Thanks for looping me in.
tl;dr I’m increasingly of the opinion that the previous concerns about the MIT (and to a lesser extent the BSD) license are no longer an important issue. However I find it odd that UC Berkeley is against the Apache 2 license - most organisations choose to use Apache because it provides better patent protection than MIT and BSD.
- MIT license
The original concern was that with the way that the MIT license was written. The license has a clause which includes a disclaimer of all liability. In certain jurisdictions, e.g. England and Wales under English Law, it is not allowed to disclaim liability of death arising from proper use. Any invalid clauses have the potential to be struck out in their entirety, thus potentially leaving you open to unlimited liability under English Law.
However I’ve now had the chance to talk to some IT law academics, as well as some actual software contract lawyers. And whilst none have gone on the record to provide legal advice, their comments are that it is likely that any judge would seek to remove the smallest possible part of the clause that kept the spirit of the contract. Therefore you would still retain most of the disclaimer.
- Apache License and patents
I’d be interested if the issue UC has is with the patent grant clause or the patent retaliation clause in Apache. From the document, it appears to be the patent grant clause.
There’s some good discussion here: http://www.groklaw.net/article.php?story=20100204170037353 but the gist is that whether this is a problem depends on your origination and contribution model. So, that leads me on to…
- Contribution model
It sounds like the thing you need to think about is how you do (or don’t) take ownership of contributions. Are packages completely separate? Are there any other license incompatibility issues? Who is contributing?