Return-Path: <pete@petertodd.org>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
	[172.17.192.35])
	by mail.linuxfoundation.org (Postfix) with ESMTPS id A608087A
	for <bitcoin-dev@lists.linuxfoundation.org>;
	Fri, 14 Oct 2016 12:32:05 +0000 (UTC)
X-Greylist: from auto-whitelisted by SQLgrey-1.7.6
Received: from outmail149075.authsmtp.net (outmail149075.authsmtp.net
	[62.13.149.75])
	by smtp1.linuxfoundation.org (Postfix) with ESMTP id 1B1D8AA
	for <bitcoin-dev@lists.linuxfoundation.org>;
	Fri, 14 Oct 2016 12:32:03 +0000 (UTC)
Received: from mail-c232.authsmtp.com (mail-c232.authsmtp.com [62.13.128.232])
	by punt20.authsmtp.com (8.14.2/8.14.2/) with ESMTP id u9ECW2Po050036;
	Fri, 14 Oct 2016 13:32:02 +0100 (BST)
Received: from petertodd.org (ec2-52-5-185-120.compute-1.amazonaws.com
	[52.5.185.120]) (authenticated bits=0)
	by mail.authsmtp.com (8.14.2/8.14.2/) with ESMTP id u9ECVxx1021072
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO);
	Fri, 14 Oct 2016 13:32:00 +0100 (BST)
Received: from [127.0.0.1] (localhost [127.0.0.1])
	by petertodd.org (Postfix) with ESMTPSA id C930F4008D;
	Fri, 14 Oct 2016 12:27:51 +0000 (UTC)
Received: by localhost (Postfix, from userid 1000)
	id A524920732; Fri, 14 Oct 2016 08:31:57 -0400 (EDT)
Date: Fri, 14 Oct 2016 08:31:57 -0400
From: Peter Todd <pete@petertodd.org>
To: Daniel Robinson <danrobinson010@gmail.com>
Message-ID: <20161014123157.GB8499@fedora-21-dvm>
References: <CAKzdR-oaqUicPhCjfbyX92odVs9LOzvhUOY6nyd9K2RdC_9b_g@mail.gmail.com>
	<20161014105757.GA8049@fedora-21-dvm>
	<CAD438HswfYG6MZ_4cWVNgCL8HwKWhMs+JvhVUFCnDu0+Hu-D-g@mail.gmail.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;
	protocol="application/pgp-signature"; boundary="R3G7APHDIzY6R/pk"
Content-Disposition: inline
In-Reply-To: <CAD438HswfYG6MZ_4cWVNgCL8HwKWhMs+JvhVUFCnDu0+Hu-D-g@mail.gmail.com>
User-Agent: Mutt/1.5.23 (2014-03-12)
X-Server-Quench: 3468f53a-920a-11e6-829e-00151795d556
X-AuthReport-Spam: If SPAM / abuse - report it at:
	http://www.authsmtp.com/abuse
X-AuthRoute: OCd2Yg0TA1ZNQRgX IjsJECJaVQIpKltL GxAVKBZePFsRUQkR
	aQdMdwYUF1YAAgsB AmAbWldeU197WWM7 bghPaBtcak9QXgdq
	T0pMXVMcUQwdcnpJ Th8eUBhycAcIeXh0 ZUEsXXRdVBJ/dhdg
	S0xURHAHZDJmdWgd WRVFdwNVdQJNdxoR b1V5GhFYa3VsNCMk
	FAgyOXU9MCtqYAht ZkkMNhoURlpDGTg4 VlgEGilnEEsCWioz
	a1QsN0JUFlwQNEop eUYnV1UFNRMfBm8W FEZLDi5VKl8KSmI3
	CktwXFIVFzxbCTpH DwczSgBw
X-Authentic-SMTP: 61633532353630.1037:706
X-AuthFastPath: 0 (Was 255)
X-AuthSMTP-Origin: 52.5.185.120/25
X-AuthVirus-Status: No virus detected - but ensure you scan with your own
	anti-virus system.
X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_LOW
	autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	smtp1.linux-foundation.org
Cc: Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org>
Subject: Re: [bitcoin-dev] DPL is not only not enough,
 but brings unfounded confidence to Bitcoin users
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
	<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
	<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Fri, 14 Oct 2016 12:32:05 -0000


--R3G7APHDIzY6R/pk
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Fri, Oct 14, 2016 at 04:51:01AM -0700, Daniel Robinson wrote:
> >
> > Because if not, the DPL is still better than the status quo.
>=20
>=20
> Agreed. Also worth noting that it has a potential advantage over unilater=
al
> patent disarmament, analogous to the advantage of copyleft licenses over
> MIT/BSD: it provides an incentive (at least a theoretical one) for other
> companies to adopt it too.

