Will the Spurned CDDL Come Back Stronger?

Share via Twitter Share via Facebook Share via Linkedin Share via Reddit

Sometime subsequent to the creation and approval of Sun’s MPL derivative CDDL license in early ’05, I happened to be speaking with a newly launched commercial open source vendor. Their choice of license? A customized MPL, which essentially amounted to a string substition – Mozilla out, their name in – with a couple of other relatively trivial (to me) modifications. This choice was not exactly uncommon. Many vendors are concerned by the GPL’s reciprocal provisions, but equally alarmed at the lack of restrictions with BSD style licenses, and therefore default to MPL variants as a compromise position.

Being relatively familiar with the CDDL, more specifically its aim to remedy what in Sun’s opinion (but not some others) were some minor issues with the MPL such as choice of venue, I asked whether or not said vendor had considered Sun’s new license instead of a customized MPL. Their answer was interesting, and not terribly surprising considering the context. Paraphrasing from my notes, the answer was something like:

We did indeed, and it’s a nice license that all things being equal we’d probably use, but we’re concerned that open source perceptions of Sun will bleed onto us, and that constituted an unacceptable risk. Hence our choice.

Fast forward to today, where Sun’s most visible and popular software asset has been open sourced under the same license as Linux and MySQL, and what’s changed? A great deal. A one time open source pariah, despite rather substantial donations to the cause, Sun’s GPLing of Java led free software luminary Richard Stallman to credit them with the most contributions to open source software. The more things change, the more they change.

We’ll leave full analysis for the community impacts for another time, not least because we won’t know what they’ll be for some time yet. But I am curious about one potential implication of this decision: could the CDDL become more popular? Could, paradoxically, Sun’s rejection of the CDDL for Java project be the best thing that ever happened for the license? It seems counterintuitive, but consider that the biggest obstacle to CDDL adoption – negative impressions of Sun – are in serious decline following the release of Java.

Sun’s Simon Phipps anticipates this, saying:

It was a good thing in its day, but it was one of many licenses created from the Mozilla license out of necessity and now we have CDDL it’s not needed – that license has provided the whole community with a long-term alternative to “vanity” licenses. I’d encourage the (many) other creators of Mozilla-derived licenses to take the same step. We owe it to our colleagues in the open source community to keep things simple.

Will it? For existing projects, there are lots of obstacles: relicensing is an arduous, thankless task. But it’s possible if the CDDL picks up speed. For newer projects, I am curious to see if the CDDL has indeed become a more viable option.

If I were Sun, I’d be talking to Mozilla and the OSI to consider converging the licenses. If license proliferation is the threat that everybody but me seems to think it is, it’d be logical to try and coalesce and consolidate the Mozilla family licenses. And while they’re at it, maybe those newly GPL friendly organizations can work with the FSF and resolve the GPL incompatibility issues so that tri-licensing is no longer necessary.

I know, I’m dreaming (but not necessarily because of Solaris’s CDDL license). And as long as I am, maybe I should ask for an AC Cobra (world peace being too cliche, don’t you know). But as some of the cold war politics around licensing thaw, it would be nice to have licenses that had both clear distinctions with respect to each other and the ability to integrate more effectively.

Disclaimer: Sorry, forgot the disclaimer – Sun is a RedMonk client.


  1. I think it’s dangerous to lump ‘open source’ licenses together. I think there are fundamental differences in how you license a platform (say Linux) that others are going to build on and need the security of knowing it will always be free (as in speech).

    Same applies in a sense to commodity middleware like Apache. You have to make sure the license fits the goal. I think the GPL license ties very well to “platforms” especially when you have competing vendors collaborating (let’s face it they don’t trust each other easily…recent news is example) — whereas something MPL based ties better to situations where one corp entity basically controls everything and some outside contributors may help but don’t say drive the architecture.

    Which gets me to something I always say: the problem with ANY license is … it has to match the project’s governance model.

  2. “I think it’s dangerous to lump ‘open source’ licenses together. I think there are fundamental differences in how you license a platform (say Linux) that others are going to build on and need the security of knowing it will always be free (as in speech).”

    i agree. this is what i was trying to get at when acknowledging the differences between the GPL and the BSD.

    but you’re correct: one of the big issues is matching governance to license.

Leave a Reply

Your email address will not be published. Required fields are marked *