| Are GPLv3 and Apache 2 incompatible? |
Apr. 11, 2007
One of the GPLv3's (GNU General Public License version 3) goals was be more compatible with other open-source licenses. There is some concern, however, that this goal has not been achieved in relation to the Apache License 2.
As Allison Randal, president of The Perl Foundation, pointed out in a recent article on O'Reilly Radar, the rationale document for the latest GPLv3 draft (PDF link), states "We regret that we will not achieve compatibility of the Apache License, Version 2.0, with GPLv3, despite what we had previously promised."
In an eWEEK January 2006 interview, Richard M. Stallman, president of the FSF (Free Software Foundation) and chief author of the GPL, had said, "The Apache license is incompatible with GPL Version 2 because of a trademark clause and a patent retaliation clause, as I recall. I believe we have made both of those things compatible now."
That, however, is no longer the case and Randal believes that the FSF is wrong to believe that the Apache License 2 is incompatible with the GPLv3. In the GPLv3 rationale draft, the authors explain, "Under section 9 of the Apache license, downstream redistributors must agree to indemnify upstream licensors under certain conditions."
The offending section of the Apache License 2 reads:
"While redistributing the Work or Derivative Works thereof, You may choose to offer, and charge a fee for, acceptance of support, warranty, indemnity, or other liability obligations and/or rights consistent with this License. However, in accepting such obligations, You may act only on Your own behalf and on Your sole responsibility, not on behalf of any other Contributor, and only if You agree to indemnify, defend, and hold each Contributor harmless for any liability incurred by, or claims asserted against, such Contributor by reason of your accepting any such warranty or additional liability."
To Randal, there's no real difference between Apache's stance and what the FSF states in the latest draft of the GPLv3's Section 4, which includes the phrase, "you may offer support or warranty protection for a fee," and the Apache License 2's Section 9. According to Randal, this boils down to "the developers will not take the burden of offering legal protection (warranty/liability) for the software."
From Randal's point of view, "The terms between the two are differently worded, but basically the same. And yet, this is the point of contention."
In the ongoing discussion, Lawrence Rosen, the well-known open source attorney and founding partner of the intellectual property law firm Rosenlaw & Einschlag, agreed with Randal's logic. "The Rationale document reflects a misunderstanding of Apache license section 9. Nothing in the Apache license requires anyone -- including people who distribute Apache's software as part of a GPL program -- to offer indemnity."
Rosen continued, "But if any downstream distributor *does* offer indemnity, they must *also* indemnify, defend and hold harmless Apache and its contributors from any liability or claims asserted "by reason of your accepting any such warranty or additional liability."
"As this lawyer sees it, the two licenses are compatible," concluded Rosen.
Now, the question is: Will the FSF agree with this view as it continues to work on fine-tuning the GPLv3?
-- Steven J. Vaughan-Nichols
Do you have comments on this story?
Talkback here
NOTE: Please post your comments regarding our articles using the above link. Be sure to use this article's title as the "Subject" in your posts. Before you create a new thread, please check to see if a discussion thread is already running on the article you plan to comment on. Thanks!
(Click here for further information)
|
|
|
7 Advantages of D2D Backup
For decades, tape has been the backup medium of choice. But, now, disk-to-disk (D2D) backup is gaining in favor. Learn why you should make the move in this whitepaper.
4 Legal Reasons to Control Internet Access
The Internet is obviously a valuable resource for many organizations. However, many are exposed to legal liability concerns because they fail to control Internet access. Learn if you're safe in this white paper.
Rapidly Resolve J2EE Application Problems
Whether you are in the process of building J2EE applications or have J2EE applications already running in production, you must ensure that they deliver the expected ROI. Learn how in this white paper.
Load Testing 2.0 for Web 2.0
There are many unknowns in stress testing Web 2.0 applications. Find out how to test the performance of Web 2.0 in this white paper.
Build Better Games Online
For the game infrastructure providers, life is complex. Making money from games has become more complicated. Why? Find out in this white paper.
Building a Virtual Infrastructure from Servers to Storage
This white paper discusses the virtual storage solutions that reduce cost, increase storage utilization, and address the challenges of backing up and restoring Server environments.
Gaining Faster Wireless Connections with WiMAX
Welcome to what is quickly becoming the hyperconnected world where anything that would benefit from being connected to the network will be connected. Learn more in this white paper.
Is Your Desktop a Security Threat?
The new wave of sophisticated crimeware not only targets specific companies, but also targets desktops and laptops as backdoor entryways into those business’ operations and resources. Learn how to stay safe in this white paper.
Increasing SAN Reliability by 100 Percent
Storage area networks (SAN) are a strong part of storage plans. Learn how to increase your reliability and uptime by 100 percent in this case study.
|
|
news feed