lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Sat, 08 Dec 2012 11:22:57 -0500
From:	"W. Trevor King" <wking@...mily.us>
To:	Alan Cox <alan@...rguk.ukuu.org.uk>,
	Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Cc:	"Luis R. Rodriguez" <mcgrof@...not-panic.com>,
	Arend van Spriel <arend@...adcom.com>,
	Linus Torvalds <torvalds@...ux-foundation.org>,
	linux-kernel@...r.kernel.org,
	Alexey Dobriyan <adobriyan@...il.com>,
	Jim Meyering <meyering@...hat.com>,
	Junio C Hamano <gitster@...ox.com>,
	Miklos Vajna <mszeredi@...e.cz>,
	Paolo Ciarrocchi <paolo.ciarrocchi@...il.com>,
	Ramkumar Ramachandra <artagnon@...il.com>,
	Willy Tarreau <w@....eu>, Zac Storer <zac.3.14159@...il.com>
Subject: Re: Streamlining Developer's Certificate of Origin, Signed-off-by tag

On Wed, Nov 21, 2012 at 12:10:43AM +0000, Alan Cox wrote:
> > Not just a separate document but project / github / whatever given
> > that other projects are referring to it now, and we stand to gain more
> > in the community by streamlining it more and making it ubiquitous.
> 
> Cutting and pasting it somewhere works (subject to whatever licensing
> it may have itself), as does having a list and a location for a copy, but
> you still want it in the tree proper.

For easy inclusion (preserving history), I've pulled out commits for
the DCO and related Signed-off-by documentation from Linux and Git
into a new repository [1].

On Sat, Nov 24, 2012 at 09:25:15AM -0500, W. Trevor King wrote:
> So.  What license is the DCO distributed under and who holds
> copyright?

The Git project did some similar copying of the DCO into a new project
[2] and is (like the kernel) distributed under the GPLv2 exact.  To be
consistent with this, I've also released the new signed-off-by
repository under the GPLv2 exact.  If you're using a GPLv2 exact
project, you can merge the `signed-off-by` branch into your project
directly.

Because many projects that are not GPLv2 may still want to use the
DCO/s-o-b approach, I've included an example CONTRIBUTING file (and
CONTRIBUTING.md for GitHub) that are licensed under the very
permissive Creative Commons CC0 1.0 Universal.  Merge the
`contributing` or `contributing-github` branch into your project and
edit as you see fit.  For an example, see the GPLv{2,3} rss2email [3].

Cheers,
Trevor

[1]: https://github.com/wking/signed-off-by
     https://github.com/wking/signed-off-by.git
     git://github.com/wking/signed-off-by.git
[2]: https://github.com/gitster/git/commit/314082512403f7f6969cc6d5ded4a48c68a9962e
[3]: https://github.com/wking/rss2email/

-- 
This email may be signed or encrypted with GnuPG (http://www.gnupg.org).
For more information, see http://en.wikipedia.org/wiki/Pretty_Good_Privacy

Download attachment "signature.asc" of type "application/pgp-signature" (837 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