AGPL is released, the ASP loophole is gone! NOT!
Since I wrote that back in June, there have been lots of comments and many of them involve how to intrepret ‘remote’, ‘interactions’ ‘users’ and such. As I said back then:
Take for example the phrase â??users interacting with it remotelyâ??. I defy anyone to explain to me where the â??userâ?? ends and the â??non userâ?? begins. The browser? The TCP stack? The application? The database? The operating system?
I stand by this statement. This is ambiguous to the point of being useless. Here’s a comment in the discussion that echo’s my concerns:
The term “user” is not clearly defined. If I get an “access denied” error page through a browser, am I a user of the web application? When I visit a portal, am I a user of the browser? Of the portal application, as well? Of the server-side scripting engine, perhaps? Of the web server? Of the kernel the web server runs on top of? Of the router OS? And so forth…
Where do we draw the line?
This ambiguity is really problematic, as it implies that there’s no clear way to tell whether a modified version supports remote interaction, and hence there’s no clear way to tell whether it is subject to the restriction specified by this section.
There might be some stand alone applications that might try to use the AGPL to close the ASP loophole, but I seriously don’t think it’s going to stop anyone that’s determined to use the code.