• GPL2 + required to have the place to get the recent version

    From Samuel Henrique@21:1/5 to All on Wed Nov 13 00:40:02 2019
    Hello legal,

    So I stumbled upon this rather interesting case of a software licensed by
    GPL2 but with an extra "clause" to it:
    "
    # If you enclose this script or parts of it in your software, it has to
    # be accompanied by the same license (see link) and the place where to get
    # the recent version of this program. Do not violate the license and if
    # you do not agree to all of these terms, do not use it in the first place.
    " https://github.com/drwetter/testssl.sh/blob/3b89dc6b0a41299fbf462789998e4c103f4f0210/testssl.sh#L19-L22

    The release notes for 3.0. r5 also mentions:
    "
    This program is licensed under GPL-2. Please note also that if you're using
    the program for a paid or free public service you need mention where you
    got this program from.
    "

    It seems that the author is trying to prevent people from setting up
    webpages using this
    software as a backend without crediting it. It seems like a reasonable
    think to ask for.

    My question is regarding DFSG compliance around this, I believe there is nothing wrong with
    it, but the fact that upstream expose is as GPL-2 seems a little
    misleading, as it's not plain GPL-2 and I think we should change something
    in d/copyright to address this.

    Are you aware of other software that are in a similar situation? I would
    like to see what
    d/copyright looks like. For this case the package was accepted by
    ftp-master with a
    d/copyright that states it as GPL-2.

    Regards,

    --
    Samuel Henrique <samueloph>

    <div dir="ltr"><div>Hello legal,<br><br></div><div>So I stumbled upon this rather interesting case of a software licensed by</div><div>GPL2 but with an extra &quot;clause&quot; to it:<br>&quot;<br><table class="gmail-highlight gmail-tab-size gmail-js-
    file-line-container"><tbody><tr><td id="gmail-LC19" class="gmail-blob-code gmail-blob-code-inner gmail-js-file-line gmail-highlighted"><span class="gmail-pl-c"><span class="gmail-pl-c">#</span> If you enclose this script or parts of it in your software,
    it has to</span></td>
    </tr>
    <tr>
    </tr></tbody></table><table class="gmail-highlight gmail-tab-size gmail-js-file-line-container"><tbody><tr><td id="gmail-LC20" class="gmail-blob-code gmail-blob-code-inner gmail-js-file-line gmail-highlighted"><span class="gmail-pl-c"><span class=
    "gmail-pl-c">#</span> be accompanied by the same license (see link) and the place where to get</span></td>
    </tr>
    <tr>
    </tr></tbody></table><table class="gmail-highlight gmail-tab-size gmail-js-file-line-container"><tbody><tr><td id="gmail-LC21" class="gmail-blob-code gmail-blob-code-inner gmail-js-file-line gmail-highlighted"><span class="gmail-pl-c"><span class=
    "gmail-pl-c">#</span> the recent version of this program. Do not violate the license and if</span></td>
    </tr>
    <tr>
    </tr></tbody></table><span class="gmail-pl-c"><span class="gmail-pl-c">#</span> you do not agree to all of these terms, do not use it in the first place.<br>&quot;<br><a href="https://github.com/drwetter/testssl.sh/blob/
    3b89dc6b0a41299fbf462789998e4c103f4f0210/testssl.sh#L19-L22">https://github.com/drwetter/testssl.sh/blob/3b89dc6b0a41299fbf462789998e4c103f4f0210/testssl.sh#L19-L22</a><br><br></span></div><div><span class="gmail-pl-c">The release notes for 3.0. r5 also
    mentions:<br>&quot;</span></div><div><span class="gmail-pl-c">This program is licensed under GPL-2. Please note also that if you&#39;re
    using the program for a paid or free public service you need mention
    where you got this program from.</span></div><div><span class="gmail-pl-c">&quot;<br></span></div><div><span class="gmail-pl-c"><br></span></div><div><span class="gmail-pl-c">It seems that the author is trying to prevent people from setting up webpages
    using this</span></div><div><span class="gmail-pl-c">software as a backend without crediting it. It seems like a reasonable think to ask for.<br><br></span></div><div><span class="gmail-pl-c">My question is regarding DFSG compliance around this, I
    believe there is nothing wrong with<br></span></div><div><span class="gmail-pl-c">it, but the fact that upstream expose is as GPL-2 seems a little misleading, as it&#39;s not plain GPL-2 and I think we should change something in d/copyright to address
    this.<br><br></span></div><div><span class="gmail-pl-c">Are you aware of other software that are in a similar situation? I would like to see what<br></span></div><div><span class="gmail-pl-c">d/copyright looks like. For this case the package was accepted
    by ftp-master with a</span></div><div><span class="gmail-pl-c">d/copyright that states it as GPL-2.<br></span></div><div><div><div><br></div><div>Regards,<br><br></div><div>-- <br><div dir="ltr" class="gmail_signature" data-smartmail="gmail_signature"><
    div dir="ltr"><span><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><span style="font-family:verdana,sans-serif"><span style="color:rgb(102,102,102)">Samuel Henrique &lt;samueloph&gt;</span></span></div></div></div></div></div></div></span></
    </div></div></div></div></div>

