear.

This is, in some ways, a reaction to companies that use large amounts of open source code on their servers without disclosing this use or returning code changes to the open source community. Such companies claim that they're not obligated to return code changes because they're simply delivering a service to customers - not redistributing the code for commercial use.

Under the attribution-style licenses, code users must display a logo representing the original developer or pay the developer a fee.

The new CPAL should provide a way for CentricCRM and others to modify such licenses slightly and gain OSI approval.

The OSI has yet to release the new license language, at the time of this report, although a draft version can be seen here. We've viewed a final version of the license and very little has changed.

"As a modest attribution to the organizer of the development of the Original Code ("Original Developer"), in the hope that its promotional value may help justify the time, money and effort invested in writing the Original Code, the Original Developer may include in Exhibit B ("Attribution Notice") a requirement that each time an Executable and Source Code or a Larger Work is launched or run, a prominent display of the Original Developer's Attribution Information (as defined below) must occur on the graphic user interface (which may include display on a splash screen), if any," the license reads.

Only companies relying on graphical user interfaces must worry about the attribution clause.

Also of note is the "network use" or "external deployment" clause.

"The term 'External Deployment' means the use, distribution, or communication of the Original Code or Modifications in any way such that the Original Code or Modifications may be used by anyone other than You, whether those works are distributed or communicated to those persons or made available as an application intended for use over a network."

That could be a major blow for service providers if it gains wide adoption. Google's open source guru Chris DiBona, however, told us that Google will just make its own code when needed to get around clauses similar to these.

"We have enough engineering resources that, if the license has obligations we are not interested in, we can just not use it," he said.

OSI president and Red Hat executive Michael Tiemann has been the most outspoken critic of the broad use of badgeware licenses. He's pushed the position that companies claiming to be open source software makers while not using an OSI-approved license threaten to undermine the value of the open source brand.

The CPAL license seems to put some of these concerns to rest. For example, companies such as SugarCRM are looking at replacing their own attribution licenses with CPAL, SugarCRM CEO John Roberts told us.

In addition, we'll see if the badgeware fears of logos-logos-everywhere will be realized.

"Now, we have an opportunity to test out in the market if those nightmares are actually real," Mayfield said. ®

Top 5 reasons to deploy VMware with Tegile

More from The Register

next story
Just don't blame Bono! Apple iTunes music sales PLUMMET
Cupertino revenue hit by cheapo downloads, says report
The DRUGSTORES DON'T WORK, CVS makes IT WORSE ... for Apple Pay
Goog Wallet apparently also spurned in NFC lockdown
IBM, backing away from hardware? NEVER!
Don't be so sure, so-surers
Hey - who wants 4.8 TERABYTES almost AS FAST AS MEMORY?
China's Memblaze says they've got it in PCIe. Yow
Microsoft brings the CLOUD that GOES ON FOREVER
Sky's the limit with unrestricted space in the cloud
This time it's SO REAL: Overcoming the open-source orgasm myth with TODO
If the web giants need it to work, hey, maybe it'll work
'ANYTHING BUT STABLE' Netflix suffers BIG Europe-wide outage
Friday night LIVE? Nope. The only thing streaming are tears down my face
Google roolz! Nest buys Revolv, KILLS new sales of home hub
Take my temperature, I'm feeling a little bit dizzy
prev story

Whitepapers

Choosing cloud Backup services
Demystify how you can address your data protection needs in your small- to medium-sized business and select the best online backup service to meet your needs.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
The Heartbleed Bug: how to protect your business with Symantec
What happens when the next Heartbleed (or worse) comes along, and what can you do to weather another chapter in an all-too-familiar string of debilitating attacks?