Below are my thoughts on your questions.
SPDX Legal Team – feel free to add or disagree with any of my suggestions.
This may be a good topic for a call since the answers depend on the process
used by the legal team going forward.
1. Should the license submitter be allowed to submit a license if he is not
authenticated to online tools?
[G.O.] No – I don’t think we should require authentication since it would
require some form of sign-up. We should require them to fill in a name and
email address so that we can follow-up and contact, but I would prefer to keep
the submittal process as simple as possible. We can always follow-up by email
if are not sure of a submitter’s authenticity.
2. How should the legal team be notified? By email? If yes, can that email be
[G.O.] Email to the spdx-legal distribution list would match today’s process.
Suggest this be configurable in a configuration file to make it easy to change.
I’m thinking text format would be most universal – perhaps we could link to an
HTML page for a better view of the submittal.
3. Shoudl the license submitter be allowed to modify his submission after we
have checked and seen that there are no duplicate license files in the repo?
[G.O.] Allowing modifications would be nice to have as a feature. If the
modification was made after the initial session where the license request was
submitted, we would need authentication to prevent other individuals from
modifying the submittal.
These are all the questions I have for now. In case I have an doubts I shall
let you know.
Spdx-legal mailing list