PALO ALTO, Calif., June 30, 2020 -- The Open Source Initiative® (OSI), the internationally recognized steward of the Open Source Definition and open source licenses, is excited to announce the Affiliate Membership of OASIS Open, a global nonprofit consortium managing a broad technical agenda encompassing cybersecurity, blockchain, privacy, cryptography, cloud computing, IoT, urban mobility, emergency management, and other content technologies.
“OASIS Open and OSI have been informal collaborators on licensing and other topics from the early days of the OpenDocument Format to our recent Open Projects Program,” noted Guy Martin, Executive Director of OASIS Open. “We are delighted to formalize our relationship as a sign of our mutual commitment to expanding the role of open source in the standards definition process and look forward to an exciting future for this combined open ecosystem.”
Founded in 1993, the OASIS Open community is committed to advancing work that lowers cost, improves efficiency, stimulates innovation, grows global markets, and promotes interoperability. Each project operates independently under OASIS’s industry-leading process and clear Intellectual Property Rights.
Begun in 2019, the OASIS Open Projects program provides open source communities with foundation-level support—for governance, intellectual property (IP) management, collaboration tools, outreach and events—with an optional path to standardization and de jure approval for reference in international policy and procurement. Open Projects lets communities choose from seven currently-supported, OSI-approved licenses.
OASIS Open and OSI have been consultative partners helping shape open source and open standards work in many technology domains, including ensuring that OASIS Open programs satisfy the criteria defined by OSI’s Open Standards Requirements (OSR), which mandates standards must not prohibit conforming implementations in open source software. OASIS Open also enjoys productive liaison and peer relationships with several of OSI’s other Affiliate Members.
“OASIS Open has been the most important pioneer of approaches to bridging the gap between open standards and open source, and we are excited to have a new basis on which to collaborate going forward,” said Pam Chestek, OSI Board Director and Chair, OSI Standards Committee.
The OSI Affiliate Member Program allows non-profit organizations—unequivocally independent groups with a commitment to open source—to join the OSI in support of our work to promote and protect open source software. As the steward of the Open Source Definition certifying Open Source Software Licenses, by establishing such certification as the standard for open source software development and distribution, and with the support of our Affiliate Membership, the OSI has become a cornerstone of software freedom.
About OASIS Open
One of the most respected, member-driven standards bodies in the world, OASIS Open offers projects—including open source projects—a path to standardization and de jure approval for reference in international policy and procurement. Their members include major multinational companies, SMEs, government agencies, universities, research institutions, consulting groups, and individuals are represented. Please see https://oasis-open-projects.org for more information.
About The Open Source Initiative
Founded in 1998, the Open Source Initiative (OSI) protects and promotes open source software, development and communities, championing software freedom in society through education, collaboration, and infrastructure, stewarding the Open Source Definition, and preventing abuse of the ideals and ethos inherent to the open source movement. The OSI is a public charity with global vision based in California. For more information about the OSI, please see https://opensource.org.
The Open Source Initiative would like to congratulate the GNOME Foundation on its recent settlement of the patent lawsuit alleging that the Shotwell software infringed patents owned by Rothschild Patent Imaging. The settlement was a huge achievement -- not only did GNOME pay nothing, but Rothschild Patent Imaging and its owner, Leigh M. Rothschild, have agreed that, for all of their patents and futurepatents, they will not sue any user or developer of software under an Open Source Initiative-approved license (and their updated versions) where the software forms a material part of the infringement allegation. That is freedom from suit for the open source software world for over 100 patents.
This is a remarkable accomplishment that could only happen with the overwhelming support of the entire open source community. U.S.-based patent infringement lawsuits are notoriously expensive, so a business model has developed to sue those who appear to lack the financial means to mount a defense. The plaintiff is successful when the defendant pays a substantial sum simply because it is less than the cost to defend the lawsuit. However, with community support GNOME was able to raise over $150,000 from more than 4,000 donors, allowing it to not only stand strong against the threat but also ultimately procure a huge benefit for the open source community at large. This suit demonstrates to the world once again that the open source community and our values of mutual support, collaboration, cooperation, and transparency can accomplish greater ends than any one person standing alone.
