все-таки оригинальный DoD-OSS-memo-2009.pdf дает меньше поводов для флейма :)> # Правительство США в лице Министерства Обороны подтверждает, что открытое программное обеспечение может считаться коммерческим и, следовательно, как и любое другое коммерческое ПО должно находится в списке предпочтительного для использования ПО
In almost all cases, OSS meets the definition of “commercial computer software”
and shall be given appropriate statutory preference in accordance with 10 USC 2377
(reference (b)) (see also FAR 2.101(b), 12.000, 12.101 (reference (c)); and DFARS
212.212, and 252.227-7014(a)(1) (reference (d))).
> # Инструкция № 8500.2 имела пункт, который был недостаточно корректно сформулирован. Новая его редакция подчеркивает, что при использовании двоичного кода программы МО должно либо заручиться гарантиями разработчика о безошибочности кода, либо иметь на руках исходные тексты и разрешение на самостоятельное исправление ошибок.
DoD Instruction 8500.2, “Information Assurance (IA) Implementation,” (reference
(g)) includes an Information Assurance Control, “DCPD-1 Public Domain Software
Controls,” which limits the use of “binary or machine-executable public domain software
or other software products with limited or no warranty,” on the grounds that these items
are difficult or impossible to review, repair, or extend, given that the Government does
not have access to the original source code and there is no owner who could make such
repairs on behalf of the government. This control should not be interpreted as forbidding
the use of OSS, as the source code is available for review, repair and extension by the
government and its contractors.
> # «Использование ПО без контракта на поддержку является информационным риском». Компании, предоставляющие поддержку СПО (например, Red Hat) могут рассчитывать на равные условия с проприетарными вендорами.
The use of any software without appropriate maintenance and support presents an
information assurance risk. Before approving the use of software (including OSS),
system/program managers, and ultimately Designated Approving Authorities (DAAs),
must ensure that the plan for software support (e.g., commercial or Government program
office support) is adequate for mission need.
> # Правительство США не обязано распространять исходные коды модифицируемого СПО.
There is a misconception that the Government is always obligated to distribute the
source code of any modified OSS to the public, and therefore that OSS should not be
integrated or modified for use in classified or other sensitive DoD systems. In contrast,
many open source licenses permit the user to modify OSS for internal use without being
obligated to distribute source code to the public. However, if the user chooses to
distribute the modified OSS outside the user's organization (e.g., a Government user
distributes the code outside the Government), then some OSS licenses (such as the GNU
General Public License) do require distribution of the corresponding source code to the
recipient of the software. For this reason, it is important to understand both the specifics
of the open source license in question and how the Department intends to use and
redistribute any DoD-modified OSS.
> # Исходные тексты и дизайн программ являются «данными» (Директива 8320.02) которые могут распространяться как внутри министерства, так и за его пределами, если целесообразность этого продиктована потребностями организации. То же относится и к исправлениям / улучшениям ПО.
Software source code and associated design documents are “data” as defined by
DoD Directive 8320.02 (reference (h)), and therefore shall be shared across the DoD as
widely as possible to support mission needs. Open source licenses authorize widespread
dissemination of the licensed software, thus allowing OSS to be shared widely across the
entire Department. One way to make software source code accessible across the
6 Attachment 2
Department is to use the collaborative software development environment at
https://software.forge.mil/, operated by the Defense Information Systems Agency.
ну и под конец:
Software items, including code fixes and enhancements, developed for the
Government should be released to the public (such as under an open source license) when
all of the following conditions are met:
(1) The project manager, program manager, or other comparable official
determines that it is in the Government’s interest to do so, such as through the
expectation of future enhancements by others.
(2) The Government has the rights to reproduce and release the item, and to
authorize others to do so. For example, the Government has public release rights when
the software is developed by Government personnel, when the Government receives
"unlimited rights" in software developed by a contractor at Government expense, or when
pre-existing OSS is modified by or for the Government.
(3) The public release of the item is not restricted by other law or regulation, such
as the Export Administration Regulations or the International Traffic in Arms Regulation,
and the item qualifies for Distribution Statement A, per DoD Directive 5230.24
(reference (i)).
// wbr