Upgrade IPRL to v2.0 with contributor pool and dormancy mechanism#1
Open
Upgrade IPRL to v2.0 with contributor pool and dormancy mechanism#1
Conversation
Major revision introducing: - Changeset-Based Attribution (Section 3.2): git commit signatures serve as the IPRL declaration — no per-file headers required in VCS context - Licensed Contributor Pool (Section 4): multi-author collaboration via CONTRIBUTORS.iprl registry; cryptographic two-step admission (nomination + acceptance commit); intra-pool mutual rights grant preserves IP ownership while enabling full collaborative development - Alien Changeset handling (Section 5): unsigned/non-pool commits are permitted without license breach when Ratified by an Authoritative Changeset; 90-day ratification deadline for public repos - Public non-commercial read/compile/redistribute grant (Section 6) with explicit prohibition on modification and commercial use (Section 7) - Dormancy and Fallback License (Section 10): 24-month inactivity or voluntary declaration triggers irrevocable re-licensing under Apache 2.0, satisfying the open source transition for stale projects - CONTRIBUTORS.iprl template (Appendix B, TOML format): platform-independent contributor registry usable with raw git — no GitHub required - Verification cheat sheet (Appendix C): git commands for audit - OSD relationship clarification (Appendix D): honest source-available framing with built-in open source transition, consistent with BSL 1.1 precedent - eIDAS/E-SIGN electronic signature recognition (Section 11) https://claude.ai/code/session_013SsJ6TQVvRC47XrcuuxTUD
…iligent Search
The previous automatic 24-month dormancy trigger was unsound because a
frozen repository is not the same as a dead project: hosting platforms
can fail, projects migrate, repos get archived during restructuring. An
automatic trigger would relicense against actively-developing projects
that merely changed location.
Section 10 is redesigned around three legal instruments:
1. Apparent Dormancy (rebuttable presumption) - 24 months of no visible
Authoritative Changesets creates a presumption only, not a legal fact.
2. Diligent Search Procedure - modeled on EU Orphan Works Directive
(2012/28/EU) "diligent search" standard. A Claimant must:
(a) document the last known Authoritative Changeset;
(b) search mirrors/forks, archival services (SWH, archive.org), package
registries, and contact all CONTRIBUTORS.iprl email addresses;
(c) publish a Notice of Dormancy Claim on ≥2 durable public channels
(incl. RFC 3161 timestamping as an option);
(d) observe a 60-day Response Period.
3. Active Development Declaration - any Licensed Contributor can rebut
the claim by publishing a signed statement identifying a live repo,
resetting the 24-month clock. Works even when the original platform
is gone, since signing with an existing key is sufficient.
Confirmed Dormancy (Response Period expires without rebuttal) grants:
- Safe harbor to good-faith Claimants against any later contributor claim
- Irrevocable Apache 2.0 Fallback License
- DORMANCY.md record obligation to protect downstream recipients
Voluntary Dormancy (explicit signed declaration by all contributors)
remains immediate and requires no Diligent Search.
https://claude.ai/code/session_013SsJ6TQVvRC47XrcuuxTUD
1. Signing Key definition open-ended — removed enumeration of specific key
types (GPG/SSH/X.509). Definition now reads "any asymmetric cryptographic
key pair or credential", explicitly covering future signing schemes.
Appendix C updated with S/MIME configuration example alongside GPG and SSH.
2. "Alien Changeset" renamed to "External Changeset" throughout — more
neutral and descriptive; avoids any pejorative connotation while
accurately conveying "not from the Contributor Pool".
3. CONTRIBUTORS.iprl → CONTRIBUTORS — file renamed throughout. Appendix B
redesigned: mandatory TOML schema removed; any plain-text format is now
accepted (the file is authenticated by its containing Authoritative
Changeset signature, not by its own syntax). Required fields are listed
as content requirements, not format requirements. Plain-text example
provided as one option.
4. Per-file headers required in all modes — Section 3.2 corrected: headers
ARE required even in VCS mode (source trees are regularly copied out of
repo context). VCS Mode header is a simplified human-readable notice only
(no embedded key material needed — that lives in CONTRIBUTORS). Snapshot
Mode header must additionally include a verifiable signing credential or
durable reference. Appendix A redesigned with A.1/A.2 split.