The suit also demonstrates the critical role OSI-approved licenses play. Using an OSI-approved license demonstrates that the software project participants share common values that ultimately serve to spur innovation for the benefit of our society as a whole. Which now, thanks to the GNOME Foundation, is no longer inhibited by the threat of patent suits from the Rothschild parties. We are optimistic that more patent holders, non-practicing entities and practicing entities alike, will make the same calculation and help build instead of tear down.
The OSI Board of Directors
Image credit: "celebrating-gnome.jpg" by Open Source Initiative, 2020, CC BY-SA 2.0, is a derivative (cropped and scaled) of "Pyro Spectaculars Marquee Event 2012, 5 March 2013" a photo by Pyro Spectaculars by Souza, available under CC BY-SA 2.0, via Flickr.
The State of the Source Summit invites open source communities of practice from around the world to organize and contribute to a global conversation on the current state of open source software: non-technical issues that foster development and community, the licenses that enable collaboration, the practices that promote contribution, and the issues confronting cooperation.
State of the Source is an innovative program that follows the sun around the globe with regional projects, and communities in every timezone creating and delivering content relative to local open source issues and interests, while engaging with an international audience of peers.
We hope you will consider presenting on a topic of interest and invite you to submit your presentation to the State of the Source Call for Proposals.
The Open Source Initiative's mission is to educate about and advocate for the benefits of open source software and to build bridges among different constituencies in the open source community. The State of the Source serves the OSI's mission and our community, with a focus on understanding, implementing, and improving the state of open source software. Below you will find four tracks, themes that should drive each track's sessions, and even a few examples of topics that might help you develop your presentation.
How do licenses and their application enable the collaboration, contributions, and co-creation realized through open source software? Understanding licenses, the motivations for their creation, their application, affordances, and the OSI’s role, are key for successful projects, communities, and the entire open source software movement. What is (should be) the role of the OSI, the OSD, and the License Review Process? What are the challenges facing these? What does the future of licenses and licensing hold? Possible presentation topics include:
Everyone now uses open source in some way—from individual end-users to the biggest companies, in small non-profits or the largest governments, by self-learners and comprehensive universities. How are organizations leveraging open source licenses and software to not only deliver value to their constituents and community, but also ensure sustainability (funding, development, adoption, etc.) of the project? What are the responsibilities of those who benefit from open source software and licenses to the projects and communities that they rely on? How can we encourage, foster and support the maintainers that make it all possible? How can organizations best engage with communities in the development of their own projects? Possible presentation topics include:
The identification and application of open source licenses can impact both the development community and end-users. How are organizations managing their open source portfolios, identifying risks and benefits, while maximizing the value of co-development and software freedom? Possible presentation topics include:
What are we missing around open source licenses and licensing, the Open Source Definition, the OSI, and other non-technical issues impacting the open source software movement?
The State of the Source will be a global event and provides tremendous opportunities to directly engage with the open source software community and support the work of the Open Source Initiative. We hope you will join us in our efforts to create broader awareness, increase understanding, and address issues to help educate and build bridges between open source software communities.
Deadline for sponsorship commitment, August 25th (or until all opportunities filled).
For more information, or to confirm your sponsorship of the State of the Source Summit, please email firstname.lastname@example.org.
(Four Available - Limit Four)
Provides the maximum exposure for your organization--both online and with local communities--while highlighting your commitment to open source software and licenses.
(Eight Available - Limit Ten)
(FULL - Limit One)
State of the Source is a community conference intended for networking and collaboration in the open source community.
We value the participation of each member of the community and want all attendees to have an enjoyable and fulfilling experience. Accordingly, all attendees are expected to show respect and courtesy to other attendees throughout the conference and at all conference events.
To make clear what is expected, all delegates/attendees, speakers, exhibitors, organizers and volunteers at any Open Source Initiative event are required to conform to the following Code of Conduct. Organizers will enforce this code throughout the event.
The Open Source Initiative is dedicated to providing a harassment-free conference experience for everyone, regardless of gender, sexual orientation, disability, physical appearance, body size, race, or religion. We do not tolerate harassment of conference participants in any form.
