Hi Manfred,


Below are my thoughts on your questions.


SPDX Legal Team – feel free to add or disagree with any of my suggestions.  
This may be a good topic for a call since the answers depend on the process 
used by the legal team going forward.



1. Should the license submitter be allowed to submit a license if he is not 
authenticated to online tools?


[G.O.] No – I don’t think we should require authentication since it would 
require some form of sign-up.  We should require them to fill in a name and 
email address so that we can follow-up and contact, but I would prefer to keep 
the submittal process as simple as possible.  We can always follow-up by email 
if are not sure of a submitter’s authenticity.

2. How should the legal team be notified? By email? If yes, can that email be 
"html" ?

[G.O.] Email to the spdx-legal distribution list would match today’s process.  
Suggest this be configurable in a configuration file to make it easy to change. 
 I’m thinking text format would be most universal – perhaps we could link to an 
HTML page for a better view of the submittal.

3. Shoudl the license submitter be allowed to modify his submission after we 
have checked and seen that there are no duplicate license files in the repo?

[G.O.] Allowing modifications would be nice to have as a feature.  If the 
modification was made after the initial session where the license request was 
submitted, we would need authentication to prevent other individuals from 
modifying the submittal.


These are all the questions I have for now. In case I have an doubts I shall 
let you know.



Spdx-legal mailing list

Reply via email to