I was reading through the Q public license and thought
the Limitations of Liability was a good proactive clause.

Would this be a good thing to include when it comes to
securing of private data? For example, I use some best
practices set forth by this project but I implement them
incorrectly and this results in an illegal breach. Would
something like this be an issue for this project and
would this limitation cover our "assets"?

Here is the relevant passage from the QPL:

Limitations of Liability

In no event shall the initial developers or copyright holders be liable for
any damages whatsoever, including - but not restricted to - lost revenue or
profits or other direct, indirect, special, incidental or consequential
damages, even if they have been advised of the possibility of such damages,
except to the extent invariable law, if any, provides otherwise.

Trying to contribute,
mak

> From: "Mark Curphey" <markcurphey.com>
> Date: Fri, 28 Sep 2001 13:20:44 -0700
> To: <www-mobile-codesecurityfocus.com>
> Subject: OWASP Licenses
>
> Attached are the two licenses we are proposing to use for the project. Both
> are based on the Apache Software Foundation open source license.
>
> The documentation license effectively allows anyone to take the work, modify
> it and use it in full or part, as long as they acknowledge the work was not
> originally written by themselves or contains work not originally written by
> themselves by displaying the copyright notice included.
>
> The software license effectively allows anyone to use, modify and distribute
> the source or binary, as long as they acknowledge the original work was not
> their own and they display the copyright notice.
>
> Many people suggested we use the GNU GFDL. As it was explained to me by a
> lawyer, these copyleft licenses mean that any works based on or including
> the original code must also be open-source. Thus if a consulting company
> chooses to adopt our methodology all their works including client reports
> would need to be open source as well. If they chose to use our software then
> their software too would have to be open source. Whilst I am really big
> advocate of open source software this would not promote widespread use in
> the industry, so I think our open source license works best for us at
> present. It is a balance between open source access to all whilst preventing
> others claiming to have written it themselves.
>
> Also upon advise from the lawyer, anyone unsure of the intricacies of
> licensing should add a clause to allow themselves to move to a license model
> more suited to their needs in the future without penalty.
>
> * The Open Web Application Security Project reserves the right to change
> its licensing
> * scheme without prior notice and are "themselves" not subject to
> restrictive terms from
> * previous licenses.
>
> If anyone has any questions or thoughts, please let us know.
>
> Mark
>

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]