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Daniel Hakimi@21:1/5 to All on Wed Nov 13 01:30:01 2019
    So, technically, he can't actually add restrictions to the license after
    he's license them, and if these are taken to not be part of the license,
    you'd be safe to just follow the license as usual.

    But if this informal text *is* taken to reflect the intent of the parties,
    then it might kind of reflect on how the license is meant to be followed,
    which isn't great. It's not only inconsistent with the spirit of the GPL,
    but also the language, as it talks about "use," seems to require a direct
    link to "the recent version..." A lot of companies have been offering alternative interpretations of the GPL, and theoretically if those interpretations are taken as evidence of the intent of the parties, they
    might affect the contract. Or they might be seen as parol evidence, IE not relevant to the contract, but it's hard to say. So I wouldn't advise
    risking it...

    But the text is informal and the party seems to not really understand the license to begin with (again, he's talking about "use," that's not really
    even relevant to copyright law), so he might not really mean anything by
    it. I would not assume ill intent. It might be worthwhile to informally
    reach out to this community and help develop language that just clarifies
    what the GPL already says, instead of conflicting with it. The community
    might appreciate that. Worst case, they get angry and defensive, and
    attempt to move to a different (presumably proprietary) license, in which
    case, you learned the easy way that they don't play nice. Don't learn the
    hard way.

    Regards,

    Daniel J. Hakimi
    B.S. Philosophy, RPI 2012
    B.S. Computer Science, RPI 2012
    J.D. Cardozo Law 2015


    On Tue, Nov 12, 2019 at 6:36 PM Samuel Henrique <samueloph@debian.org>
    wrote:

    Hello legal,

    So I stumbled upon this rather interesting case of a software licensed by GPL2 but with an extra "clause" to it:
    "
    # If you enclose this script or parts of it in your software, it has to
    # be accompanied by the same license (see link) and the place where to get
    # the recent version of this program. Do not violate the license and if
    # you do not agree to all of these terms, do not use it in the first
    place.
    "

    https://github.com/drwetter/testssl.sh/blob/3b89dc6b0a41299fbf462789998e4c103f4f0210/testssl.sh#L19-L22

    The release notes for 3.0. r5 also mentions:
    "
    This program is licensed under GPL-2. Please note also that if you're
    using the program for a paid or free public service you need mention where you got this program from.
    "

    It seems that the author is trying to prevent people from setting up
    webpages using this
    software as a backend without crediting it. It seems like a reasonable
    think to ask for.

    My question is regarding DFSG compliance around this, I believe there is nothing wrong with
    it, but the fact that upstream expose is as GPL-2 seems a little
    misleading, as it's not plain GPL-2 and I think we should change something
    in d/copyright to address this.

    Are you aware of other software that are in a similar situation? I would
    like to see what
    d/copyright looks like. For this case the package was accepted by
    ftp-master with a
    d/copyright that states it as GPL-2.

