lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <ZUStVO0VSJ6CN_xe@debian.me>
Date:   Fri, 3 Nov 2023 15:20:36 +0700
From:   Bagas Sanjaya <bagasdotme@...il.com>
To:     Richard Fontana <rfontana@...hat.com>
Cc:     Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        Linux Documentation <linux-doc@....kernel.org>,
        Jonathan Corbet <corbet@....net>,
        Thomas Gleixner <tglx@...utronix.de>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Akira Yokosawa <akiyks@...il.com>,
        Stanislav Fomichev <sdf@...gle.com>,
        David Vernet <void@...ifault.com>,
        Miguel Ojeda <ojeda@...nel.org>, James Seo <james@...iv.tech>,
        Daniel Vetter <daniel.vetter@...ll.ch>,
        Federico Vaga <federico.vaga@...a.pv.it>,
        Carlos Bilbao <carlos.bilbao@....com>,
        linux-spdx@...r.kernel.org
Subject: Re: [PATCH RFC 1/4] LICENSES: Add SIL Open Font License 1.1

On Thu, Nov 02, 2023 at 10:09:57AM -0400, Richard Fontana wrote:
> On Thu, Nov 2, 2023 at 8:01 AM Bagas Sanjaya <bagasdotme@...il.com> wrote:
> >
> > Add the license text along with appropriate tags for reference and
> > tooling. The text is taken from the text as distributed in Google
> > Fonts's zip files.
> >
> > As the license itself may or may note be compatible with GPLv2,
> > let's take on the err side and require combining it with
> > GPL-compatible licenses when using the license.
> 
> I don't really  understand this, though maybe it doesn't practically matter -
> "It's best to use it together
> +  with a GPL2 compatible license using "OR", as OFL-1.1 texts processed by
> +  the kernel's build system might combine it with content taken from more
> +  restrictive licenses."
> 
> I didn't check if this text is just copied from that in other license files.

Yes, indeed I adapted it from LICENSES/dual/CC-BY-4.0.

> 
> I'm not sure how this would actually come up in practice for OFL-1.1.
> I assume that typically the way OFL-1.1 can cover stuff in the kernel
> is through font files, and that therefore it would be unlikely for a
> source file to include any code covered by OFL-1.1. Indeed, as you
> say:
> 
> > +  Do NOT use this license for code, but it's acceptable for fonts (where the
> > +  license is specifically written for them). It's best to use it together
> 
> Even if that did occur, the use of `OR` is only appropriate if the
> stuff covered by OFL-1.1 is actually dual-licensed.
> 

Another alternative is to put license notice on CSS code that includes
the font. In this case, in Documentation/sphinx-static/fonts.css, the top
of the file should've been written as:

```
/* SPDX-License-Identifier: GPL-2.0 */
/* IBM Plex Sans, IBM Plex Mono, and Newsreader is licensed under the SIL Open
 * Font License, version 1.1. See OFL.txt in the same directory as this file
 * for details. */
<actual stylesheet>
...
```

Is above acceptable?

Thanks.

-- 
An old man doll... just what I always wanted! - Clara

Download attachment "signature.asc" of type "application/pgp-signature" (229 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