Open source licenses: is 58 enough?
With all the controversy around open source licensing I felt it was time to express my opinion.
Many people complain about what they call license proliferation. I went to the licenses section of the Open Source Initiative (OSI) website and found no less than 58 different licenses. My next reflex was to go the same section of the very popular sourceforge.net to find out if all these licenses were used. And numbers speak for themselves. The most popular license is the with 43051 projects and the runner up was of course the with 6965 projects. The other popular licenses including MIT, BSD, MPL and Apache (combined) are used by roughly 7000 projects. Other than these six licenses the others are used by a ridiculously low amount of projects. This begs the question; do we need all 58 of them? Is it reasonable for OSI to continue to approve additional licenses? Does it serve the open source community or is it a source of confusion?
Danese Cooper, who has been on the OSI board since 2001, says that OSI's goal was to get large corporations to participate and they have. Unfortunately they all wanted their own vanity license. In all fairness, she admits that they tried to use the Mozilla Public License but they had to re-author the license because the MPL has hard-coded references to Mozilla. The result is license proliferation and confusion...
On March 29 of 2005, I was happy to see that Intel (one of those large corporations) announced the withdrawal of their Intel Open Source License from OSI. "Intel has been studying internally the issue of license proliferation. One step Intel would like to take to reduce license proliferation is to have the "Intel Open Source License" removed from future use as an approved OSI open source license" Said Intel's attorney McCoy Smith.
At the same time I remembered that Sun (another large corp.) had submitted a new license to OSI in December of 2004 which was approved on 1/14/05. Great! We got rid of a license and another one was approved. My first reaction was that Sun’s move was stupid. So I did some homework and read Sun’s CTO Greg Papadopoulos’ post as well as the diffs between MPL and CDDL (available on Sun’s website) and began changing my mind. My understanding now is that Sun is trying to come up with a template that other vendors and project leaders can use instead of writing their own license. I will believe that when I see thousands of projects (other than OpenSolaris) on sourceforge adopting the CDDL license. I am willing to give Sun the benefit of the doubt on this one especially when big names like CA buy the template license idea.
Computer Associates is talking to Sun and IBM about creating a common commercial open source license for future projects. "We are actively looking at [Sun's] CDDL," said Sam Greenblatt, SVP with CA and in charge of open source at OSBC.
The final version will be a template license, Greenblatt said. The license should be finished by the end of the year.
Personally, I am waiting to see what IBM thinks of all this, they are the open source gorilla and the largest player of the commercial open source market. Today their position is all but clear: they are defending the GPL in court against SCO and they also have two other OSI approved open source licenses, the Common Public License and IBM Public License. Therefore, they may lean toward GPL, the CDDL template or something completely home made but I truly believe they will weigh heavily on this debate.
At Linuxworld 2005, several industry executives including CA's CEO John Swainson called for a clean up of the open source license system.I am curious to hear where you stand on the open source licensing question. Do you see license proliferation as a problem, or does it serve a purpose? Have you experienced any frustrations either writing or complying with open-source software licenses? Do you think like me that IBM is in control in this debate?