    Regards,

    --
    Samuel Henrique <samueloph>


    <div dir="ltr">So, technically, he can&#39;t actually add restrictions to the license after he&#39;s license them, and if these are taken to not be part of the license, you&#39;d be safe to just follow the license as usual.<div><br></div><div>But if this
    informal text <i>is</i> taken to reflect the intent of the parties, then it might kind of reflect on how the license is meant to be followed, which isn&#39;t great. It&#39;s not only inconsistent with the spirit of the GPL, but also the language, as it
    talks about &quot;use,&quot; seems to require a direct link to &quot;the recent version...&quot; A lot of companies have been offering alternative interpretations of the GPL, and theoretically if those interpretations are taken as evidence of the intent
    of the parties, they might affect the contract. Or they might be seen as parol evidence, IE not relevant to the contract, but it&#39;s hard to say. So I wouldn&#39;t advise risking it...</div><div><br></div><div>But the text is informal and the party
    seems to not really understand the license to begin with (again, he&#39;s talking about &quot;use,&quot; that&#39;s not really even relevant to copyright law), so he might not really mean anything by it. I would not assume ill intent. It might be
    worthwhile to informally reach out to this community and help develop language that just clarifies what the GPL already says, instead of conflicting with it. The community might appreciate that. Worst case, they get angry and defensive, and attempt to
    move to a different (presumably proprietary) license, in which case, you learned the easy way that they don&#39;t play nice. Don&#39;t learn the hard way.</div><div><br></div><div>Regards,<br clear="all"><div><div dir="ltr" class="gmail_signature" data-
    smartmail="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><div><br></div><div>Daniel J. Hakimi</div><div>B.S. Philosophy, RPI 2012</div><div>B.S. Computer Science, RPI 2012</div><div>J.D. Cardozo Law 2015</div></div></div></div></div></div></
    <br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Tue, Nov 12, 2019 at 6:36 PM Samuel Henrique &lt;<a href="mailto:samueloph@debian.org">samueloph@debian.org</a>&gt; wrote:<br></div><blockquote class="gmail_quote"
    style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div>Hello legal,<br><br></div><div>So I stumbled upon this rather interesting case of a software licensed by</div><div>GPL2 but with an extra &quot;
    clause&quot; to it:<br>&quot;<br><table><tbody><tr><td id="gmail-m_5357585291066193283gmail-LC19"><span><span>#</span> If you enclose this script or parts of it in your software, it has to</span></td>
    </tr>
    <tr>
    </tr></tbody></table><table><tbody><tr><td id="gmail-m_5357585291066193283gmail-LC20"><span><span>#</span> be accompanied by the same license (see link) and the place where to get</span></td>
    </tr>
    <tr>
    </tr></tbody></table><table><tbody><tr><td id="gmail-m_5357585291066193283gmail-LC21"><span><span>#</span> the recent version of this program. Do not violate the license and if</span></td>
    </tr>
    <tr>
    </tr></tbody></table><span><span>#</span> you do not agree to all of these terms, do not use it in the first place.<br>&quot;<br><a href="https://github.com/drwetter/testssl.sh/blob/3b89dc6b0a41299fbf462789998e4c103f4f0210/testssl.sh#L19-L22"
    target="_blank">https://github.com/drwetter/testssl.sh/blob/3b89dc6b0a41299fbf462789998e4c103f4f0210/testssl.sh#L19-L22</a><br><br></span></div><div><span>The release notes for 3.0. r5 also mentions:<br>&quot;</span></div><div><span>This program is
    licensed under GPL-2. Please note also that if you&#39;re
    using the program for a paid or free public service you need mention
    where you got this program from.</span></div><div><span>&quot;<br></span></div><div><span><br></span></div><div><span>It seems that the author is trying to prevent people from setting up webpages using this</span></div><div><span>software as a backend
    without crediting it. It seems like a reasonable think to ask for.<br><br></span></div><div><span>My question is regarding DFSG compliance around this, I believe there is nothing wrong with<br></span></div><div><span>it, but the fact that upstream expose
    is as GPL-2 seems a little misleading, as it&#39;s not plain GPL-2 and I think we should change something in d/copyright to address this.<br><br></span></div><div><span>Are you aware of other software that are in a similar situation? I would like to see
    what<br></span></div><div><span>d/copyright looks like. For this case the package was accepted by ftp-master with a</span></div><div><span>d/copyright that states it as GPL-2.<br></span></div><div><div><div><br></div><div>Regards,<br><br></div><div>-- <
    <div dir="ltr"><div dir="ltr"><span><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><span style="font-family:verdana,sans-serif"><span style="color:rgb(102,102,102)">Samuel Henrique &lt;samueloph&gt;</span></span></div></div></div></div></
    </div></span></div></div></div></div></div></div>
    </blockquote></div>

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Daniel Hakimi@21:1/5 to gio@debian.org on Wed Nov 13 14:20:01 2019
    But even the AGPL does not restrict *use*. The text seems generally
    uninformed to me, and I wouldn't assume much of anything, especially not
    when I could communicate with the people who wrote it instead.

