Personal tools

Talk:FAQ Update

From GPLv3 Wiki

(Difference between revisions)
Revision as of 14:46, 18 August 2006
morelp (Talk | contribs)
What happens if someone tries to circumvent GPLv3's anti-DRM provisions by splitting the task of signing and verification amongst multiple parties?
← Previous diff
Revision as of 16:28, 18 August 2006
ashawley (Talk | contribs)
What happens if someone tries to circumvent GPLv3's anti-DRM provisions by splitting the task of signing and verification amongst multiple parties? - that FAQ should probably be deleted.
Next diff →
Line 105: Line 105:
B B
</pre> </pre>
 +
 +: I'm not sure who added this FAQ, but it seems untrue and full of more uncertainties rather than answers. If someone conveys the GPLv3 software without the necessary keys, then they violated the license. You can add as many different parties to the process as you like to be individually responsible for the software, the keys, or the hardware. But whoever acts as the licensor for the software is responsible for fulfilling the license's obligations. --[[User:ashawley|ashawley]] 12:28, 18 August 2006 (EDT)

Revision as of 16:28, 18 August 2006

This page seems to be a dump of every question from the original FAQ. Would it not make sense to flag the ones whose answers had been changed, for ease of review? --gerv

We used the original GPL FAQ as a starting point to make it easier to update the whole document for GPLv3. You can find answers that have changed by reviewing all of the diffs for the page. More obvious flags for those answers would definitely be helpful for readers, though. Did you have any particular ideas in mind? --brett 20:26, 13 March 2006 (EST)

I'm a little unclear on the upgrade path from GPLv2 to GPLv3. I started writing a FAQ entry dealing with the issue and took a shot at answering it. Is this answer accurate? Should this be added to the FAQ?

Q. I have a product that is currently licensed as "GPLv2, or higher--your choice." I am not the original copyright holder and I am not able to change the license. Am I allowed to, for example, statically link to an ASL 2.0 library in my program? This action is NOT allowed by the GPLv2, but IS allowed by the GPLv3.

A. Yes, this is allowed. As long as you are in compliance with GPLv2 OR GPLv3 (or possibly any future version) then you are ok. If the receiver of the program chooses to redistribute the program in compliance with the GPLv2, then they may remove the code that links to the ASL 2.0 library and redistribute to their heart's content (and license will still be "GPLv2 or higher").

For the same situation, what are the implementation details? I assume you would still distribute a LICENSE file containing the GPLv2. Would you also need to include another license file containing GPLv3? Should you state which parts of your code are only valid under GPLv3?

I've added basic information in a new question in the FAQ. I'll try to get the implementation details soon, too. --brett 17:22, 21 January 2006 (EST)

Q. If a company distributes software licensed with GPL as a service can they require me to be auditted and report to them how many CPUs I'll run that software on, terminating my contract if I run it on more CPUs without paying them extra? [Isn't that a restriction on use?] ---t 8:43 3 March 2006

Q. Suppose a company would like to run an "update server" to which customers subscribe. They will install the client-side component of that server on my machine but deny this counts as distribution of that client and forbid me from reverse engineering the client or `rebroadcasting' the updates within my company. (The update client is not, let's assume, covered by the GPL.) The only way I can get timely updates to GPL'ed software from this company is to subscribe and the subscription contract requires that I do not directly use their update feed on any CPU without telling them and paying them more -- if I don't do that they'll terminate my contract. Is this permitted? ---t 8:43 3 March 2006

Q. Can I sell of some of my own rights under the GPL? A company that does custom improvement of GPL'ed software has a novel twist: they invite customers to bind the company (rather than the other way around) in a non-disclosure agreement which forbids the company from distributing the custom improvements to any but the particular customer. This is good for the customer if the source for the new code contains some of the customer's secrets but can the service provider really bind itself that way or are such contracts bogus? ---t 8:43 3 March 2006

Q. A company is in the business of providing binary copies of GPL software as a service. Of course they make source code available however they keep secret their infrastructure for turning the big pile of raw source into the large system of binaries they distribute. As a *practical* matter I can't rebuild their distribution and I have no clear reason to believe that the source actually corresponds to the binaries I'm getting. Is this permitted? ---t 8:43 3 March 2006

Q. A company agrees to sell me conveniently packaged binaries of GPL'ed software but only on the condition that I enter a non-compete agreement: I may not resell those binaries to others in any way that impacts the provider's business. Is this permitted? ---t 8:43 3 March 2006

Q. What is a *good* business model for someone who would like to be in the business of providing binary distributions and updates for GPL'ed software? ---t 8:43 3 March 2006

I added a single question and answer about these sorts of issues to the FAQ. I'm not sure we should do more than that, because I don't think these questions get asked very frequently. If you send mail to licensing@fsf.org, they might be able to help you. --brett 17:12, 25 March 2006 (EST)

Contents

Can I apply the GPL when writing a plug-in for a non-free program?

