Governance with FOSSology and FOSSBazaar: Rights and Licensing
At CeBIT Open Source 2009 Martin Michlmayr, past Debian project lead, presented his current projects FOSSology and FOSSBazaar, and spoke about the role his employer Hewlett-Packard is giving him in the governance project and how the FOSSBazaar work group is organized within the Linux Foundation.
Britta Wülfing of Linux Magazine Online interviewed Michlmayr after his talk to find out more about his work at the Open Source Initiative (OSI) and the European Union Public License (EUPL). Here are the results of that conversation.
LMO: To whom is FOSSBazaar targeted?
Michlmayr: FOSSBazaar is clearly enterprise-oriented, not necessarily directed at technologists, but more to managers, lawmakers, procurement officers. With this project we want to cover thematically the entire bandwidth of Linux and Open Source.
LMO: What interest does HP have in it?
Michlmayr: HP has to do this work anyway with all its products and programs. It has to be clear for each software what licenses and rights are attached to it, how they are to be maintained and supported. We have to do it, everyone has to do it. Why not together then?
LMO: There are already several projects concerned with this topic, for example the Freedom Task Force of the Free Software Foundation or Harald Welte with gpl-violoations.org . Are there differences or do you work together?
Michlmayr: Yes, we're working together on certain levels. We have intensive discussions on mailing lists, and we're providing seminars together with the French INRIA [National Institute for Research in Computer Science and Control] research institute.
LMO: How is the project adopted by enterprises?
Michlmayr: We're working with a platform that everyone can access. Truthfully many enterprises apparently have a problem in openly talking or writing about licensing and rights. That requires some convincing on our part.
LMO: The term "governance" might be considered a body of rules and standards, which seems somewhat unwieldy. Isn't it a bit daunting for smaller and middle sized enterprises?
Michlmayr: That's a hard one. We don't want to instill any FUD on anyone, but simply clarify. Of course some examples present some problems, such as when a single software includes dozens of Open Source licenses. We'd rather like to collect examples of how many projects actually include only one license.
LMO: The plethora of licenses is always a hot topic in the OSI, where you're also active. There's been a suggestion to limit things to three licenses. What's your take on this?
Michlmayr: Whether to limit things realistically to three licenses is a good question. But I feel that everyone involved in this is agreed certainly on limiting them. That's why careful thought is given to new licenses and if they should be distributed. There are obviously vanity factors involved when a license happens to bear the name of its issuer. But one new license is bound to be of true value in the near future: the EUPL [European Union Public License]. For the first time we'd have a license available in all European languages and valid everywhere, that is, all translations have been legally scrutinized. Also of practical value is that EUPL code can be converted to GPL code.
LMO: When can we expect to see OSI approval of the EUPL?
Michlmayr: We can't give an exact date, but it's bound to happen soon.
Version 16 of the popular Linux desktop reveals new tools, edge-snapping, and performance improvements.
Symantec says Linux-Darlioz burrows in through PHP.
Dell renews its quest for the ultimate developer machine.
Innovative back door looks like normal SSH traffic.
One of CeBITs most successful forums opens the new year with a new name. The popular Open Source Forum continues in 2014 under the name Special Conference: Open Source. This year, the forum will be bigger and offer a wider range of possibilities for sponsors.
New release offers better graphics drivers and expands filesystem support.
New mail protocol will shut out the NSA and prevent snooping on metadata.
A new web application helps users visualize distributed denial-of-service attacks.
Ubuntu 13.10 takes a step toward convergence, with lots of mobility, but Mir only partly here.
Galileo board is targeted to embedded developers and educational institutions.