    On Wed, Nov 13, 2019, 06:20 Giovanni Mascellani <gio@debian.org> wrote:

    Il 13/11/19 01:03, Daniel Hakimi ha scritto:
    But the text is informal and the party seems to not really understand
    the license to begin with (again, he's talking about "use," that's not really even relevant to copyright law), so he might not really mean anything by it. I would not assume ill intent. It might be worthwhile to informally reach out to this community and help develop language that
    just clarifies what the GPL already says, instead of conflicting with
    it. The community might appreciate that. Worst case, they get angry and defensive, and attempt to move to a different (presumably proprietary) license, in which case, you learned the easy way that they don't play
    nice. Don't learn the hard way.

    The second clause the original email mentions seems to be a request in
    the direction of the AGPL license. If they really want to impose code publication when the software is used to offer a remote service, maybe
    they should consider AGPL instead of home-made notices. But maybe they
    are not aware of it. If they opt for this way, I don't think that AGPL
    has DFSG problems.

    Giovanni.
    --
    Giovanni Mascellani <g.mascellani@gmail.com>
    Postdoc researcher - Université Libre de Bruxelles



    <div dir="auto">But even the AGPL does not restrict *use*. The text seems generally uninformed to me, and I wouldn&#39;t assume much of anything, especially not when I could communicate with the people who wrote it instead.</div><br><div class="gmail_
    quote"><div dir="ltr" class="gmail_attr">On Wed, Nov 13, 2019, 06:20 Giovanni Mascellani &lt;<a href="mailto:gio@debian.org">gio@debian.org</a>&gt; wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;
    padding-left:1ex">Il 13/11/19 01:03, Daniel Hakimi ha scritto:<br>
    &gt; But the text is informal and the party seems to not really understand<br> &gt; the license to begin with (again, he&#39;s talking about &quot;use,&quot; that&#39;s not<br>
    &gt; really even relevant to copyright law), so he might not really mean<br> &gt; anything by it. I would not assume ill intent. It might be worthwhile to<br>
    &gt; informally reach out to this community and help develop language that<br> &gt; just clarifies what the GPL already says, instead of conflicting with<br> &gt; it. The community might appreciate that. Worst case, they get angry and<br>
    &gt; defensive, and attempt to move to a different (presumably proprietary)<br> &gt; license, in which case, you learned the easy way that they don&#39;t play<br>
    &gt; nice. Don&#39;t learn the hard way.<br>

    The second clause the original email mentions seems to be a request in<br>
    the direction of the AGPL license. If they really want to impose code<br> publication when the software is used to offer a remote service, maybe<br>
    they should consider AGPL instead of home-made notices. But maybe they<br>
    are not aware of it. If they opt for this way, I don&#39;t think that AGPL<br> has DFSG problems.<br>

    Giovanni.<br>
    -- <br>
    Giovanni Mascellani &lt;<a href="mailto:g.mascellani@gmail.com" target="_blank" rel="noreferrer">g.mascellani@gmail.com</a>&gt;<br>
    Postdoc researcher - Université Libre de Bruxelles<br>

    </blockquote></div>

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Francesco Poli@21:1/5 to All on Wed Nov 13 23:20:01 2019
    On Wed, 13 Nov 2019 08:00:04 -0500 Daniel Hakimi wrote:

    But even the AGPL does not restrict *use*.
    [...]

    I personally think the GNU AfferoGPL v3 *does* restrict use.

    That's one of the main [reasons] why I think the AfferoGPL does *not*
    meet the DFSG. The Debian FTP Masters don't agree with me,
    unfortunately, but I still believe AfferoGPL-licensed works should not
    have entered (or continue entering) Debian main...

    [reasons]: <https://lists.debian.org/debian-legal/2007/11/msg00233.html>


    --
    http://www.inventati.org/frx/
    There's not a second to spare! To the laboratory! ..................................................... Francesco Poli .
    GnuPG key fpr == CA01 1147 9CD2 EFDF FB82 3925 3E1C 27E1 1F69 BFFE

