lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20140224134150.GB25357@thunk.org>
Date:	Mon, 24 Feb 2014 08:41:50 -0500
From:	Theodore Ts'o <tytso@....edu>
To:	Michal Simek <monstr@...str.eu>
Cc:	Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
	Felipe Balbi <balbi@...com>,
	Subbaraya Sundeep Bhatta <subbaraya.sundeep.bhatta@...inx.com>,
	linux-usb@...r.kernel.org, linux-kernel@...r.kernel.org,
	Subbaraya Sundeep Bhatta <sbhatta@...inx.com>,
	devicetree@...r.kernel.org, Wolfgang Denk <wd@...x.de>
Subject: Re: SPDX-License-Identifier

On Mon, Feb 24, 2014 at 11:12:53AM +0100, Michal Simek wrote:
> > But of course, I'm not a lawyer, and if your company has is paying for
> > the development of the driver, the Golden Rule applies (he who has the
> > Gold, makes the Rules), and each of our respective corporate lawyers
> > may have different opinions about what might happen if the question
> > was ever to be adjudicated in court.
> 
> Aren't all these points already answered by SPDX project?
> I believe that they should know how this should be handled properly.

The SPDX can not give legal advice; not to you, and not to your
company.  One lawyer might believe that 

/*
 * SPDX-License-Identifier: GPL-2.0
 */

Might be sufficient.  Others might believe you need to do:

/*
 * Copyright Ty Coon, 2012.
 * 
 * SPDX-License-Identifier: GPL-2.0
 */

Still others might believe you need at the very least:

/*
 * Copyright Ty Coon, 2012.
 * 
 * All Rights Reserved.
 *
 * SPDX-License-Identifier: GPL-2.0
 */

As far as I know, there is no case law on point about whether or not
SPDX-License-Identifier has legal significance, or whether the court
would consider that to be a valid copyright permission statement.  So
any "answers" made by any lawyer would be guesses.  Of course, an
guess by a lawyer which is retained by *you* or your company and fully
informed with the unique parameters of your situation would constitute
legal advice.  Anything else, including anything any of us could say
on this mailing list, would be biovating.  :-)

Cheers,

					- Ted
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