james-server-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stefano Bagnara <apa...@bago.org>
Subject Re: LICENSE/NOTICE/policies/ASF/law (Was: [jsieve] Any more TODO before 0.2 release?)
Date Thu, 19 Jun 2008 18:21:56 GMT
Robert Burrell Donkin ha scritto:
> On Thu, Jun 19, 2008 at 10:30 AM, Stefano Bagnara <apache@bago.org> wrote:
>> My understanding of something that belongs to LICENSE ended up in NOTICE
>> because Daniel Kulp and Me had different instructions or misunderstood Cliff
>> "directives".
> 
> cliff tends towards sublety (too long talking to lawyers, i think).
> categorical directives aren't his style.

That's why I used quotes, and "his style" is what created this ambiguity 
;-) A directive would have created a certain result, this way people 
keep asking what we have to do, most project put all the licenses in the 
LICENSE file, but Daniel placed license references in the NOTICE and it 
seems Cliff approved that work ;-)

>>>> You see I was in that thread too with many post about my opinions and
>>>> doubt
>>>> about mixing policies, legal requirements and personal preferences. I
>>>> still
>>>> have the same doubt I had before that thread.
>>>> From my understand each one ended up keeping his previous opinion and we
>>>> had
>>>> no new board "rules" from that.
>>> the board of the ASF set very few rules: the legal-affairs committee
>>> are charged with legal stuff with approval by the membership
>>>
>>>> I personally didn't reply to this:
>>>> http://markmail.org/message/mrbob6xo7c42bqh3
>>>> only because if it is true then I would resign from the PMC because I
>>>> don't
>>>> want to be liable for each commit made by others and we could skip the
>>>> release vote process at all because our repository would be always
>>>> releasable and we would need to vet each commit in RTC as a written rule
>>>> by
>>>> the board.
>>> the vote is to ensure that a release is official. this offers a
>>> measure of protection to release managers under most reasonable legal
>>> systems
>> I agree. But this would be nonsense
> 
> no: issuing a release is definitely an act of publication. in many
> legal systems, this makes a big difference.

Sorry.. maybe my poor english: "nonsense" was about the next sentence 
you quoted separately. Making a difference between what we have in svn 
and a release IMHO makes A LOT OF SENSE.
In fact I'm telling that we should care of releases and not of svn, and 
if svn is an issue we should hide it (or part of it) to the world :-)

>> if each PMC member is anyway responsible
>> at any time for what is in SVN.
> 
> depends on what you mean by responsible. the PMC is charged with
> oversight by the board so this is one responibility.
> 
> (perhaps you mean culpability)

Maybe, sorry but even a dictionary does not help too much with this 
terms: in italian they often are synonymous.

>> So, if SVN *is* an issue ASF should consider hiding it to the world and
>> allow each PMC to decide what sources to make public. If instead svn content
>> is not an issue then let's stop caring of it and let's talk about releases
>> :-)
> 
> that's not the way the world works. the PMC owes the board, the
> membership and and the public a reasonable duty of care. all that is
> required is that we do take care.

You missed a piece of sentence...

>>>> No single person will convince me ( :-) ) that a NOTICE file in a random
>>>> folder allow me to stop violating IP for a file in another random folder:
>>>> either you link them someway or the NOTICE file is useless.
>>>> The root folder of a redistributed package is clearly a special place, a
>>>> random parent folder in the svn repository is not so special to make you
>>>> liable or make you safe IMHO.
>>> examples are so-called attribution licenses which require attribution
>>> and movement of copyright notices on imported codebases
>> I agree that attribution should be given, but I don't agree that a NOTICE
>> file in a random unrelated folder that will not be seen downloading one file
>> of the imported codebase will make any difference.
> 
> attribution licenses are so called because they require more or less
> the above. yes, they are a PITA which is why they have become
> unfashionable.
> 
>> The ASF-ALv2 header tells people "see the NOTICE file distributed with this
>> work": if you download a single file from svn there is no "work" (or there
>> is no NOTICE in the "distribution").
> 
> the document is the work. subversion is the distribution mechanism.
> (and yes apache spent years working through this and other matters
> with lawyers)

Ok, so there is no NOTICE file within the work, because the work is the 
fiel that should be referred in the NOTICE file.

If instead you create an archive and inside the archive you have both 
the "single file" and the NOTICE then there is a NOTICE file distributed 
with the work.

Otherwise if the fact that a file in a folder of an http server 
(subversion is not different from it) and another NOTICE file is in a 
different folder means that it is "distributed with" the first file 
simply because it uses the same distribution mechanism and the same 
source then this would be a big issue, because if we have a GPL file in 
the same server every other file from the same server will be hit by the 
GPL virality: fortunately people (lawyers) already agreed that this is 
not the case.