Agreed. That's also one of the reasons (lesser) reasons why I didn't adopt a
patent pledge like blockstream has done. Though frankly the main reason is =
I'm
unlikely to be able to afford to get any patents anytime soon anyway, so it=
's
all symbolic and I'd rather spend as little as possible on lawyers. :) Also=
, my
standard contract that I use with clients prohibits me from getting patents=
 on
work I do (and imposes financial penalties on clients who in turn try to ap=
ply
for patents on work derived from mine).

> As many people have proposed, the best option, though one that would
> require a lot of work, might be a dedicated Bitcoin-related defensive
> patent pool=E2=80=94similar to Linux's Open Invention Network=E2=80=94tha=
t could
> strategically deploy patent licenses to incentivize cooperation and punish
> aggressors.

Agreed.

> Along those lines, it'd be reasonable to consider changing the Bitcoin
> > Core license to something like an Apache2/LGPL3 dual license to ensure =
the
> > copyright license also has anti-patent protections.
>=20
>=20
> I think Apache 2.0 would be a great license for Bitcoin Core. It not only
> contains an explicit patent license grant (rather than MIT's implicit one=
),
> but terminates that license if the licensee asserts a claim alleging that
> the covered work infringes a patent. That might be an effective deterrent
> against bringing patent claims based on alleged infringement in Bitcoin
> Core.

Indeed. For a codebase that is in large part both a reference implementation
and the very definition of the Bitcoin protocol, we do want a permissive
license to ensure that commercial users are able to use the Bitcoin protoco=
l.
However there is no reason to extend that permissivity to allowing others to
attempt to restrict others' rights to use the Bitcoin protocol via patents.

> (I'm not sure I see a good reason to dual-license under the LGPL3,
> but am curious to hear more.)

Ah, actually I think I misremembered: it'd be Apache2.0/LGPL_v2_ where a du=
al
license would make sense; Apache2.0 is compatibile with (L)GPL3:

    http://www.dwheeler.com/essays/floss-license-slide.html
    https://www.apache.org/licenses/GPL-compatibility

(L)GPLv2 doesn't have the patent protections that (L)GPLv3 does, so my
suggestion is wrong; Apache2.0 by itself is perfectly good.

> It would probably be feasible to upgrade to the Apache license for new
> releases and contributions (leaving already-existing code and previous
> releases under the MIT license=E2=80=94so basically a copyright "soft-for=
k"). Has
> this been discussed before? Are there any obstacles or objections?

Yup, that'd be perfectly possible to do. Basically new contributions would =
be
licensed under the new, MIT-compatible, licenses. I did that myself with
python-bitcoinlib, as part of the codebase was licensed MIT, and part LGPLv=
2 or
later; to comply with the latter I changed the license for all new work to
LGPLv3 or later. Interestingly, this has lead to the Bitcoin Core unit tests
using an older version of python-bitcoinlib; kudo's goes to Suhas Daftuar f=
or
dilligently respecting the new license.

--=20
https://petertodd.org 'peter'[:-1]@petertodd.org

--R3G7APHDIzY6R/pk
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature

-----BEGIN PGP SIGNATURE-----

iQEcBAEBCAAGBQJYANA6AAoJEGOZARBE6K+yLo4H/2YtorAcnmfFi2hCX6u5vOt9
5DSXICCs8PkCnDxEC/uOuECGMlqI8C3ONw9nrcKgBbpaj2Q6/h3beixJWGTqkf2a
B1mfXO0kzDG64uRlnsBqZyGGK28BBJNiV+akoBl3ukWibHOL4OmfDRmiim6yeH/E
zjWZmMn8k5lAdQ0p4KnYNnbhwprTuHvvYXo2Pj5GUuXzB2Vr3npcs7yi9Rk7Uoxn
zgbPIhfq4w/hzJhdeP6LOKUlKI8GEDc6ZoKtbqTq7DDgyK1GiKigICqKePFeHZkg
RpqYEQ7UUc9w9x4+dcgnrOKc1wyeI/j5zM5jCZ6NuaPCS7mTRsuRUGlbHgmRanw=
=TIgi
-----END PGP SIGNATURE-----

--R3G7APHDIzY6R/pk--