On Tue, 2008-12-09 at 23:03 +0100, Matthias Saou wrote:
> > >>>>> "TC" == Tom \"spot\" Callaway <Tom> writes:
> > TC> Given that it does not give permission for us to redistribute (the
> > TC> cornerstone requirement for Content licenses), this license is not
> > TC> acceptable for Fedora.
> > I guess I'm glad I looked before approving the package, but I have to
> > wonder: Do the cacert folks actually want anyone to use their
> > certificates? I mean, this prevents basically everyone from using
> > them, because they can't come with the OS or the browser.
> Personally, the more I read the document, the more I'm confused.
> "You may NOT distribute certificates or root keys under this
> licence"... does this mean we can distribute under a different license?
Well, sortof. The wording here is strange because you can get a
different license from the CA issuer. We can't just pick a license, but
the CA issuer might be willing to give us a different one.
> Would it be worth getting in contact with CAcert.org in order to try
> and have them allow us to redistribute the root certs under conditions
> which are acceptable to the Fedora Project?
Probably, yes. :)
In former times, there was an excellent cooperative relationship between the
development of cdrtools and the various Linux distributions (in special with
Debian). Unfortunately, this changed in Spring 2004, a few months after the
Debian package maintainer for the cdrtools has been replaced with a new and
As a result, during the past few years, many Linux users have become upset
from the results of a completely unneeded conflict initiated by the
non-cooperative "downstream" package maintainer. Many Linux distributions
(including RedHat and Fedora) have become victims of this conflict. The
conflict started in May 2004 with some anti-OSS and anti-social actions
against the OSS project bundle "cdrtools".
The non-cooperative "downstream" package maintainer started his high profile
attack against the cdrtools project in May 2004. His attacks have been based
on his personal frustration that was solely caused by his missing
programming skills and his personal concept of dealing with these deficits.
He later extended his attacks and finally incorrectly claimed that there were
license problems in the cdrtools project and created a fork.
As _reaction_ on his claims and in order to defend the freedom of the
cdrtools software against these claims that have been based on an incorrect
GPL interpretation (it would turn the GPL into a non-free license if taken
seriously), the license of the original software was changed to avoid the GPL
as far as possible. This was done after many people from the OSS community and
several lawyers have been asked about possible problems, caused by the planned
license change. As nobody did see a problem, the license change was carried
out. A lot of new code and functionality was introduced since then and many
older bugs have been fixed in the original software. Nearly 50% of the current
code is code that was introduced or rewritten after the license change did take
Note that the people who claim that there is a "potential problem that might
result in a lawsuit" did never verify a possible problem and as they do not
even own any Copyright on the code, they themselves are not allowed to sue
people based on the cdrtools code.
At the same time, the fork introduced many new bugs and questionable changes
that reduced it's portability and it's usability. While the code quality of
the fork declined, some of the changes introduced Copyright law violations 
and even GPL  violations, making the fork undistributable. In December 2006
the initiators of the unlawful changes have been contacted and informed in
depth about the violations. They have been asked to make the fork legal again
to no avail.
Eight months after the fork was created, the development of the fork stopped
on May 6th 2007 as it's initiator stopped "working" on it. For some time, I
was in hope that the big number of bugs in the fork (there are approx. 150
different bugs in total if you sum up all entries from all bug tracking
systems from various Linux distributors) and the fact that it is no longer
actively been worked on, would cause the Linux distributions to return to the
legal original software. This did unfortunately not happen.
I did wait a long time in hope that the problem will go away initiated from
judiciousness but after some time, I am no longer willing to tolerate the
distribution of the questionable fork.
About a year ago, I asked the Sun Microsystems legal department to do another
full legal review for the original software to make sure that none of the
claims from the people who attack cdrtools is valid. In October 2008, the
Sun legal department confirmed that there is no legal problem with the
At CeBIT on March 6th 2009, there was a meeting with me (Jörg Schilling, the
main developer and main Copyright holder), Simon Phipps (the Sun Microsystems
OpenSource Evangelist), a neutral observer and a FTP-master from Debian.
During this meeting, Debian agreed to start shipping the original software
again as soon as possible.
I am in hope that RedHat and Fedora will also start to distribute the original
software again and stop distributing the fork "cdrkit" because it is in
conflict with the Copyright law  because it is full of well known bugs and
because it is missing most features, people today expect from such software.
Missing features are a typical result from decoupling from the main stream
development. The source in the fork is based on 4 year old sources from
the original. Note that working on the code from the fork is not an option as
the initiators rejected to remove the Copyright violations 30 months ago and
as too many show stopper bugs are unfixed in the fork since more than 24
I am looking forward to see RedHat and Fedora start to ship again the legal
original software from
and rejoin the community of OSS and user friendly distributions. Don't let the
OSS users suffer anymore from the conflict introduced by a single hostile
person. RedHat and Fedora should deliver what people need in order to be able
to write CDs/DVDs/BluRays and this is the original software.
The original software is easy to compile (you just need to type "make" - or
better "smake") and it is 100% complete, so it does not need any unusual
software package besides a compiler. The original software is expected to be
always bug-free as bug fixes typically take only a few hours.
The original software strictly follows all written conditions from the GPL .
Under the assumption that the GPL is a free OSS license  (and in special
is compatible with the text in section 9 of the OSS definition) and that
typical Linux distributions are at least mostly legal, the license
combinations used in cdrtools are of course legal too, according to the best
GPL explanation   I could find in the net and of course according to the
Sun Microsystems legal department. Lawrence Rosen, the Author of  and 
advised the Open Source Initiative (www.opensource.org).
