On Oct 21, 2013, at 5:09 PM, Monty Taylor wrote: > On 10/21/2013 10:44 PM, Clint Byrum wrote: >> Excerpts from Mark McLoughlin's message of 2013-10-21 13:45:21 -0700: >>> On Mon, 2013-10-21 at 10:28 -0700, Clint Byrum wrote: >>>> Excerpts from Robert Collins's message of 2013-10-20 02:25:43 -0700: >>>>> On 20 October 2013 02:35, Monty Taylor <[email protected]> wrote: >>>>> >>>>>> However, even as a strong supporter of accurate license headers, I would >>>>>> like to know more about the FTP masters issue. I dialog with them, as >>>>>> folks who deal with this issue and its repercutions WAY more than any of >>>>>> us might be really nice. >>>>> >>>>> Debian takes it's responsibilities under copyright law very seriously. >>>>> The integrity of the debian/copyright metadata is checked on the first >>>>> upload for a package (and basically not thereafter, which is either >>>>> convenient or pragmatic or a massive hole in rigour depending on your >>>>> point of view. The goal is to ensure that a) the package is in the >>>>> right repository in Debian (main vs nonfree) and b) that Debian can >>>>> redistribute it and c) that downstreams of Debian who decide to use >>>>> the package can confidently do so. Files with differing redistribution >>>>> licenses that aren't captured in debian/copyright are an issue for c); >>>>> files with different authors and the same redistribution licence >>>>> aren't a problem for a/b/c *but* the rules the FTP masters enforce >>>>> don't make that discrimination: the debian/copyright file needs to be >>>>> a concordance of both copyright holders and copyright license. >>>>> >>>>> Personally, I think it should really only be a concordance of >>>>> copyright licenses, and the holders shouldn't be mentioned, but thats >>>>> not the current project view. >>>>> >>>> >>>> The benefit to this is that by at least hunting down project leadership >>>> and getting an assertion and information about the copyright holder >>>> situation, a maintainer tends to improve clarity upstream. >>> >>> By "improve clarity", you mean "compile an accurate list of all >>> copyright holders"? Why is this useful information? >>> >>> Sure, we could also "improve clarity" by compiling a list of all the >>> cities in the world where some OpenStack code has been authored ... but >>> *why*? >>> >> >> If you don't know who the copyright holders are, you cannot know that >> the license being granted is actually enforceable. What if the Trove >> developers just found some repo lying out in the world and slapped an >> Apache license on it? We aren't going to do an ehaustive investigation, >> but we want to know _who_ granted said license. > > You know I think you're great, but this argument doesn't hold up. > > If the trove developers found some repo in the world and slapped an > apache license AND said: > > Copyright 2012 Michael Basnight > > in the header, and Thomas put that in debian/copyright, the Debian FTP > masters would very happily accept it.
I endorse this message. But seriously, the Trove team will take some time tomorrow and add copyrights to the files appropriately. Then ill be sure to ping zigo.
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ OpenStack-dev mailing list [email protected] http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
