Open Source indemnity
2008-10-03 22:36:13.305607+00 by Dan Lyke 1 comments
I have two packages I want to use for a project, efsl, a filesystem with an (L)GPL-like license that allows for static linking, and some crypto stuff, it looks like cryptopp has a "public domain" license.
In both cases I can set up systems to abide by the license requirements. I can push the appropriate chip level driver code back up into both their distributions, and make it available myself.
What I need to do is to convince nervous people further up the chain that nobody's going to come back and say "wait, that's my code!". With a commercial product, there's someone to sue. With non-commercial products like this, how do I determine who to send some money to so that my clients feel indemnified against future lawsuits over ownership?
I'm not even worried about situations like someone appropriating the open source code, filing patents on it, then going back at the initial author (full listing of court filings and motions here, via /.), I'm more worried about the perception by my clients that someone could open source code they don't own, and we'd then be liable for that.
Heck, this might even just be some sort of insurance that my company has to buy.