Some statistics on the project activities:
Cdrecord started as project in January 1996, but it was built on top
of older Code (e.g. libschily from 1984, libscg from 1986 and the schily
makefile system from 1992). Cdrtools include now also e.g. mkisofs that
started as Project in September 1993 and that is maintained by the cdrtools
project since spring 1997. The license change towards using CDDL for most
code has been done on May 15th 2006.
In the time between January 1985 and December 1995, there have been
638 file putbacks done in 385 groups (385 unique delta comments).
In the time between January 1996 and May 14th 2006, there have been
8847 file putbacks done in 4280 groups (4280 unique delta comments).
In the time between May 15th 2006 and today, there have been
4735 file putbacks done in 1695 groups (1695 unique delta comments).
Approx 30% of all putbacks have been made after May 15th 2006, this is
why the fork misses so many features people like to see today....
In the time past May 6th 2007, there have been
2441 file putbacks done in 882 groups (882 unique delta comments).
During the same time, there have been 63 putbacks in the fork. This
why people call the fork "dead".
In other words: the original software has a sustained rate between 2.5 and 3
file changes per day since more than 13 years. This is why there are no know
bugs and no known problems with the original software.
While the original project did deliver ~ 50 new releases (that did not have
any known bugs at the time of delivery) since May 15th 2006, the fork did not
deliver a single release without plenty of well known bugs.
 Whether it not the GPL violations apply to Redhat and Fedora also,
depends on the way a typical Redhat/Fedora installation looks like.
Please help to defend OpenSource Software against attacks!
EMail:firstname.lastname@example.org (home) Jörg Schilling D-13353 Berlin
joerg.schilling(a)fokus.fraunhofer.de (work) Blog: http://schily.blogspot.com/
URL: http://cdrecord.berlios.de/private/ ftp://ftp.berlios.de/pub/schily
Matej Cepl wrote:
> (think Google Docs) is hard to recognize from binary-only distribution,
> which I can see as pretty good argument.
integration into browsers and how it ends up used. It basically hides
proprietary software in what users perceive as "content".
Seth Vidal (skvidal(a)fedoraproject.org) said:
>>> However, I don't think there's anything to worry about here. The only
>>> reason that we ship mono *at all* is that we're covered by some OIN
>>> patents on it. I'm not sure which OIN patents those are, but
>>> essentially if Microsoft wants to pick that fight,
>> ... it's not OIN patents, it's that mono is in the OIN list of protected
>> packages. Just clarifying.
> Does OIN cover the specific version we're carrying? I thought OIN was
> version specific.
It covers a specific version of a package, and the functionality provided by
that version in any successive release of that package. So, even though
libX11 was split out of the xorg-x11 package after the OIN package list
was approved, it's still covered.
On 06/29/2009 08:49 PM, drago01 wrote:
> On Mon, Jun 29, 2009 at 5:08 PM, Kevin Kofler wrote:
>> drago01 wrote:
>>> Another don't use $LANGUAGE because its evil post from RMS.
>> So what? His concerns are real.
> Depends on how you read them and whether you agree with him or not.
> And for most cases I don't.
> Saying mono is evil while having DotGNU seems odd to me
Did you even read the article? I don't see where FSF cliams mono is
evil. Their position is far more nuanced than that. What FSF is
suggesting is to treat Mono purely as a (legacy) compatibility layer and
not use it for new applications.
"This is not to say that implementing C# is a bad thing. Free C#
implementations permit users to run their C# programs on free platforms,
which is good. (The GNU Project has an implementation of C# also, called
Portable.NET.) Ideally we want to provide free implementations for all
languages that programmers have used.
The problem is not in the C# implementations, but rather in Tomboy and
other applications written in C#. If we lose the use of C#, we will lose
them too. That doesn't make them unethical, but it means that writing
them and using them is taking a gratuitous risk."
> Saying mono is evil while having DotGNU seems odd to me
He also recommends against using DotGNU to develop your new Free Software in
(because of the same patent risk as for Mono).
>> against using it, there was certainly a valid reason.
and I agree with that one too: web apps are a way to push proprietary
software onto people who claim to use only Free Software. In most cases, a
into play), but is often licensed under a proprietary license, another
portion runs on the web server and is completely out of your control (so
it's even more proprietary than the average proprietary software). If
you're using a proprietary web app, you're NOT using Free Software, but
proprietary software, even if the browser you're using is Free Software.
> Another don't use $LANGUAGE because its evil post from RMS.
So what? His concerns are real.
Java used to be non-Free, so of course it was bad to depend on it.
Especially for those programs which didn't work with the implementations
which were Free Software at the time (GCJ/Classpath-based stuff).
against using it, there was certainly a valid reason.
Is there any contingency plans in place,
for a worst case scenario if C#, is lost?
Is there any searchable parameter,
to work out what something is coded in\depending on (code wise)
This is not the normal "**** mono" post.
I hope, I worded it enough, that my concern is:
Fedora and *All* our Users
jabber | msn | skype: frankly3d
-----BEGIN PGP SIGNED MESSAGE-----
someone have mark the following review request with FE-LEGAL:
The license says, that the content is redistributable but you have
not the permission to modified the content. Because the package
contains only content, that license is acceptable for fedora from my
point of view.
It may be nice, if anyone can aggree with my statement.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
-----END PGP SIGNATURE-----