Rob Weir wrote:
On Tue, Aug 2, 2011 at 12:10 PM, Andy Brown<a...@the-martin-byrd.net> wrote:
If you talking the wiki, instead of requiring an ICLA as a person has to
create an account, why not make it part of that process that "All submitted
contributions are under AL2 license". Would that not be sufficient?
The IPMC guidance, via the Podling Guide that they have published [1] is:
"Podlings may use a wiki to create documentation (including the
website) providing that follow the guidelines. In particular, care
must be taken to ensure that access to the wiki used to create
documentation is restricted to only those with filed CLAs. The PPMC
MUST review all changes and ensure that trust is not abused."
I personally like your idea of having a click-through-license grant on
the wiki itself, either as part of account creation or on the edit
page itself. But if we did that, I'd suggest some related issues to
address:
1) We shouldn't just ignore IPMC guidance. There may be some
allowance for variation in procedures, but that should not be assumed.
If we want to do something differently, then we need to write up that
proposal, get consensus here among PPMC members, and then take it to
the IPMC and probably Apache Legal Affairs (to review whatever
language we use). I'd gladly support that.
I work on this and see what I can come up with. I am no expert on this
so it will be a very rough draft, but something that I fell we will need
to do. We are much different that the "normal" Apache project so
hopefully be granted some working room. I will start a new thread as
this one is getting to deep to manage.
2) We need a credible security mechanism for the wiki. Today, for
example, it is not required for a user to give their real name (the
field is optional). And the password can be as little as 1 character.
(Yup, I just created an account with password="x"). With 15,000
zombie accounts, lack of real names and the ability for users to
create trivially crackable accounts, it would be hard to really
identify a change to a particular person.
I do not believe I have seen anyone state that there were not problems
with the current setup and improvements could not be made. This is one
area that we really need to look at and fix.
[1] http://incubator.apache.org/guides/sites.html
2) How do we ensure that the documentation is under PPMC oversight and
remains high quality?
I received a daily report of all changes to the wiki, there is also the
option for "as done" report. It would only take a few minutes to do a quick
review of those changes, an revert them if needed.
OK. Maybe that report could be directed to the ooo-commits list as well?
I am sure that is a possibility but if all that use the committers that
use the wiki get the reports then we should have that covered without
adding to the ooo-commit list.
I'm open to discussions of various technical and procedural means to
achieve these goals. But I am adamant in achieving them one way or
another.
Would the above listed work?
I think that takes us in the right direction. Thanks.
I am only trying to help all of us to keep a great product where it belongs.
Andy
