Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Address Licensing/ToS #96

Closed
4 tasks
brian-comply0 opened this issue May 21, 2024 · 3 comments
Closed
4 tasks

Address Licensing/ToS #96

brian-comply0 opened this issue May 21, 2024 · 3 comments
Assignees
@brian-comply0

Comments

@brian-comply0
Copy link
Contributor

brian-comply0 commented May 21, 2024
edited
Loading

Description

As an adopter of the OSCAL REST OpenAPI Specification I need some assurance that this specification will remain open sourced following my adoption of it, so that I can invest in creating an implementation without losing the right to continue using the standard in the future.

Acceptance Criteria

  • An appropriate license has been selected.
  • Terms of Service has been discussed
  • The OpenAPI specification file includes license information in the info section
  • If a ToS is needed, the OpenAPI specification file includes TOS information in the info section

Additional Notes

The following key considerations should also be addressed:

  • we need to assure adopters that the spec will remain free and open after they invest time/resources in adopting (perpetual?)
  • adopters should have to follow the spec strictly to claim compliance (not typically covered in licensing terms, but would be great if we found a way to ensure this)
  • orgs who modify the spec on their own shouldn't be able to claim its a new version of the spec (companies should be able to create a variation that gives them a competitive advantage, and then push it on others)
  • adopters shouldn't have to worry about copyright attribution
@brian-comply0 brian-comply0 changed the title Address Licensing Address Licensing/ToS May 21, 2024
@brian-comply0
Copy link
Contributor Author

This is the syntax for ToS and license information is:

- info
  - termsOfService: https://example.com/terms/
  - contact:
    - name: API Support
    - url: https://www.example.com/support
    - email: [email protected]
  - license:
    - name: Apache 2.0
    - url: https://www.apache.org/licenses/LICENSE-2.0.html

@brian-comply0 brian-comply0 mentioned this issue May 23, 2024
Closed
7 tasks
@brian-comply0 brian-comply0 self-assigned this May 23, 2024
@brian-comply0
Copy link
Contributor Author

Note, this repository already shows it is covered under the Creative Commons license https://github.com/EasyDynamics/oscal-rest/blob/develop/LICENSE.

For now, I have updated the OpenAPI spec to include this statement and the above link. We should still revisit this with our lawyers at an appropriate time.

For now, I think it is important for anyone electing to adopt the specification that they can do so without fear of losing the rights to use it later.

@brian-comply0 brian-comply0 mentioned this issue Jun 3, 2024
Merged
brian-comply0 added a commit that referenced this issue Jun 3, 2024
@brian-comply0
Final cleanup (#99)
a9d5091 
Replaces the YAML version of the spec with a JSON version, which is
updated to resolve:
- #96 
- #97 
- #98
@brian-comply0
Copy link
Contributor Author

Addressed in PR #99

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@brian-comply0 brian-comply0

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@brian-comply0