I stumbled across the SPDX (https://spdx.org/). Possibly the hackage license list should be expanded to incorporate this in some way? Or at least the OSI-approved entries?