    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEEygERR5zS79/7gjklPhwn4R9pv/4FAl3Mf00ACgkQPhwn4R9p v/4GdA//YNErWUYtpttGCChN2AOnJ+O37g7ohWYVfgSnvKDLYq0NqpiuBk+qmAaV 40tt8cnnsJH0yYHQYT9wPNr6KibcG67fD8VqwPiuKsHXFBiks17cokZoq91P0gpU r4JbGTrHjmYXT1eUYj0SPNoHj0qc3KZfdEK0xmpkrEKKHyUlsu48MLH4x61cv9Io CF8gHMbqg8ig9etwdVqRKp/jfyy5cEUpPCxB1++jWFOAxC6JopjUoyFKz+fWk1My D6CUVP32r+iIi7nU+HRI8EWZJev4xnE0QMlAzyWeOxjzxTWwrq7GqZe+eIFHRdWZ GtedQWN4CT557ar/1mwgqw0ny6VrjeUjeGnsQXP3T9agHI/Fs1VmWWJy6H9bdkvf IIxlFABvi7EFfWxf/IQTdp88gAQMvNap3XVwAIPIkYFQ4e6w3pocVMYkbWO5ySxh k3xbj1WgFXoqcvkWiidbVFA2SPKOz/n01qDLAbW0kPTMQydO22Ck+CWyoUFg6fhj 7ezaPSbrzTCaPvYpySOP3H5XXmcTL5cseBD5y7rvUwhI5nPDoPwU1F1Kuv4WskQq YBZqRsTwND4bbWzzJx1CZcNxAlwjz5ejYsLonz+ZbbVTb1DTdZoIxDHYPCFUMzXy Yzd2IGpEELPVOPO3YaBtWTCMyTLEgsgp
  • From Daniel Hakimi@21:1/5 to All on Wed Nov 13 23:40:01 2019
    I mean, that's not entirely relevant in the context of this discussion.
    That file tells users not to use the software if they don't agree to the license, but section 9 of both the GPL and AGPL 3.0 say that a license is
    not required to receive and run a copy of the program, and copyright does
    not limit use in the first place. Actually, even the SSPL contains that
    clause. So the text in question is unambiguously inconsistent with all of
    those licenses.

    The debate over whether the limitations on using AGPL or SSPL software in a SaaS product in certain ways without making your own source available meet various free software definitions is not really relevant to the discussion
    of this particular text.

    On Wed, Nov 13, 2019, 17:11 Francesco Poli <invernomuto@paranoici.org>
    wrote:

    On Wed, 13 Nov 2019 08:00:04 -0500 Daniel Hakimi wrote:

    But even the AGPL does not restrict *use*.
    [...]

    I personally think the GNU AfferoGPL v3 *does* restrict use.

    That's one of the main [reasons] why I think the AfferoGPL does *not*
    meet the DFSG. The Debian FTP Masters don't agree with me,
    unfortunately, but I still believe AfferoGPL-licensed works should not
    have entered (or continue entering) Debian main...

    [reasons]: <https://lists.debian.org/debian-legal/2007/11/msg00233.html>


    --
    http://www.inventati.org/frx/
    There's not a second to spare! To the laboratory! ..................................................... Francesco Poli .
    GnuPG key fpr == CA01 1147 9CD2 EFDF FB82 3925 3E1C 27E1 1F69 BFFE


    <div dir="auto">I mean, that&#39;s not entirely relevant in the context of this discussion. That file tells users not to use the software if they don&#39;t agree to the license, but section 9 of both the GPL and AGPL 3.0 say that a license is not
    required to receive and run a copy of the program, and copyright does not limit use in the first place. Actually, even the SSPL contains that clause. So the text in question is unambiguously inconsistent with all of those licenses.<div dir="auto"><br></
    <div dir="auto">The debate over whether the limitations on using AGPL or SSPL software in a SaaS product in certain ways without making your own source available meet various free software definitions is not really relevant to the discussion of this
    particular text.</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Wed, Nov 13, 2019, 17:11 Francesco Poli &lt;<a href="mailto:invernomuto@paranoici.org">invernomuto@paranoici.org</a>&gt; wrote:<br></div><blockquote class="
    gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">On Wed, 13 Nov 2019 08:00:04 -0500 Daniel Hakimi wrote:<br>

    &gt; But even the AGPL does not restrict *use*.<br>
    [...]<br>

    I personally think the GNU AfferoGPL v3 *does* restrict use.<br>

    That&#39;s one of the main [reasons] why I think the AfferoGPL does *not*<br> meet the DFSG. The Debian FTP Masters don&#39;t agree with me,<br> unfortunately, but I still believe AfferoGPL-licensed works should not<br>
    have entered (or continue entering) Debian main...<br>

    [reasons]: &lt;<a href="https://lists.debian.org/debian-legal/2007/11/msg00233.html" rel="noreferrer noreferrer" target="_blank">https://lists.debian.org/debian-legal/2007/11/msg00233.html</a>&gt;<br>


