Security Spec: Revisit Definitions 2.7 - Open Source
Further discussion was contained here:
Consolidating to this issue (and closing License Compliance Spec Issue 63) because it seems we will conclude with:
• Our current approach appears workable for the market situation
• The one change should be to harmonize between Licensing and Security to this language:
"software subject to one or more licenses that meet the Open Source Definition published by the Open Source Initiative (see opensource.org/osd) or the Free Software Definition published by the Free Software Foundation (see gnu.org/philosophy/free-sw.html) or similar license”
This would involve adding "or similar license" to the Security Assurance Spec.
Full discussion here: