> The only place we've this Corba 'linking' problem is with 3th party UI's, isn't it? There might be some other cases, but I think 3rd part UI's would be the most important. > > If we want people to be 100% free to build UI's we should go for LGPL. This means the DL should be LGPL, but the BL's than run on each machine could be GPL. ...it all depends on how you see the linking... with remote comunications, this becomes very blured. For instance, you can't ask that the user of a GPL'd ftp client only connects to GPL'd ftp servers... of that mozilla (which is GPL) only goes to sites that run apache. The same way, I don't think we can forbid non-free BL's that can be connected to the rest of the system (even if everything else is GPL'ed). > Piper UI -> Piper DL -> '3th party BL' -> PL > > What if this 3th party BL registers to our central coordination database, or what > if it screws > to authentication meganism? It can be done very easily if one were to recode some > core > parts of the BL. Like has happend to icq. Clones line gnomeicu 'parasite' upon > mirabilis. > gnapser this to Napster. etc. > > I whould therefore see we licence our communication formats (like the XML format, > corba API) very strict! > Something that would allow people to build UI's, link TO Piper (not link Piper INTO > some other app), and > 'hook' apps into the PL. I see much chaos wonce parts of piper are to be 'emulated' > by some 3th party. We cannot (and shouldn't) prevent 3rd party BL's. The only way to do that is through proprietary (patented) protocols and we don't want to do that. As for the authentication mecanism, it has to work for any (even hostile BL's). Napster had problems because it's assumed all its clients were the official clients. This kind of security is flawed, even more in OSS. If a 3rd party BL can screw up the authentication, then nothing prevents a cracker to modify your BL source to screw it up. This means that your BL is not secure. This is why we sould not try to prevent 3rd-party BL's (that's the whole point of open-source: someone can modify your work). However, if the BL links with the PL, then depending on the PL license, a closed-source BL may or may not be legal... but then they could provide their own PL and there'd be nothing we can do. Before we start going into license (in)compatibilities, let's start by deciding what kind of things we want to prevent. We know we don't want people to take our code and make it proprietary. That leaves us with GPL and LGPL. Now is there any kind of "linking" we want to prevent? If not, then we can almost LGPL everything. If not, we need to see what needs to be GPL and what needs to be LGPL. Jean-Marc -- Jean-Marc Valin Universite de Sherbrooke - Genie Electrique valj01 at gel.usherb.ca