gsadmin/certctl
1
0
Fork 0
mirror of https://github.com/shankar0123/certctl.git synced 2026-06-07 11:11:30 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,042 Commits 1 Branch 82 Tags
master
Commit Graph

8 Commits

Author SHA1 Message Date
shankar0123 5411c12841 license: flip Licensor to certctl LLC 
Phase 0 closure (Path B2, post-rewrite): the codebase is now legally
owned by certctl LLC, the operator's incorporated entity. The BSL 1.1
Licensor field and the © copyright statement both flip from the
natural-person 'Shankar Kambam' to the legal entity 'certctl LLC'.
This is the legal-entity layer of Phase 0 — the git-history layer
landed in the rewrite that produced this commit's parent's parent.

The Additional Use Grant carve-out ('Commercial Certificate Service'),
the Change Date (March 14, 2076), and the rest of the BSL parameters
are unchanged.

Closes: cowork/certctl-architecture-diligence-audit.html#fix-RED-5
        (Licensor name-variant + AI-authorship cluster)
 2026-05-13 21:16:45 +00:00
shankar0123 ee2d6d3a7c chore: routine maintenance 2026-05-12 04:57:29 +00:00
shankar0123 da00ee0ca5 license: tighten BSL terms (Florida venue, full Pi Day Change Date, no contributions) 
Rewrite of the BSL 1.1 LICENSE to fix lawyer-grade gaps and align
the parameters with the project's actual posture:

Licensor + copyright
- Licensor name: "Shankar Kambam" (correct legal name; was "Shankar
  Reddy" — same operator, different surname).
- © marker: "© 2026 Shankar Kambam" (was "(c)" placeholder).

Additional Use Grant — sharper Commercial Certificate Service test
- Replaces the old "running a cert service for non-affiliated third
  parties" wording with a principal-value test: a CCS is a product
  whose principal value to the third party is certctl's certificate
  management functionality (lifecycle, discovery, monitoring,
  alerting, renewal automation, deployment, revocation) AND the
  third party accesses or controls that functionality AND
  compensation flows for that access/control.
- Carve-out (a): explicitly permits running certctl in production
  to manage certs for products whose principal value is something
  ELSE (e.g. a banking app using certctl for its TLS certs).
- Carve-out (b): "third party" excludes employees, contractors
  acting on the licensee's behalf, and Affiliates (>50% common
  voting control). Closes the "internal IT department is a third
  party" attack on the wording.
- Carve-out (c): the CCS restriction applies regardless of whether
  certctl is hosted, managed, embedded, bundled, or integrated
  with another product — closes the embedded-OEM loophole.

Change Date — full per-version 4-year BSL period
- Was: March 14, 2126 (a fixed date 100+ years out, defeating the
  "earlier of <Change Date> or 4 years from first publication"
  semantics — the 4-year cap always won, no version got the full
  4-year window).
- Now: March 14, 2076 (Pi Day, ~50 years out). This is the longest
  acceptable horizon under the BSL spirit while ensuring every
  released version gets its full 4-year BSL period before flipping
  to Apache-2.0.

Contributions — no third-party contributions accepted
- Adds an explicit "Licensor does not accept third-party
  contributions" clause. Any code/docs submitted are at the
  submitter's sole risk, confer no rights, and are not incorporated.
  Mirrors the project's reality (no PR review process, single-owner
  development).

Patent non-assertion + defensive termination
- Adds a non-assertion covenant covering compliant uses, with
  termination of that covenant if the licensee initiates patent
  litigation against the Licensor or contributors. Standard BSL
  posture, was missing.

Termination + reinstatement
- 30-day cure window for first violation; second violation after
  reinstatement is permanent. Aligns with BSL norm.

Governing law + venue
- State of Florida, USA. Operator's residence; aligns dispute
  forum with the Licensor's actual jurisdiction.

Severability + survival
- Standard boilerplate added. Ensures the disclaimer-of-warranty,
  patent non-assertion (for pre-termination acts), and
  governing-law clauses survive any termination.

Stripped
- Dead "(certctl is not a registered trademark)" parenthetical —
  the trademark filing is a separate workstream, not licensing.

Contact for alternative arrangements: certctl@proton.me
(unchanged).
 2026-05-02 17:12:50 +00:00
shankar0123 45ba27693b Update LICENSE metadata 2026-04-26 23:29:59 +00:00
shankar0123 75cf8475f5 tighten BSL license scope, fix documentation underselling shipped features 
Broadened BSL Additional Use Grant from "hosted or managed service" to cover
any commercial offering (embedded, bundled, integrated). Updated README to
promote all shipped connectors from Beta to Implemented, added EST/ARI/S/MIME
highlight, Helm quickstart, and corrected license description. Fixed
connectors.md stale claims (AWS ACM PCA listed as planned, K8s Secrets
listed as coming soon) and updated overview with exact connector counts.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-04-15 15:54:03 -04:00
shankar0123 63e6f3ef91 chore: update license contact email to certctl@proton.me 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-28 16:24:34 -04:00
shankar0123 73d5d848d5 Switch license from Apache 2.0 to BSL 1.1 
- Business Source License 1.1 with 7-year conversion period
- Change Date: March 14, 2033 (converts to Apache 2.0)
- Additional Use Grant: all uses permitted except offering certctl
  as a hosted/managed certificate management service
- Update README badge and license section

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-14 22:23:30 -04:00
shankar0123 d395776a95 Initial scaffold: certificate control plane v0.1.0 2026-03-14 08:22:17 -04:00