I agree with your sentiments that sending maintainers to jail = bad juju. It is my feeling that by asking maintainers to label their packages appropriately, even as a suggestion to end users with appropriate disclaimers as to the non-lawyerness of the maintainer, is simply asking for legal hassles for the maintainers. Once a maintainer has made any statement about the legality of a package in a given country, some bonehead will try to sue him as a responsible party when someone installs his package, unwittingly breaking some hitherto unknown law.
Unfortunately, the current scheme does what it's supposed to do: protect the mirror operators. The US is probably one of the few countries with the spare time and spare change (mostly mine, I think) to chase down folks who encrypt their email to mom... So seperating out non-us makes sense for the mirror operators, and imposes no legal responsibiltiy on the maintainers... Just my $.02... Clint Guillot Xenir Drake Diedrich wrote: > I don't think we'll be able to build a > completely reliable permissions database: 200 nations, millions of laws and > patents, thousands of packages, hundreds of maintainers - even if we > construct a fairly complete database there will still be errors. I think we > need to separate issues and concentrate only on the prosecutable ones. We > don't want maintainers to go to jail (well, *I* don't). After that we don't > want SPI and our sponsors to go to be sued out of existence. Finally, we > don't want users to unknowingly transgress some law or patent. Those are my > priorities anyway.
