Drupal OpenID Modules

Michael Lustfield mtecknology at ubuntu.com
Wed Mar 3 16:04:51 GMT 2010 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I guess some of this was a case of people being too busy. I finally
received word back this morning.

Response from Stuart Metcalfe:
  I'm too busy, I'll pass this on. (Anthony Lenton)

Response from Anthony Lenton:
  Summarization of discussion on IRC..
  The branches being made private was a side effect
    A private team was subscribed [we just finished resolving this]
  The current Launchpad login is not open sourced
    It's not part of launchpad
  The new Ubuntu login will not be open sourced
    It's not part of launchpad either
  The current OpenID modules will continue to work
    Work will be done to ensure a smooth transition
    The Ubuntu login will still communicate with launchpad the way the
     Launchpad login does
  Also.. There are other modules Canonical has been working on with
   similar functionality that they want to open up as well.
    [Ex] https://edge.launchpad.net/wordpress-launchpad-integration

So.. this is much better news than I thought. I'm sorry for all the
gloom in the last email. I guess all the dark clouds were all resulting
from:
1) People being extremely busy
2) The way launchpad works
   a) Anthony and I are both waiting to hear back about whether this is
      a bug in launchpad or not.

With this new information I'm much more excited about the future of
this OpenID integration and I'm excited again about their continued
growth.

As for any questions about Drupal 7.. Over the next week (~6 days) I
will try to devote ~100 hours to development projects within my own
company pertaining to Drupal. This will be a large learning curve from
the way D6 and D5 work. There are massive and unimaginable changes from
D6 to D7. Even more than from D5 to D6. However, they are better
documented. With this better documentation and a heap load of prior
knowledge (this upcoming dev time), I have a feeling that I will have
no issues having all of these modules ready prior to D7 release time.

I hope this clears up any concerns anyone else had. It's cleared up any
concerns of mine.

As for that other response:

On Wed, 3 Mar 2010 10:01:59 -0500
Chuck Frain <chuckfrain at pobox.com> wrote:

> Perhaps a good Loco project would be to send some material on the
> benefits of Open Sourcing software under the AGPL 
> [SNIP] Teach them how people can help them
> grow through contributions from a community of people that work on
> projects because they want to help the whole and make things stronger.

I completely agree. I think we should get some really really smart guys
to teach a lesson about the various licenses out there. For instance,
the BSD license is amazingly unrestrictive. If you license your project
under that you might be opening your project more than your liking.

After the lesson [ #u-classroom maybe? ] I think we should build out a
wiki as a group that even the most novice of users can refer to. Then
they can really understand what the license they are using means.

On that subject, I also like the idea of an page for a break down of
each license and what each piece means. Example for BSD license:
<cite>
Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
</cite>
If anyone redistributes your source code the copyright must be kept as
it is written above. It must also include the following conditions and
disclaimer.

That one is extremely well written but points on this such as the
following are not so clear.

<cite>
Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
</cite>

Users may not understand that as long as this license stays available
to anyone using the code in one way or another, anyone can freely reuse
this code in a commercial product and resell it for whatever they see
fit.

Obviously opensource.org does an excellent job of keeping this
information public. Perhaps instead of our own wiki we could work with
them to improve what they have and maybe work out a way to build in
this 'beginner info / breakdown' into their own site. Or perhaps our
own wiki is the best place for this.

> 
> Perhaps the people at this Canonical place that is behind the Launchpad
> project just don't understand the benefits of Open Source software and
> needs a little education on the topic.

Many projects Canonical gets into are under GPLv2/3 and AGPLc2/3. They
are in part bound by restrictions within the license itself. If the
project is a sub project of another project that is licensed in GPLv2
then your project legally needs to be GPLv2. You can't even apply v3 to
it. That is part of the (lack of) 'backward compatibility' in these
licenses.

Actually.. In order for a project (say Drupal GPLv2) to move to v3 they
need to get confirmation from ALL contributors [both Drupal dev and devs
of other modules (both public and private)] that they are willing to
let the project move to v3 and that they will move their license with
it. GPL covered all of its bases very well; this is an unfortunate side
effect of being protected by such a solid license.

If any large company understands Free Open Source Software (FOSS) I
think it would be Canonical. Launchpad is AGPLv3. As a company they
will need to keep some things closed. There are a massive number of
reasons I can see for this. Besides.. just because they don't release
the source doesn't mean it's not open source.

As for my own company, we decided to deal exclusively with FOSS. That
is part of our business plan. With this, we intend to undergo a massive
project that we imagine will bring in a large amount of cash flow. We
have no intention of releasing the source code until we are in a
position that our release of the code will not hinder our ability to
succeed. If we release too early any other competition could come
along, pick up our code, attach advertising, use what they already have
as a more established company, then destroy us.

There's also the concern of security. If they release the source and
you notice a tiny hole in security, it could be a very serious problem.
Beside that point.. where would you intend to use this. This will
obviously be extremely customized to their configuration.

A business is all about strategy. They have done an excellent job 'for
the most part' of stating exactly what their intentions are and
following through on exactly what they say.

When it comes to my own company, I won't consider even letting the
other owners of the company see what I have until I hit a point where I
feel this is secure enough that releasing any source won't be a
potential gaping hole into my servers.

> 
> On Tue, 02 Mar 2010, Michael Lustfield wrote:
> 
> > I have been asked by a few people what will happen to the drupal
> > - -launchpad openid modules that seamlessly created users based on
> > existing launchpad users because of the ubuntu login change.
> > 
> > Frankly, I have no clue. I no longer have any access to these branches
> > through the web interface. I don't know if this is a bug in launchpad
> > or not, but we can at least still grab branch content from the
> > following urls.
> > 
> <snipped> 
> 
> > It's a bleak message full of sad. I'm sorry for that too.
> > 


- -- 
Michael Lustfield
Kalliki Software

Network and Systems Administrator
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkuOiKMACgkQ3y7Nst6YLGUJ4gCeLfbR4/eoRRyUfnDd8HokFcKP
VWEAn0NChwVDj8NfrXgK75S1aVQ0d5+T
=6Vgh
-----END PGP SIGNATURE-----

More information about the loco-contacts mailing list