On 10/28/2013 07:47 AM, Jeremy Stanley wrote: > There wouldn't really be any way to enforce anything with this, it > would only be best-effort on behalf of the CCLA signatories.
This I understand and I think best-effort is good enough, as I can't see of any way we can force people that commit code/translations/docs for a company to sign icla and ccla without preventing non-affiliated people to contribute, too. > Also, > the way Gerrit CLAs work, either we'd have to make the CCLA open to > anyone to sign (which could be used as a loophole to submit changes > to Gerrit without signing the ICLA, since CLA enforcement simply > requires that some CLA, any CLA, has been agreed to), or we'd have > to set the CCLA require approval (which as we've seen with the > USGCLA makes it more likely people with a tenuous grasp of English > try to sign it instead of/in addition to the ICLA and then can't > submit changes until someone clears their attempt from the DB). Probably then we should keep the notion of the CCLA in the User/Member database then? The manager of the CCLA would click-sign the agreement on our site, we keep the historic record of that signature and the manager herself declares who works for her, authorized to commit. It would still not prevent people to commit code without a CCLA but I htink it would improve the situation. What do you think? /stef -- Ask and answer questions on https://ask.openstack.org _______________________________________________ OpenStack-Infra mailing list [email protected] http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-infra
