AGPLv3 and GPLv2

[Toshio Kuratomi]

On 06/10/2009 09:28 PM, Luke Macken wrote:
> On Wed, Jun 10, 2009 at 04:17:57PM -0500, Mike McGrath wrote:
>> So without knowing it we started using AGPLv3 code in our environment
>> recently for fedora community and moksha.  In the past I think all of our
>> stuff has been GPL(ish) mostly GPLv2 (toshio correct me if I'm wrong
>> there)
>>
>> I want to make sure we're all aware of what we can and can'd do as far as
>> mixing the code between the two as this could be very unfortunate.
>>
>> Luke, you described the AGPLv3 as "crucial".  Can you let the rest of us
>> know why the GPLv2 wouldn't work?
> 
> Using GPLv2 would allow $BIG_EVIL_CORPORATION to take our code and run it
> publicly on their servers without making the source available.  The AGPL fixes
> this issue, which is known as the "application service provider loophole", and
> would require them to put a link to the source code if one existed in the
> original copy.  This is why you will see links to the Moksha and Fedora
> Community source code at the bottom of every page.
> 
> I am not a lawyer, nor do I play one on television.  Someone smarter than I can
> elaborate further, or correct any false assumptions that we have made.
> 
> More details from Wikipedia:
> 
> """
> Both versions of the AGPL were designed to close a perceived application
> service provider "loophole" (the "ASP loophole") in the ordinary GPL, where by
> using but not distributing the software, the copyleft provisions are not
> triggered. Each version differs from the version of the GNU GPL on which it is
> based in having an additional provision addressing use of software over a
> computer network. The additional provision requires that the complete source
> code be made available to any network user of the AGPL-licensed work, typically
> a web application.
> 
> The Free Software Foundation has recommended that the GNU AGPLv3 be considered
> for any software that will commonly be run over a network.[2] The Open Source
> Initiative approved the GNU AGPLv3[3] as an Open Source license in March 2008
> after Funambol submitted it for consideration[4]
> 
> [...]
> 
> Compatibility with the GPL
> 
> Both versions of the AGPL, like the corresponding versions of the GNU GPL on
> which they are based, are strong copyleft licenses. In the FSF's judgment, the
> additional requirement in section 2(d) of AGPLv1 made it incompatible with the
> otherwise nearly identical GPLv2. That is to say, one cannot distribute a
> single work formed by combining components covered by each license.
> 
> By contrast, GPLv3 and AGPLv3 each include clauses (in section 13 of each
> license) that together achieve a form of mutual compatibility for the two
> licenses. These clauses explicitly allow the "conveying" of a work formed by
> linking code licensed under the one license against code licensed under the
> other license.[7] In this way, the copyleft of each license is relaxed to allow
> distribution of such combinations.  """
> 
Unfortunately, this section doesn't help us at all as we have no GPLv3
code to worry about at the moment.  spot, we need a quick course on what
the AGPL means for us WRT mixing code and whether it makes sense for us
to relicense all of our web apps (where the copyright holders agree).

-Toshio

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/fedora-infrastructure-list/attachments/20090610/33abdd34/attachment.sig>