All communication should be appropriate for a professional audience including people of many different backgrounds. Sexual language and imagery is not appropriate for any conference venue, including talks.
Be kind to others. Do not insult or put down other attendees. Behave professionally. Remember that harassment and sexist, racist, or exclusionary jokes are not appropriate for State of the Source.
Attendees violating these rules may be asked to leave the conference at the sole discretion of the conference organizers.
Thank you for helping make this a welcoming, friendly event for all.
Harassment includes offensive verbal comments related to gender, sexual orientation, disability, physical appearance, body size, race, religion, sexual images in public spaces, deliberate intimidation, stalking, following, harassing photography or recording, sustained disruption of talks or other events, inappropriate physical contact, and unwelcome sexual attention.
Participants asked to stop any harassing behavior are expected to comply immediately.
Exhibitors in the expo hall, sponsor or vendor booths, or similar activities are also subject to the anti-harassment policy. In particular, exhibitors should not use sexualized images, activities, or other material. Booth staff (including volunteers) should not use sexualized clothing/uniforms/costumes, or otherwise create a sexualized environment.
Be careful in the words that you choose. Remember that sexist, racist, and other exclusionary jokes can be offensive to those around you. Excessive swearing and offensive jokes are not appropriate for State of the Source.
If a participant engages in behavior that violates this code of conduct, the conference organizers may take any action they deem appropriate, including warning the offender or expulsion from the conference with no refund.
If you are being harassed, notice that someone else is being harassed, or have any other concerns, please contact Jenn Cummings at email@example.com.
Conference staff will be happy to help participants experiencing harassment feel safe for the duration of the conference. We value your attendance.
This Code of Conduct was forked from the North Bay Python Code of Conduct, which was derived from the PyCon US Code of Conduct under a Creative Commons Attribution 3.0 Unported license, itself originally forked from the example policy in Geek Feminism wiki, created by the Ada Initiative and other volunteers, which is under a Creative Commons Zero license.
Image credit: "StateoftheSource.png" by Open Source Initiative, 2020, Attribution 4.0 International (CC BY 4.0), is a derivative (merged, cropped, scaled, and color adjusted) of "World Grunge Map" by Nicolas Raymond, 2012, Attribution 2.0 Generic (CC BY 2.0), via Flickr; "people-man-women-grandma-grandpa-4035403" by AnnaliseArt, 2020, Pixabay License, via Pixabay, and; "browser-web-internet-technology-4026002" by jakubem, 2020 Pixabay License, via Pixabay,
“We are thrilled to welcome aboard OpenJS as an OSI Affiliate Member, ” said Tracy Hinds, Chief Financial Officer of OSI. “It is a time in open source where it’s vital to learn from and be challenged by the growing concerns about sustainability. We look to OpenJS as a great partner in iterating over the questions to be asking in how projects are building, maintaining, and sustaining open source software.”
The OSI Affiliate Member Program, available at no-cost, allows non-profit organizations to join and support the OSI's work to promote and protect open source software. Affiliate members participate directly in the direction and development of the OSI through board elections and incubator projects that support software freedom. Membership provides a forum where open source leaders, businesses, and communities engage through member-driven initiatives to increase awareness and adoption of open source software.
About OpenJS Foundation
About the Open Source Initiative
For over 20 years, the Open Source Initiative (https://opensource.org/) has worked to raise awareness and adoption of open source software, and build bridges between open source communities of practice. As a global non-profit, the OSI champions software freedom in society through education, collaboration, and infrastructure, stewarding the Open Source Definition (OSD), and preventing abuse of the ideals and ethos inherent to the open source movement.
License-Review mailing list topics for February 2020:
Continued discussion on the Cryptographic Autonomy License (Beta 4)
Statement for the need of consistency with capitalizations
Support for approval despite lingering concerns such as the potential for abuse and the earlier drafting history, due to lack of grounding in the current text.
