OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

pkcs11-comment message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Re: [pkcs11-comment] PKCS#11 v2.40 headers licensing


Hello Chet,

I've been recently working with Relag NG schemas [0] published by OpenDocument TC [1] which IMO are similar to ANSI C headers published by PKCS11 TC. They have following license header included:

    Open Document Format for Office Applications (OpenDocument) Version 1.2
    OASIS Standard, 29 September 2011
    Manifest Relax-NG Schema
    Source: http://docs.oasis-open.org/office/v1.2/os/
    Copyright (c) OASIS Open 2002-2011. All Rights Reserved.

    All capitalized terms in the following text have the meanings assigned to them
       in the OASIS Intellectual Property Rights Policy (the "OASIS IPR Policy"). The
    full Policy may be found at the OASIS website.

    This document and translations of it may be copied and furnished to others, and
    derivative works that comment on or otherwise explain it or assist in its
    implementation may be prepared, copied, published, and distributed, in whole or
    in part, without restriction of any kind, provided that the above copyright
    notice and this section are included on all such copies and derivative works.
    However, this document itself may not be modified in any way, including by
    removing the copyright notice or references to OASIS, except as needed for the
    purpose of developing any document or deliverable produced by an OASIS
    Technical Committee (in which case the rules applicable to copyrights, as set
    forth in the OASIS IPR Policy, must be followed) or as required to translate it
    into languages other than English.

    The limited permissions granted above are perpetual and will not be revoked by
    OASIS or its successors or assigns.

    This document and the information contained herein is provided on an "AS IS"
    basis and OASIS DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT
    LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT
    INFRINGE ANY OWNERSHIP RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR
    FITNESS FOR A PARTICULAR PURPOSE.

Hope this helps.

[0] https://docs.oasis-open.org/office/v1.2/os/OpenDocument-v1.2-os-manifest-schema.rng
[1] https://www.oasis-open.org/committees/tc_home.php?wg_abbrev=office

Regards, Jaroslav


On 17 February 2016 at 23:48, Chet Ensign <chet.ensign@oasis-open.org> wrote:
HI Jaroslav, 

I'm Chet Ensign, OASIS TC Admin and author of the copyright block you mention was put there by me. I will see what changes I can make to make it more user friendly for you. 

Best regards, 

/chet


On Wed, Feb 17, 2016 at 4:52 PM, Jaroslav Imrich <jaroslav.imrich@gmail.com> wrote:
Hello all,

as a software developer I expect source code files (ANSI C headers included) to contain basic licensing information in a comment which is present on the first few lines. When I open older v2.20 header I see this comment:

/* License to copy and use this software is granted provided that it is
 * identified as "RSA Security Inc. PKCS #11 Cryptographic Token Interface
 * (Cryptoki)" in all material mentioning or referencing this software.

 * License is also granted to make and use derivative works provided that
 * such works are identified as "derived from the RSA Security Inc. PKCS #11
 * Cryptographic Token Interface (Cryptoki)" in all material mentioning or
 * referencing the derived work.

 * RSA Security Inc. makes no representations concerning either the
 * merchantability of this software or the suitability of this software for
 * any particular purpose. It is provided "as is" without express or implied
 * warranty of any kind.
 */

These 12 lines tell me everything I need to know about the licensing terms and everything is clear. However when I open v2.40e1 header I see this comment:

/*
 * PKCS #11 Cryptographic Token Interface Base Specification Version 2.40 Errata 01
 * Committee Specification Draft 01 / Public Review Draft 01
 * 09 December 2015
 * Copyright (c) OASIS Open 2015. All Rights Reserved.
 * Source: http://docs.oasis-open.org/pkcs11/pkcs11-base/v2.40/errata01/csprd01/include/pkcs11-v2.40/
 * Latest version of the specification: http://docs.oasis-open.org/pkcs11/pkcs11-base/v2.40/pkcs11-base-v2.40.html
 * https://www.oasis-open.org/policies-guidelines/ipr
 */

This comment tells me almost nothing about the license. It points me to OASIS IPR Policy instead. Actually I can only guess that OASIS IPR Policy may contain licensing details because comment contains only a plain link without any hint or explanation. Shortly after I begin to read IPR policy I find out that in order to interpret it I need to know under which mode PKCS11 TC operates. I would expect this information to be included in the comment but it is not. Few minutes later I am finding it on PKCS11 TC page [0] but I am already too exhausted to continue so I give up for now..

Could you please consider making licensing information available in a more friendly way? At least state in header that PKCS11 TC operates under the RF on RAND Mode of the OASIS IPR Policy and attach whole text of OASIS IPR Policy in a separate file. Just imagine that you will need to use these headers 20 years later after they have been published. Links may be dead until then.

[0] https://www.oasis-open.org/committees/pkcs11/ipr.php




--

/chet 
----------------
Chet Ensign
Director of Standards Development and TC Administration 
OASIS: Advancing open standards for the information society
http://www.oasis-open.org

Primary: +1 973-996-2298
Mobile: +1 201-341-1393 



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]