On Aug 2, 2011, at 10:48 AM, Andy Brown wrote: > Rob Weir wrote: >> On Tue, Aug 2, 2011 at 12:10 PM, Andy Brown<[email protected]> wrote: >>> >>> If you talking the wiki, instead of requiring an ICLA as a person has to >>> create an account, why not make it part of that process that "All submitted >>> contributions are under AL2 license". Would that not be sufficient? >>> >> >> The IPMC guidance, via the Podling Guide that they have published [1] is: >> >> "Podlings may use a wiki to create documentation (including the >> website) providing that follow the guidelines. In particular, care >> must be taken to ensure that access to the wiki used to create >> documentation is restricted to only those with filed CLAs. The PPMC >> MUST review all changes and ensure that trust is not abused." >> >> I personally like your idea of having a click-through-license grant on >> the wiki itself, either as part of account creation or on the edit >> page itself. But if we did that, I'd suggest some related issues to >> address: >> >> 1) We shouldn't just ignore IPMC guidance. There may be some >> allowance for variation in procedures, but that should not be assumed. >> If we want to do something differently, then we need to write up that >> proposal, get consensus here among PPMC members, and then take it to >> the IPMC and probably Apache Legal Affairs (to review whatever >> language we use). I'd gladly support that. > > I work on this and see what I can come up with. I am no expert on this so it > will be a very rough draft, but something that I fell we will need to do. We > are much different that the "normal" Apache project so hopefully be granted > some working room. I will start a new thread as this one is getting to deep > to manage.
Please put the word [PROPOSAL] in the subject. I think it should be in the context of openoffice.org site issues as opposed to apache.org issues, I think that may be the best dividing line for the boundary for this "working room". > >> 2) We need a credible security mechanism for the wiki. Today, for >> example, it is not required for a user to give their real name (the >> field is optional). And the password can be as little as 1 character. >> (Yup, I just created an account with password="x"). With 15,000 >> zombie accounts, lack of real names and the ability for users to >> create trivially crackable accounts, it would be hard to really >> identify a change to a particular person. > > I do not believe I have seen anyone state that there were not problems with > the current setup and improvements could not be made. This is one area that > we really need to look at and fix. > >> [1] http://incubator.apache.org/guides/sites.html >> >>>> 2) How do we ensure that the documentation is under PPMC oversight and >>>> remains high quality? >>> >>> I received a daily report of all changes to the wiki, there is also the >>> option for "as done" report. It would only take a few minutes to do a quick >>> review of those changes, an revert them if needed. >>> >> >> OK. Maybe that report could be directed to the ooo-commits list as well? > > I am sure that is a possibility but if all that use the committers that use > the wiki get the reports then we should have that covered without adding to > the ooo-commit list. > >>>> I'm open to discussions of various technical and procedural means to >>>> achieve these goals. But I am adamant in achieving them one way or >>>> another. >>> >>> Would the above listed work? >>> >> >> I think that takes us in the right direction. Thanks. > > I am only trying to help all of us to keep a great product where it belongs. By trying you succeed. Regards, Dave > > Andy
