[tz] re SPDX, I'll do the work, if you'll use the tag

Mark Atwood mark.atwood at gmail.com
Mon Jun 29 18:51:06 UTC 2020


I was tagged in to this list because of the discussion about SPDX license tagging.

I sit on the SPDX committee (which doesn't mean much, it's similar to an IETF WG, in that anyone who joins the list, joins the calls, and then does needed work is "on the committee").

It may be useful to have an SPDX tag for the TZ database data files.

The SPDX makes nearly zero legal assessment about a license.  Applying an SPDX tag to an existing project is intended to document reality in a machine readable way, it is not intended to change reality.   Having an SPDX tag is mostly for the benefit of systems and companies who are trying to be scrupulously correct when complying with open source licenses.  When the SPDX evaluates a license, the things looked for are "does/will it have real users?", "does it have a stable enough text that the matching tools can correctly identify it?", and "is it for content intended for mostly uncontrolled distribution?".  We very much do not get into all the arguments about "is this well defined in europe", "is this a license or a public domain declaration", "is copyright even appropriate", "copyleft is theft", etc etc etc.  We don't practice law, and we don't want to dictate policy, we just id licenses for people who just want to know they are doing the right thing when using your files, and make suggestions for projects that want to write a policy about it.

Looking at the TZ database history, it has a very long history with lots of contributors, its mostly just a collection of facts, it appears to be a public domain declaration, that started out kind of adhoc.   Using one of the existing PD declarations in the SPDX database would not be appropriate, because of the need to get the past contributors to assent, lots of work for no value.  What does make sense is creating a new tag, something like "TZ-PD".   Then you can start putting "# SDPX-License-Identifier: TZ-PD" in your database text source file, and make life easier for a bunch of people who just want to do the right thing with your data.

To repeat, adding that SPDX license tag of a new identifer to id an existing stable in the field declaration, like this, does not change any legal obligations or expose anyone to any new legal risks.  It's just a machine readable way of saying what's already been said about the copyright status of the TZ database. 

So, I'm willing to volunteer to do that lift for the TZ community, if you are willing to use the resulting id tag.

What say you?

..m

Mark Atwood <mark.atwood at gmail.com>
https://keybase.io/fallenpegasus
+1-206-604-2198


More information about the tz mailing list