>> "apache asks that projects": who is "apache" in this sentence?
>> Apache License? ASF members? ASF committers? ASF legal-affair? ASF board?
> 
> apache is the apache software foundation
> 
> i was just trying to explain the reasoning behind the policy (as i
> understand it)

Sorry but what I meant is that a foundation does not speak :-) so 
someone/somewhat have to speak in place of the foundation.
Once I'll know who "asks that projects" I know who I have to talk with 
if I want him to ask something, or something different ;-)

>>>> BTW I am only one more troll in the repeating NOTICE/LICENSE flame. I
>>>> would
>>>> simply like to have the board publish clear RULES about what ASF
>>>> committers
>>>> HAVE TO do regarding releases and svn, and what behaviour/solutions are
>>>> policies to be defined by single PMCs. I would keep my opinion on what is
>>>> legally required or not, but I would for sure follow the board
>>>> requirements.
>>> apache believes in self-governing communities. this is why the board
>>> does not impose rules from above. i've been involved in the legal side
>>> at apache for several years now, and the sad truth of the matter is
>>> that copyright and trademark law are not really suitable for a set of
>>> simple rules to follow.
>> Ok, but people take care to come here and tell what is wrong in our
>> distribution, referring to what MUST BE done instead.
> 
> i'm not sure i'd put it quite as strongly as that

Sure, don't take me so "hard" as I seem: I just want to understand and I 
hate when I think I understood something and instead history keeps 
repeating with topics revamped over and over again.
The *fact* is that most ASF committers do not understand this matter and 
most ASF committers do not even care for this while the *problem* is 
that there is too many committers spreading personal preferences as 
LAWS/RULES/POLICIES when they are not ;-)

>> I'm am in the JAMES PMC, so, if people tell the JAME PMC what MUST be done
>> then I think there is something above the JAMES PMC: either it is some law
>> for some jurisdiction I should care about or it is some entity in the ASF:
>> if it is not the board then the board itself should tell us what is the
>> entity entitled in telling us what we MUST do.
>>
>> BTW we know there is some "ASF wide"-policy: who define it, where are
>> written and what is the process to discuss changes or disambiguate issues?
>> Either the board define them, or there is a community/members process in
>> place.
> 
> members appoints and oversees the board. the board appoints committees
> from the membership to deal day to day with some matters. in this
> case, the policy is set by infrastructure and legal-affairs
> committers. changing policy means lobbying these committees who will
> then consider proposals and take them to the membership. i'm a member
> and on the legal-affairs committee but IIRC i haven't spoken with that
> hat on in this forum.

THANK YOU! This is a first step.

here: http://www.apache.org/foundation/ i see:
"V.P., Legal Affairs 	Sam Ruby"
On www.apache.org I cannot find who are "committers" for 
"infrastructure" and "legal-affairs", but at least I have a "V.P."..

In this page: http://people.apache.org/~jim/committers.html
I find "legal" and "infrastructure" groups.

legal
----
Jason Schultz
Karen Sandler
Robyn Wagner Esq
(weird Sam Ruby is not there... ?)

infrastructure have a lot more members
then there is infrastructure-interest and infrastructure-adminsearch: 
what is the right group?

You are not in "infrastructure" but in "infrastructure-interest": does 
it mean that "infrastructure-interest" is the right one (as you say that 
you are in this group) or Jim's committer page is not the right place to 
look for this?

> please read http://www.apache.org and http://www.apache.org/dev for
> more information

I read most of that stuff multiple times.. Maybe I'm lazy but I didn't 
found a clear explanation like the one you wrote in your previous 
sentence (even if I now need to know who is behind "Legal Affairs" and 
"Infrastructure")!
If it is there and I didn't find it then blame me, but if this is not 
there then it should definitely been added somewhere: I'm not a member 
but I bet many ASF members don't know this :-)

The only thing I find is:
http://www.apache.org/foundation/how-it-works.html#structure
----
The foundation is governed by the following entities:

     * Board of Directors (board) governs the foundation and is composed 
of members.
     * Project Management Committees (PMC) govern the projects, and they 
are composed of committers. (Note that every member is, by definition, 
also a committer.)
-----
No references to "Legal Affairs" or "Infrastructure" :-(

The whole bylaws document do not reference "Legal Affairs" or 
"Infrastructure" :-(

Reading that stuff I was convinced there was the Board and the project 
PMCs, that's why I kept talking about JAMES PMC and the Board and no one 
else! ... I understand from your words that there is much more than what 
I read on apache website... and I'm interested in learning it.

Stefano


---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org


Mime
View raw message