[LWN Logo]

Bringing you the latest news from the Linux World.
Dedicated to keeping Linux users up-to-date, with concise news for all interests

 Main page
 Linux in the news
 Linux History
All in one big page

Other LWN stuff:
 Daily Updates
 Linux Stocks Page
 Book reviews
 Penguin Gallery

 Use LWN headlines
 Advertise here
 Contact us

Recent features:
- RMS Interview
- 2001 Timeline
- O'Reilly Open Source Conference
- OLS 2001
- GaŽl Duval
- Kernel Summit
- Singapore Linux Conference
- djbdns

Here is the permanent site for this page.

See also: last week's LWN.

Leading items and editorials

The Liberty Alliance launches. Back in July LWN (and many others) expressed concern about Microsoft's "HailStorm" scheme, which looked like it could concentrate control of user identity and authentication in one place. In our opinion, no single organization should have that degree of control over how people deal with each other on the net.

It has taken a while, but a credible alternative to HailStorm has just announced its existence. The Liberty Alliance is made up of an interesting and varied group of organizations. At one end of the spectrum, one sees groups like the Apache Software Foundation, CollabNet, and O'Reilly & Associates. Those groups can be trusted to work toward a set of protocols that preserve freedom and openness, but they lack the influence required to bring about the adoption of a new set of protocols by themselves.

So it is an encouraging sign that the Liberty Alliance also includes companies like the Bank of America, United Airlines, General Motors, Dun and Bradstreet, and many others. The members' claim that they "currently represent over a billion network identities" may be a bit of a stretch, but it is true that they have the commercial strength required to push a new standard. The presence of companies like Nokia and NTT DoCoMo makes it likely that standards from the Liberty Alliance will have an advantage in the mobile arena as well.

It is perhaps not surprising that the Alliance web pages carry a Sun Microsystems copyright.

Exactly what the Alliance will do remains somewhat vague at this stage. The web site lists these goals:

  • To allow individual consumers and businesses to maintain personal information securely.

  • To provide a universal open standard for single sign-on with decentralized authentication and open authorization from multiple providers.

  • To provide an open standard for network identity spanning all network devices.

These goals sound like a good start: enabling the next generation of network commerce while building in open standards and decentralized authentication. A lot of questions remain open, however. How will these standards be adopted - what is the decision making process? Will there be W3C-style problems with the inclusion of patented technology? What privacy safeguards will be built in? Who will be able to run an authentication service? Will the member companies show enough commitment that this endeavor will be more than a short-lived, Sun-led charge against Microsoft? And so on.

It is not surprising that a lot of questions are unanswered at this point; the Alliance is just getting started. The coming months will tell us whether this group is serious about security, decentralization, and openness, or whether it's just another power play in its own right. In the mean time, the Alliance is soliciting additional members; companies with an interest in the future of network commerce and freedom should consider signing up so that their voices can be heard.

Not-quite-free licenses: a bad thing? The free software community tends to see licenses in a very polarized way. Software is either free, or it is proprietary, and the discussion tends to end there. The truth is, however, that there are a number of in-between licenses that provide some, but not all, of the freedoms of licenses that meet the Open Source Definition. Such licenses include:

  • The Sun Community Source License,
  • The sort-of licenses that accompany Danial Bernstein's code (qmail, djbdns),
  • The ghostscript license,
  • The Open Motif License,

...and many more, including, even, perhaps, Microsoft's "shared source" license. Every one of these licenses makes source code available to licensees, but restricts the user's freedom in one way or another.

Restricted licenses of this variety tend to draw a great deal of criticism from the free software community. In fact, the reaction to a hybrid license can be far more harsh than the reaction to a purely proprietary, no-source license. The end result can only be a greater polarization of licenses: they either go fully free, or fully closed. Some members of the community seem to prefer that code remain closed rather than become half free. Does this result really benefit the community?

Certainly, much useful software has been developed and released under hybrid licenses. Consider Qt, ghostscript, qmail, bitkeeper, and so on. Modern distributions tend not to include xv, but it was a highly useful tool for many for a very long time. Even the Linux kernel was not completely free in its (very) early days. It would be difficult to argue that the community is not better off for the presence of that software.

Companies and individuals who release software under hybrid licenses are trying to strike a balance that works for them: somehow they would like to make money while providing (and enjoying) the benefits of making the source available. In an economy where pure open source companies are, for the most part, having a hard time surviving, some experiments with mixed licenses may well be called for.

Software licenses should, properly, meet the needs of both the producers and users of the code. Free software remains the best software, and, in many (if not most) situations, fully free licensing will be the best choice. But if the owner of some code decides that a not-quite-free license is needed, the community should give them the benefit of the doubt and refrain from excess criticism. As long as such software is not presented as being free, and does not violate the license of any other package, its existence harms nobody and could be beneficial to many. After all, if the license does not work for any individual user, they are not forced to run the code.

Red Hat acquires VA Linux consulting group. Red Hat has announced that it has picked up VA Linux System's open source consulting group. This group no longer has a place in VA's new view of its business, so it's good that they found a new place to land. They have, apparently, brought much of their business with them. A list of the people involved can be found in this Linux Journal article.

Next steps in W3C patent policy proposal. Here's an announcement from the W3C on how it will proceed with its patent policy. It includes the appointment of Bruce Perens and Eben Moglen to the patent policy board. There will be another public comment period before the policy is finalized, and more information will be shared with the public on this process.

In other words, this battle is far from over, but there are some good signs that things are going in the right direction. The W3C has heard the comments from the community, and is apparently taking them seriously. The situation bears watching, but it may just come to a happy ending.

On LWN's future.... not much to report, as yet. We have gotten much useful feedback from our readers on our mailing list; we still encourage others to drop in and let us know what you think. One way or another, we plan to continue to be here for our readers.

We have noticed a distinct increase in people pulling down the entire LWN site since last week. In many cases, those downloads are probably unnecessary; no matter what happens, the LWN archives are not going to disappear abruptly from the net. There is no need for massive copying of the LWN site to keep that information from going away, we promise.

Inside this LWN.net weekly edition:

  • Security: Aleph1 passes the Bugtraq baton, Microsoft against disclosure.
  • Kernel: News from the VM front; fun with module symbols.
  • Distributions: The Common Linux Installer Group; Progeny Debian is no more.
  • Development: Open Source BIOS Projects, MySQL 4.0, Samba 2.2.2, GNU Bayonne telephone system, new Mozilla and Galeon, Manta fast Java compiler.
  • Commerce: SafeDisc LT copy protection comes to Linux; Trolltech releases Qt 3.0; Navy to Test the Water With Open-Source Software.
  • History: Jonathan Postel dies; LinuxToday acquired by Internet.com; Sun released Open Office.
  • Letters: 2.5, ending the monopoly.
...plus the usual array of reports, updates, and announcements.

This Week's LWN was brought to you by:

October 18, 2001


Next: Security

Eklektix, Inc. Linux powered! Copyright © 2001 Eklektix, Inc., all rights reserved
Linux ® is a registered trademark of Linus Torvalds