Is it time to rethink the open source license approval process?

Is Google’s WebM open source or not? And why (or more to the point, how) did it take the OSI nearly five months to approve the PostgreSQL license?

Open Source Initiative board member, Simon Phipps, declared on Monday that Google’s WebM project “is not currently open source”. It was a statement based on the fact that the license used for WebM is not currently approved by the Open Source Initiative as being compliant with the Open Source Definition.

The choice of language was unfortunate though. Had Simon written that WebM “does not currently use an OSI-approved license” then the statement would have been unarguably true. Declaring that the license is “not… open source” prompted predictable disagreement.

“OSI does not have a trademark on the term “open source”. It is not OSI-approved, but it is open source by anybody else’s definition,” commented one anonymous respondent, while David Gerard noted that “the rather more active FSF considers it free software”.

I’m not interested in continuing the debates about whether the OSI should be considered the ultimate arbiter of “open source” (as opposed to OSI-approved), or the FSF vs OSI, or whether WebM is officially open source (see Bruce Perens’ comment below for clarification on that). What concerns me is the ongoing open source licensing no man’s land that encourages these debates in the first place.

Another OSI board member, Andrew Oliver recently stated that when it comes to judging software “Either it is open source or not.” This ought to be true, but the WebM example proves that it is not. There is a no man’s land in which the software might be open source, but we have to wait for the license to be submitted to and approved by the OSI before we can know for sure.

The WebM license has been submitted to the OSI’s license review mailing list, not by Google but by Bruce Perens, who noted that he plans to issue a derivative work based on WebM, but – besides – “it’s in the community’s interest to review it”.

With any luck then there should be a definitive decision on the WebM license sooner rather than later. But maybe later. A look at the license review mailing list reveals one submitter has been waiting six months for official confirmation of OSI approval. And he’s not the only one waiting for a response.

(Update – Most definitely it will be later – Google has asked the Open Source Initiative to delay consideration of Google’s WebM license, and in doing so has called on the OSI to be more open)

I fully understand why the approval process is designed to weed out vanity licenses and discourage license proliferation*, but it took nearly five months from the submission of the PostgreSQL license to its eventual approval.

Today Simon has made the case for why the world still needs the OSI, and I agree with him that it retains an important role in the open source ecosystem (which is why we were concerned by its recent organisational problems) but would argue that the process of license approval needs to be overhauled.

Simon argues that it would be great to see more of the older and (in hindsight) unsuitable licenses retired. It would, but it would also be great if the OSI made the process of selecting an approved license easier, and the process of license approval quicker.

The Report of the License Proliferation Committee, which was approved by the OSI board in 2006, highlighted an open source license wizard project underway at USC law school and San Francisco State engineering department and stated its hope “being able to generate a list of existing licenses that meet defined goals will lessen the need for people to create their own new licenses”.

I’m not sure what ever happened to that wizard project, but it sounds a lot like the Creative Commons license selector. (As an aside I remembering discussing a similar idea with another OSI board member, Martin Michlmayr, during the Open Source Think Tank in Paris and he mentioned proposing it to the OSI board).

I previously argued that web-based tools also have the potential to make the process more fluid and involve others in the approval process. It seems to me that in a world where Digg and IdeaStorm already seem old, taking almost five months to approve a license in use for 14 years by one of the most popular open source projects in the world is absurd and completely unjustifiable.

*Although I’m not convinced that license proliferation is the threat it once was, see this post for an explanation.

Tags: , , , , , , , , , , , , , , , , , ,

5 comments ↓

#1 Bruce Perens on 05.25.10 at 9:34 am

It really isn’t an open source license, due to an unfortunate word choice in the patent grant language, which is the main chance from the BSD-style license they started with. If you modify the VP8 implementation, you become a patent infringer.

#2 Matthew Aslett on 05.25.10 at 9:42 am

Thanks Bruce

#3 Andrew C. Oliver on 05.25.10 at 10:52 am

The other problem is that the license is (c) google all rights reserved and is hardcoded to Google and VP8.

#4 451 CAOS Theory » Google demands more openness from the Open Source Initiative on 05.27.10 at 5:04 am

[…] Theory opinion: Earlier this week we argued that the OSI’s license review process needs to be overhauled but while we agree that there is […]

#5 Russell Nelson on 05.28.10 at 10:11 am

Our process is slow and deliberative because we’ve found that when we do anything else, we make misteaks. And when there’s not any good road BACK from approval, it only makes sense to be extremely careful. In the particular case you noted, the board wanted to make sure that the pgSQL folks had made a good-faith effort to relicense under an already-approved license. They had, and that was that.