Ian Jackson wrote on 03/12/2019:
> Paride Legovini writes ("remote logo inclusion in package documentation"):
>> Hello debian-legal,
>>
>> The latest upstream version of a package I maintain (libmseed) ships
>> with HTML documentation. The HTML documentation fetches a remote logo,
>> and this triggered the privacy-breach-logo lintian tag [0].
>>
>> The logo is explicitly made available for usage by the institution
>> developing the software [1], but I couldn't find its terms of use. The
>> IRIS Wikipedia page includes the logo and lists it as CC BY-SA, but I'm
>> not certain this information is correct.
>>
>> Do you think the HTML documentation fetching the IRIS logo can be
>> included in Debian main?
>
> No. The lintian warning is correct. Downloading logos in docs like
> this is not only a privacy breach, but also a practical problem.
> I have been on a train with no internet, trying to read some docs
> which I had deliberately pre-installed, and found that each page would
> take 30s to load because it had to wait for an attempted logo fetch to
> time out.
>
> If you can't establish that the logo is OK to include, you should
> replace it.
>
> In practice if you write an email to upstream they will probably
> explicitly confirm the CC-BY-SA information from Wikimedia. Have you
> tried that ?
Thanks Ian,
Yeah I wrote them an email, let's see what they say. I also filed an
upstream bug asking to ship a local copy of the logo with the
documentation instead of relying on a remote resource.
If what they come up with is less than ideal I'll drop the logo, it is
not necessary at all to consult the documentation.
Paride
