Hi Gary, Manfred, We discussed this on the legal call today. See responses below:
Also, in regard to this statement in the proposal: "Additional, optional useful features could include comparing the license text to existing licenses to avoid duplication, allow demarking optional text and tracking the approval status.” - can we make this part of the proposal, not simply optional? Checking for matches is key - perhaps this could tie into building off of / improvements to the existing Check License tool? http://13.57.134.254/app/check_license/ <http://13.57.134.254/app/check_license/> thanks, Jilayne SPDX Legal Team co-lead opensou...@jilayne.com > On Mar 13, 2018, at 5:44 PM, <g...@sourceauditor.com> > <g...@sourceauditor.com> wrote: > > Hi Manfred, > > Below are my thoughts on your questions. > > SPDX Legal Team – feel free to add or disagree with any of my suggestions. > This may be a good topic for a call since the answers depend on the process > used by the legal team going forward. > > > 1. Should the license submitter be allowed to submit a license if he is not > authenticated to online tools? > > [G.O.] No – I don’t think we should require authentication since it would > require some form of sign-up. We should require them to fill in a name and > email address so that we can follow-up and contact, but I would prefer to > keep the submittal process as simple as possible. We can always follow-up by > email if are not sure of a submitter’s authenticity. agree this is the right approach > 2. How should the legal team be notified? By email? If yes, can that email be > "html" ? > [G.O.] Email to the spdx-legal distribution list would match today’s process. > Suggest this be configurable in a configuration file to make it easy to > change. I’m thinking text format would be most universal – perhaps we could > link to an HTML page for a better view of the submittal. our email list host strips HTML in the archives. Could we have an automated email go to the legal SPDX mailing list with a link to the pull request that has been generated by the tool? This should have an obvious subject line. Keep it simple. > 3. Shoudl the license submitter be allowed to modify his submission after we > have checked and seen that there are no duplicate license files in the repo? > [G.O.] Allowing modifications would be nice to have as a feature. If the > modification was made after the initial session where the license request was > submitted, we would need authentication to prevent other individuals from > modifying the submittal. once the tool generates a pull request in Github, we presume that modifications can be made to the PR as per the usual Github process. That is fine. > > These are all the questions I have for now. In case I have an doubts I shall > let you know. > > Thanks. > _______________________________________________ > Spdx-legal mailing list > Spdx-legal@lists.spdx.org <mailto:Spdx-legal@lists.spdx.org> > https://lists.spdx.org/mailman/listinfo/spdx-legal > <https://lists.spdx.org/mailman/listinfo/spdx-legal>
_______________________________________________ Spdx-legal mailing list Spdx-legal@lists.spdx.org https://lists.spdx.org/mailman/listinfo/spdx-legal