The current answer to this question seems to be applying technical details to create a distinction that the law does not make. I do not know whether the use of "we believe" indicates official endorsement, but Why-CLISP-is-under-GPL from the CLISP distribution may offer another solution. For background, it is an email exchange between RMS and Bruno Haible, CLISP author. Here is an excerpt from RMS:

The FSF position would be that this is still one program, which has
only been disguised as two.  The reason it is still one program is
that the one part clearly shows the intention for incorporation of the
other part.

I say this based on discussions I had with our lawyer long ago.  The
issue first arose when NeXT proposed to distribute a modified GCC in
two parts and let the user link them.  Jobs asked me whether this was
lawful.  It seemed to me at the time that it was, following reasoning
like what you are using; but since the result was very undesirable for
free software, I said I would have to ask the lawyer.

What the lawyer said surprised me; he said that judges would consider
such schemes to be "subterfuges" and would be very harsh toward
them.  He said a judge would ask whether it is "really" one program,
rather than how it is labeled.

So I went back to Jobs and said we believed his plan was not allowed
by the GPL.

Therefore, I believe a more intent-based rubrik should be offered to the reader; i.e., ask yourself whether the proprietary and GPL code "really" form a single program.

The intent of the answer as I understand it, at least, isn't to draw arbitrary technical distinctions. Rather, it works from the same principles you've quoted -- about whether there are really two separate programs or just one -- and illustrates where the technical line is based on that reasoning. If a plug-in can be invoked by itself, then it can be considered an independent, separate program -- even if something else calls it via fork or exec. If the interaction is deeper than that, then it's probably not really a separate program.
There might be room for improvement here, though. Just looking at this question by itself, perhaps the answer would be better if it started by explaining the principles you've pointed out, and then went ahead and illustrated where this fell in technical terms. Since a number of questions deal with the same issue from different angles, it might be worthwhile to try to figure out how to "abstract that out" into its own question and answer, though. Want to take a stab at it? --brett 18:38, 29 March 2006 (EST)

"The GPL can't stop you from giving up your rights."

The most recently-added question makes this statement, and also implies it in the text of the answer. This implies, however, that such a situation could arise:

  • A company called Moneysoft receives a GPL-covered program called Emacs and decides to distribute it.
  • To receive Emacs from Moneysoft, you are required to give up the rights to copy, modify, and redistribute Emacs.

Perhaps instead, we could state the terms under which this contract must be qualified. I believe those are that the contract must be voluntarily terminable by the client, and the termination clause allows exercise of all rights under the GPL. I am not sure that more qualifiers would not be needed, however.

The GPL can't stop you from giving up your rights, but at the same time, the GPL prohibits distributors from asking you to give up your rights just to get the software. That would violate section 4 of GPLv3/section 8 of GPLv3, and that's what happens in the example you've outlined, as I understand things. Beyond that, I don't know what qualifiers there would be, if any.
For example, suppose I distribute Emacs to John. Then suppose that Moneysoft offers to provide John with Emacs technical support -- all John has to do is permanently surrender his right to distribute Emacs. Has anybody violated the GPL here? I don't know. --brett 18:38, 29 March 2006 (EST)

Cover version 2?

Will the new FAQ answer questions on both version 2 and version 3 of the GNU GPL, or is the GNU project's "service warranty" for the GPLv2 running out with the release of GPLv3? --ashawley 14:51, 17 August 2006 (EDT)

What happens if someone tries to circumvent GPLv3's anti-DRM provisions by splitting the task of signing and verification amongst multiple parties?

The FAQ say:

"For instance, person A releases signed binaries, and company B sells a computer that won't run a binary unless it was signed by A?

B is putting its future in A's hands. It's not likely that B would do that without some sort of contract -- what if A posts its private keys publically, or loses them? Then B's computers are worthless. Whatever the terms of that contract are, they either induce copyright infringement or constitute unfair competition. Either way, this would be illegal. "

This would be illegal in the U.S. I guess. but would it be illegal in other countries? Plus the aspect of trust can be dealt with, using a Z company owning A and B, can't it?

  A
 / \
Z   Product
 \ /
  B
I'm not sure who added this FAQ, but it seems untrue and full of more uncertainties rather than answers. If someone conveys the GPLv3 software without the necessary keys, then they violated the license. You can add as many different parties to the process as you like to be individually responsible for the software, the keys, or the hardware. But whoever acts as the licensor for the software is responsible for fulfilling the license's obligations. --ashawley 12:28, 18 August 2006 (EDT)