    -- <br>
     <a href="http://www.inventati.org/frx/" rel="noreferrer noreferrer" target="_blank">http://www.inventati.org/frx/</a><br>
     There&#39;s not a second to spare! To the laboratory!<br> ..................................................... Francesco Poli .<br>  GnuPG key fpr == CA01 1147 9CD2 EFDF FB82  3925 3E1C 27E1 1F69 BFFE<br> </blockquote></div>

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Gunnar Wolf@21:1/5 to All on Fri Nov 15 02:00:02 2019
    Samuel Henrique dijo [Tue, Nov 12, 2019 at 11:35:12PM +0000]:
    Hello legal,

    So I stumbled upon this rather interesting case of a software licensed by GPL2 but with an extra "clause" to it:
    "
    # If you enclose this script or parts of it in your software, it has to
    # be accompanied by the same license (see link) and the place where to get
    # the recent version of this program. Do not violate the license and if
    # you do not agree to all of these terms, do not use it in the first place.
    " https://github.com/drwetter/testssl.sh/blob/3b89dc6b0a41299fbf462789998e4c103f4f0210/testssl.sh#L19-L22
    (...)
    My question is regarding DFSG compliance around this, I believe there is nothing wrong with
    it, but the fact that upstream expose is as GPL-2 seems a little
    misleading, as it's not plain GPL-2 and I think we should change something
    in d/copyright to address this.

    I'm leaving aside the question that has been picked up, regarding
    whether this can be made under the GPLv2, or whether this is a
    "requirement" or a "polite request"...

    The requirement itself seems very similar to the "advertising clause"
    in the four-clause BSD license:

    https://lists.debian.org/debian-legal/2004/05/msg00753.html
    https://lists.debian.org/debian-legal/2004/04/msg00325.html
    https://www.gnu.org/licenses/bsd.html

    At that point, 4-clause BSD licenses were judged non-DFSG-free.

    Greetings,

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Ian Jackson@21:1/5 to Gunnar Wolf on Wed Nov 20 16:20:02 2019
    Gunnar Wolf writes ("Re: GPL2 + required to have the place to get the recent version"):
    I'm leaving aside the question that has been picked up, regarding
    whether this can be made under the GPLv2, or whether this is a
    "requirement" or a "polite request"...

    The requirement itself seems very similar to the "advertising clause"
    in the four-clause BSD license:

    https://lists.debian.org/debian-legal/2004/05/msg00753.html
    https://lists.debian.org/debian-legal/2004/04/msg00325.html
    https://www.gnu.org/licenses/bsd.html

    At that point, 4-clause BSD licenses were judged non-DFSG-free.

    The 4-BSD advertising clause is worse than this requirement because:

    * Instead of just saying where you got the program or where to get
    recent versions, with 4-BSD you have to name all the contributors.
    The list of contributors can be very long.

    * Instead of just requiring the notice to "accompany" the software,
    ie copies of the software have to have this additional notice, the
    4-BSD requirement applies much more widely including to
    advertising, blog postings, whatever.

    I think the requirement at issue here is inoffensive, at least if we
    read the legal text above.

    But I don't understand why the authors consider it useful. The GPL2
    requires you to give a lot of information about the original software.
    It's not clear how much extra simply a link to the upstream helps.

    However...

    Samuel Henrique <samueloph@debian.org>:
    The release notes for 3.0. r5 also mentions:

    This program is licensed under GPL-2. Please note also that if
    you're using the program for a paid or free public service you need
    mention where you got this program from.

    This suggests that the authors of this clause do not understand the
    effect of their own legal wording. My reading of the legal wording
    does not affect use. So it does not do what the release notes say.

    To the original authors I would recommend AGPL3+.

    If they don't want that then I think even if a clause could be drafted
    which would have the effect they want (presumably, that described in
    the release notes) it wouldn't be worth the licence incompatibility.

    So if they don't want AGPL3+ they should probably use GPL2+.

    I would recommend to them GPL2+ rather than GPL-v2-only for two
    reasons:
    - It makes it possible to upgrade the licence piecemeal to AGPL3+
    later, because AGPL3+ and GPL2+ code can be mixed;
    - GPL2's termination-for-fault clause is well known to be draconian.

    Both GPL2+ and AGPL3+ are better choices than a custom clause because
    they provide much better compatibility.

    Ian.

    --
    Ian Jackson <ijackson@chiark.greenend.org.uk> These opinions are my own.

    If I emailed you from an address @fyvzl.net or @evade.org.uk, that is
    a private address which bypasses my fierce spamfilter.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)