Feeds

Meet Mark Radcliffe: The man who rules open source law

'The most inefficient conspirator in the world'

Security for virtualized datacentres

As one of his clients told us, "Mark Radcliffe is the law when it comes to open source software."

Radcliffe, an attorney at giant DLA Piper, has lurked behind some of the most important shifts in the open source world over the past few years. He helped Sun Microsystems open source the Solaris operating system, developing Sun's CDDL (Common Development and Distribution License) license. He crafted SugarCRM's controversial attribution license and then did similar work for a handful of significant open source players. This year, he teamed with SocialText to push the CPAL (Common Public Attribution License) through OSI (Open Source Initiative) approval, while at the same time advising the OSI as legal counsel. And Radcliffe worked with the Free Software Foundation on v3 of the General Public License (GPL).

Matters such as SCO's Linux assault and Microsoft's hints of legal action against open source software makers and users tend to dominate the public discourse around open source code.

The projects that Radcliffe has touched, however, stand as far more substantial to the evolution of of open source software as it marches into big and small business. Radcliffe now looms as the dominant force shaping the restrictions/permissions around open source software (OSS), but few people outside of the core OSS kingdom are aware of the scope of his work.

Radcliffe's power in the open source world has not escaped controversy. For example, some of the open source world's most rabid vocal members went after his attribution licenses, which often require the display of a company's logo by users of a given product. More than a dozen open source players have crafted their own attribution licenses - a derivative of the Mozilla Public License (MPL) - outside of the OSI's official "open source" blessing. This influx of attribution licenses has prompted some to present horror scenarios of logos filling up your screen in a badgeware meltdown.

The OSI railed against these attribution licenses just before the organization approved the CPAL license in July. So, you find Radcliffe championing a license of his making, while advising the OSI on its merits at the same time.

Head shot of Mark Radcliffe

Mark Radcliffe

Was Radcliffe miffed by the open source "community's" shock and horror over the attribution licenses?

"I was a little bit surprised," he told us. "We thought what we were doing was totally consistent with the open source definition.

"Attribution and giving people credit for what they've done is kind of at the core of the whole open source philosophy from my point of view. So, I didn't see attribution as being the big, evil thing that everybody was concerned about."

Of course, the open source "community's" initial response to just about anything tends to veer toward apocalyptic scenarios - in this case a world destroyed by logos. Rather than tempting reality, the members of the never-ending car crash known as the "license-discuss" mailing list, where all the really important OSI matters are handled, embraced conniption.

"You know, if you don't like something, give it an evil name and come up with these hypotheticals that don't exist in the real world," Radcliffe said.

"It is interesting to me that in all of the discussions on license-discuss the problem that people were talking about, which is that attribution would somehow limit the number of people who are willing to distribute the product and it would destroy the marketing, I don't remember any comment from any distributor of any of the products using open source except a positive one.

"So this big problem that a couple of the people on license-discuss were postulating as to how this was going to destroy open source just had no basis in fact."

Through the efforts of Radcliffe and SocialText's CEO Ross Mayfield, CPAL has arrived as a viable open source license that delivers the attribution clause as well as a network use clause that regulates how service providers, for example, can make use of code. Companies such as Mulesource have already picked up CPAL, and more of the attribution license crowd is expected to follow suit.

Radcliffe dismisses the contention that his influence with the OSI ultimately generated any favoritism for CPAL.

"There are some people who seem to have developed this enormous conspiracy theory, and, if they're right, then I am probably the most inefficient conspirator in the world, since it took me eight months to get CPAL through."

But, let's move away from the OSI and CPAL to get "the law's" take on some broader issues facing the open source "community."

Beginner's guide to SSL certificates

Next page: Network abuse

More from The Register

next story
Microsoft on the Threshold of a new name for Windows next week
Rebranded OS reportedly set to be flung open by Redmond
Business is back, baby! Hasta la VISTA, Win 8... Oh, yeah, Windows 9
Forget touchscreen millennials, Microsoft goes for mouse crowd
SMASH the Bash bug! Apple and Red Hat scramble for patch batches
'Applying multiple security updates is extremely difficult'
Apple: SO sorry for the iOS 8.0.1 UPDATE BUNGLE HORROR
Apple kills 'upgrade'. Hey, Microsoft. You sure you want to be like these guys?
ARM gives Internet of Things a piece of its mind – the Cortex-M7
32-bit core packs some DSP for VIP IoT CPU LOL
Lotus Notes inventor Ozzie invents app to talk to people on your phone
Imagine that. Startup floats with voice collab app for Win iPhone
'Google is NOT the gatekeeper to the web, as some claim'
Plus: 'Pretty sure iOS 8.0.2 will just turn the iPhone into a fax machine'
prev story

Whitepapers

A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.