5. LICENSE.md.asc made optional — Section 3.1 clarified: the Foundational
Changeset signature itself authenticates LICENSE.md; a detached .asc
file is convenient for out-of-VCS verification but not required. All
references in Sections 6, 7, 11, 13 updated accordingly ("if present").
https://claude.ai/code/session_013SsJ6TQVvRC47XrcuuxTUD
Appendix B — CONTRIBUTORS format stripped to its essence: - File opens with the standard IPRL license header (same as any source file) - Each contributor entry = optional free-form identification text + public key - Public key is the ONLY mandatory element; all identification (name, email, pseudonym, hash) is voluntary and free-form - No schema, no field names, no required ordering - Comment lines (#) distinguish identification from key material - Single-line keys (SSH) appear one per line; block keys (PGP) in native armored format; any other scheme in its native representation - Updated CONTRIBUTORS template file to reflect the new minimalist format Appendix C — replaced 50-line git-specific cheat sheet with a 12-line VCS-agnostic informative note: - Describes the two-step verification concept (signature valid + key in CONTRIBUTORS) without prescribing any specific tooling - Explicitly marked as informative / non-normative - Removes the normative tie to git; IPRL now works equally with any VCS that supports commit-level cryptographic signatures https://claude.ai/code/session_013SsJ6TQVvRC47XrcuuxTUD
Commercial use of the unmodified Software is now explicitly permitted for all recipients, not just Licensed Contributors. Rationale: - The no-modification restriction (7a) already captures the meaningful competitive moat: no one outside the pool can build on, fork, or productize the Software. The ability to run the unmodified version commercially is narrow and does not reduce IP value for founder contribution purposes. - Wider commercial deployment increases the demonstrable value of the IP as an intangible asset during due diligence. - With 7b removed, IPRL now violates only OSD criterion 3 (no derivatives), not criterion 6 (field of endeavor). This puts it in CC BY-ND territory: freely usable and commercially deployable, but non-modifiable outside the Contributor Pool. Changes: - Preamble: updated characterization to "modification-restricted source-available"; explicitly states commercial use is permitted - Section 6(a,b,c): "non-commercial" qualifiers removed; all three grants now apply to any purpose, commercial or non-commercial - Section 6: removed bold prohibition on commercial use - Section 7: removed clause (b) "Commercial Use" entirely; re-lettered subsequent clauses accordingly - Appendix D: revised to reflect single OSD criterion non-compliance (criterion 3 only); notes criterion 6 compliance; updates the characterization from BSL-like to CC BY-ND-like https://claude.ai/code/session_013SsJ6TQVvRC47XrcuuxTUD
…6 refs - Appendix C (Verification, informative) removed entirely - Appendix D (OSD relationship) renumbered to Appendix C - Preamble reference updated: "Appendix D" → "Appendix C" - Section 7 clause lettering corrected: former (d)(e) → (c)(d) after prior removal of the Commercial Use clause left a gap - Appendix C (was D): removed the OSD criterion 6 compliance paragraph and its mention in the opening sentence — criterion 6 is satisfied and requires no special explanation - Appendix C: updated characterization paragraph to read as single-criterion non-compliance without criterion 6 references https://claude.ai/code/session_013SsJ6TQVvRC47XrcuuxTUD
The 90-day mandatory-removal obligation placed on Licensed Contributors was operationally excessive and created an unreasonable compliance burden (forced history rewriting, breach exposure for inaction). The Ratification mechanism in 5.1/5.2 is sufficient on its own — unratified external changesets carry no IP rights, so there is no legal exposure requiring a hard cleanup deadline. Former Section 5.4 Rationale renumbered to 5.3. https://claude.ai/code/session_013SsJ6TQVvRC47XrcuuxTUD
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
This PR upgrades the Intellectual Property Reserve License from v1.0 to v2.0, introducing a comprehensive contributor pool model, cryptographic changeset-based attribution, and an automatic fallback to Apache 2.0 upon dormancy. The new version transforms IPRL from a simple single-author license into a collaborative framework suitable for multi-contributor projects while preserving IP asset value.
Key Changes
Contributor Pool Model: Introduced a formal mechanism for admitting Licensed Contributors through nomination and acceptance, with mutual IP rights grants among pool members (Section 4)
Changeset-Based Attribution: Replaced per-file headers with VCS-native cryptographic signatures on commits as the primary attribution mechanism, eliminating the need for boilerplate headers in most cases (Section 3.2)
Contributor Registry (
CONTRIBUTORS.iprl): Added a TOML-formatted, VCS-tracked registry file that serves as the authoritative source for pool membership and signing keys (Appendix B)Alien Changeset Ratification: Introduced a mechanism to accept external contributions without requiring contributors to join the pool, with a 90-day ratification deadline (Section 5)
Dormancy and Fallback License: Implemented automatic re-licensing under Apache License 2.0 after 24 months of inactivity, ensuring the software becomes genuinely open source if development ceases (Section 10)
Intra-Pool Mutual Rights: Licensed Contributors now grant each other perpetual, worldwide, royalty-free rights to modify and use the software commercially, while maintaining exclusive rights against the outside world (Section 4.4)
Enhanced Legal Framework: Added comprehensive definitions, electronic signature recognition across multiple jurisdictions, and detailed remedies for breach (Sections 1, 11, 9)
File Header Mode as Alternative: Retained per-file headers as an optional fallback for snapshot distributions without VCS history (Section 3.3, Appendix A)
Notable Implementation Details
https://claude.ai/code/session_013SsJ6TQVvRC47XrcuuxTUD