[OWASP-LEADERS] Licensing for Filters / OCL
gabe at landq.org
Tue Jun 24 13:10:21 EDT 2003
Well... I think this makes for an interesting question. Can we iron out
what a commercial license might look like?
Otherwise I generally like things like the LGPL much better and here's
why. It forces improvements to be given back - and it allows companies
to use the software improve it and continue to make money off their core
I see the point to using things like GPL in cases where extending or
using the library isn't the end goal. So, I like GPL for applications
and LGPL for libraries.
From: owasp-leaders-admin at lists.sourceforge.net
[mailto:owasp-leaders-admin at lists.sourceforge.net] On Behalf Of Ingo
Sent: Monday, June 23, 2003 3:02 PM
To: Mark Curphey; Sverre H. Huseby
Cc: owasp-leaders at lists.sourceforge.net
Subject: [OWASP-LEADERS] Licensing for Filters / OCL
> Any particular reason for using GPL rather than, say, LGPL? I would
> imagine that most people would not GPL their custom made web
> application code. (Sverre)
> No good point. We actually never closed out licensing for the filters,
> remember it was a task that dropped.
> Any thoughts Ingo ? (Mark)
Well, in fact a good point at this point I guess...
First, read http://www.fsf.org/licenses/why-not-lgpl.html
why it is generally better to use the GPL for libraries too.
Let me add some arguments for and against the GPL.
- if we publish under the GPL, then using the library within a
context will become a license violation. That would enable us to offer
the same library under a different license to proprietary developers
charge fees (or at least "bounties") for it. This could eventually
raise our fund. (Many other do so, e.g. Berkeley db, to name a
- publishing under the GPL enforces that improvements are fed back to
the library and thus speeds up development and eventually helps to
create code of higher quality
Contra GPL (pro LGPL):
- "proprietary" developers won't use the library published under the
note that this argument would be invalidated by an alternative
- even some public institutions (e.g. UNESCO) do not accept Software
published under GPL; they prefer to use the LGPL such that nobody is
closed out from the benefits of the software developed under their
These arguments should be balanced carefully.
Since currently we have some urgent problems to keep up development
the way we'd like to mainly due to time problems, (which are really only
problems), and since in contrary to public institutions we have no
facilities from public money, I would tend to use the "double tracked"
I know that the filters team (at least Alex Russel, who unfortunately
tended to use the LGPL to "enlargen the audience", but regarding that
argument cf. to Stallmans note that I mentioned above...
As long as we have no better solution I would simply leave the copyright
headers in the OCL (that means GPL) since I don't want to run
"change-header-scripts" too often.
Maybe we should work out (or crib) some alternative license for
users. I do not expect their number to be very large in the beginning
Comments are (as always) highly welcome.
ingo at ingostruck.de
Use PGP: http://ingostruck.de/ingostruck.gpg with fingerprint
C700 9951 E759 1594 0807 5BBF 8508 AF92 19AA 3D24
This SF.Net email is sponsored by: INetU
Attention Web Developers & Consultants: Become An INetU Hosting Partner.
Refer Dedicated Servers. We Manage Them. You Get 10% Monthly Commission!
INetU Dedicated Managed Hosting http://www.inetu.net/partner/index.php
Owasp-leaders mailing list
Owasp-leaders at lists.sourceforge.net
More information about the OWASP-Leaders