Question concerning the license and its ability to ensure that customer data won’t be locked and that the sharing of improvements to the code will be maximized
Confirmation on all concerns being addressed by the license
Suggestion that more discussion is still needed due to concerns with how the license is in previously-mentioned situations and how it interacts with the principles of FOSS and its effect on users, but with a slight inclination towards approval
Support for rejection or further discussion due to privacy risks
Clarification that the license requires that users retain control of keys but that system keys are not User Data as defined
Request for the location in the license for this distinction and statement that the distinction between user and system as well as client and server are unclear in peer-to-peer systems
Request for the location in the license for this distinction and statement that the distinction between user and system as well as client and server are unclear in peer-to-peer systems
Directions to section 4.1 in the definition of the source code and user autonomy provisions in 4.2.2, both where it is stated that cryptographic keys are required to make the distinction clear
Concerns regarding the requirement for documentation for use, requirement for configuration information, the possibility for coercion regarding handing over encrypted data and encryption keys, the term “recipient” being too broad, and that the issues like privacy attacks caused by the client-server style approach of the CAL. Requests for scenario examples for further discussion.
Clarification that there is no requirement for the generation of new documentation and that the context of configuration information is just for the information needed to install and use, that the CAL is written for a peer-to-peer application though is compatible in client-server applications, and that the term “recipient” can be used as in a peer-to-peer network users can act as a client as well as act as a server. Response that the request reflects a misunderstanding of the CAL requirements.
Request for clarification on the problems being addressed regarding user freedom, language adjustment recommendations, statement that the privacy attack is easier to accomplish, and a request for information on the limitation of the disclosure of recipient user data without the disclosure of the operator’s private data, together with an example that highlights the issue.
Answer that a problem addressed is the gradual re-centralization of decentralized systems, clarification that no new documentation is required and that the context is the provision of the source code, and that the example provided that highlights the issue around the disclosure of data is in the wrong layer.
Request for clarification whether interaction with a remote version of an application requires distribution of source code or not and modified example highlighting the issues of data accessibility and transmission and compliance with the license.
Statement that creating new functionalities regarding data dumps are not required by the CAL but that the license prevents removing them and that in the example there would be no violations.
Statement that concerns with the CAL in terms of the OSD are with regards to the forced disclosure of private data or keys, the term “use” being too broad with the suggestion to use “execute” instead, issues with the implications of data retention in the event of accidental data loss and data extraction if it is not easy, and that a peer-to-peer actor model environment would be difficult to be compliant and may result in security weakening. Sections 6 and 10 of the OSD are highlighted.
Clarification that there is no forced disclosure without a legal right, that the difference in wording of “use” and “execute” are not meaningful in the context of providing information, that the difficulty level of providing data has already been discussed, that there is no requirements with regards to data retention, and that liability regarding data extraction is with the service provider and no the developers. Answer that there is no discrimination involved if the author chooses an architecture that is more difficult in terms of compliance.
Clarification on “user data”, statement that “use” is better, that the License Committee judged that the requirement to give user/recipient data is not too burdensome, and that OSD 6 and 10 don’t require that the license be usable for every type of software.
Suggestion to include the nullification of copyleft/proprietary dual licensing into the license.
Answer that it is not a good idea to introduce changes at this stage.
Recommendation to reject or have more discussions due primarily to the user data provision due to unclarity regarding who is the service provider.
Direction to section 4 which defines what providing a service is in terms of communicating the Work to another person.
Question with regards to a theoretical example where voice recording is submitted to improve the quality of voice recognition and the accessibility of all recordings by one user.
Answer that it would not allow access to the recordings of others.
Concerns with the PII, GDPR, CCPA, and similar laws and their implications with the CAL.
Answer that the CAL was written to be compatible with the GDPR and the CCPA and uses similar language.
Concerns with regards to the frequent occurrence that a bit of data is about more than one person and that GDPR itself is still evolving.
Answer that data that GDPR applies to is a different set than what the CAL considers User Data
Statement that the obligations with regards to the cryptographic keys would not be under the CAL
Resolution of the Cryptographic Autonomy License (Beta 4) – Approved
Approval of the Cryptographic Autonomy License (Beta 4) for the Uncategorized Licenses category
Eight voted in favor, none opposed, one abstained, and two were not present.
Resolution of the Mulan PSL V2 - Approved
Approval of the Mulan PSL V2 for the International category
Nine voted in favor, none opposed and abstained, and two were not present.