What are consequences of "merger necessitates removal of ... packages due to licensing issues"
Bill Rugolsky Jr.
brugolsky at telemetry-investments.com
Mon Sep 22 17:39:11 UTC 2003
On Mon, Sep 22, 2003 at 09:31:15AM -0700, Randall J. Parr wrote:
> I am also concerned that this "open" project has made only these vague
> statements. This seems like a pretty major point and one which you'all
> should be up front about.
IANAL, but ...
I think that one should grant that any policy in this area is largely
the domain of lawyers, not engineers, and that it touches on areas
that are far from settled law. There will certainly have to be "3rd Party"
repositories, hosted in the (rapidly shrinking) free world.
Some mechanism will need to be used to find these repositories.
I imagine that it will have to be some sort of search facility, not a
static collection of links, or a hierarchical naming scheme like DNS,
in order to maintain an arms-length relationship. Otherwise, Red Hat
expose itself to charges of contributory infringement.
As a first step, I would suggest defining a repository link filetype,
akin to a torrent file, so that searches in Google or other engines
for (mp3 filetype:fedora) or similar return a useful link. (Use of
a filetype that can be verified by the search engine helps to avoid it
being hijacked for other purposes). Such a mechanism will also likely
require a GPG web-of-trust model for the repository keys, again, to
maintain an arms-length relationship while protecting package integrity.
Regards,
Bill Rugolsky
More information about the fedora-test-list
mailing list