Hello, On Mon, 27 Aug 2012 19:21:22 +0200 Zygmunt Krynicki <zygmunt.kryni...@linaro.org> wrote:
[] > > We have provided a script which can download stuff for you in > > lp:linaro-license-protection (license_protected_file_downloader > > inside tests/ directory - should be moved to scripts/ though). > > > > This has been present for a while now, and has been a recommended > > way to download binaries from snapshots.l.o. (Or, if you are doing > > this from a static IP, we've got support for allowing that through > > if it's an automated service [we do that for eg. > > validation.linaro.org].) > > > > We will look into providing a nicer API, but until we do, any > > interface we've got is going to be unstable and internal. > > IMHO this is utter lunacy, is there any oversight on how we do this? > > If we offer both the "protected", click through, EULA, downloads and > the tools to download them without seeing any license then I cannot > see how this is any more legally fine than just ignoring the whole > damn mess. That was my original concern during initial implementation of EULA protection in December. Over time, we came to conclusion (?, I wish I saw more general discussion and approval by stakeholders) that doing something like: ./download-linaro --accept-license <url> , where --accept-license is mandatory, should have equivalent meaning to willfully clicking a button on a page. For extra "safety", we can also make HTTP param/cookie sent in this case be explicitly named like "accept_license=yes". I guess that gets as good as it can to allow some automation while clearly communicating other's party license acceptance. > The stuff we are doing here feels like DRM but it is even more insane > as we are the senders and recipients and we _still_ cannot get it > right! Recipients can be anyone, and well, that's what our members (corporations) (and their lawyers) want... > > Maybe it's time to write an RFC on the "eula compliance" bit, get a > new HTTP header defined, offer a patch for wget and couple of other > tools and not reinvent the download tools over and over. > > Frustrated > ZK > > PS: In Linaro we _wrote_ code that generates, displays, enforces, > avoids and side-steps licenses. We have scripts that send magic > cookies. We have tools that click or type "I ACCEPT". I wonder how > much time was wasted on this, instead of, say, writing better kernel > code, or LAVA, or whatever... > -- Best Regards, Paul Linaro.org | Open source software for ARM SoCs Follow Linaro: http://www.facebook.com/pages/Linaro http://twitter.com/#!/linaroorg - http://www.linaro.org/linaro-blog _______________________________________________ linaro-dev mailing list linaro-dev@lists.linaro.org http://lists.linaro.org/mailman/listinfo/linaro-dev
