Relaxing the need for copyright assignments

Werner Koch wk at gnupg.org
Thu Apr 12 15:20:19 CEST 2012


On Thu, 12 Apr 2012 12:01, phcoder at gmail.com said:
> On 12.04.2012 11:49, Werner Koch wrote:
>>   license; thus we can't accept any code under the LGPLv2(only).
> LGPLv2-only is compatible with GPLv2+ and GPLv3+:

Yes, it is compatible, but it would inhibit us to change to LGPLv3.

> This could allow to check that noone attempts to impersonate an already
> known contributor. While legally having almost no effect it may have

Yes, sure.  However if you start to implement something like this, you
end up writing a policy, implement checks and do all other kind of
security business.  And that only to have a little bit of trust in the
provenience of the code.  For example I rarely check signatures; the
context of a discussion is much more relevant to me.

> other advantages like enhancing code trustworthiness if it comes from
> well-known contributor but it doesn't replace the code review.

What about a suggestion to send signed patches?  This would be a
diversion from the Linux rules but I don't have a problem do handle
signed mails.


Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.




More information about the Gcrypt-devel mailing list