lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20080730164056.GB8283@mit.edu>
Date:	Wed, 30 Jul 2008 12:40:56 -0400
From:	Theodore Tso <tytso@....edu>
To:	Alan Cox <alan@...rguk.ukuu.org.uk>
Cc:	Jon Smirl <jonsmirl@...il.com>, davids@...master.com,
	Stefan Richter <stefanr@...6.in-berlin.de>,
	"Linux-Kernel@...r. Kernel. Org" <linux-kernel@...r.kernel.org>
Subject: Re: 463 kernel developers missing!

On Wed, Jul 30, 2008 at 04:14:08PM +0100, Alan Cox wrote:
> > > The GPL doesn't trump data protection law. It can't.
> > 
> > By making a submission to a GPL'd project didn't you grant a license
> > for your data to be used? That was Ted's point when he posted the
> > developer's certification.
> 
> Data protection law trumps the GPL. The fact my address is public does
> not give you the rights globally to process it.

Yes, but when you submit patches using the required Signed-off-by:,
you are agreeing to the following from the Developer's Certification
of Origin:

	(d) I understand and agree that this project and the contribution
	    are public and that a record of the contribution (including all
	    personal information I submit with it, including my sign-off) is
	    maintained indefinitely and may be redistributed consistent with
	    this project or the open source license(s) involved.

How this interacts with Europe's Data Protection Law, and whether
correcting spelling errors in e-mail addresses to make it easier to
canonicalize the list is consistent with what is allowed by the GPL,
Europe's Data Protection Law, and the permission given when a
developer's signs the DCO's, is probably not worth debating on LKML.
Let someone file a complaint with the EU who can try to arrest Jon
Smirl the next time he enters Europe, or get him extadicted to the
Hague for violations against international law if they really think
they can justify it, argue about whether they can do so in other
forums; if you put a beer in my hand, maybe I'd even be willing to
debate it in a bar at some future conference.  But does it really make
sense to argue about it here?

						- Ted

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