Security Spec: Revisit Definitions 2.7 - Open Source


Further discussion was contained here:

Consolidating to this issue (and closing License Compliance Spec Issue 63) because it seems we will conclude with:
• Our current approach appears workable for the market situation
• The one change should be to harmonize between Licensing and Security to this language:
"software subject to one or more licenses that meet the Open Source Definition published by the Open Source Initiative (see or the Free Software Definition published by the Free Software Foundation (see or similar license”

This would involve adding "or similar license" to the Security Assurance Spec.

Full discussion here: