-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Patrick W. Barnes wrote: > To a degree, we already do a lot to enable derivatives. Our licensing, > trademark guidelines, and packaging processes are all friendly to > derivatives. The issue at hand is whether or not we would be willing to > accept responsibility for providing the source code as required by the GPL > for a downstream distribution. I really don't think we should. I'm happy to > enable derivatives, but I don't think we should take any responsibility for > them. We also need to be very careful in establishing any sort of > relationship with specific derivatives. There are plenty of political and > liability concerns behind doing so. The moot issue might just be whether upstream Fedora has the means/methods/tools to validate that the binaries that are going into the derivative are in-toto from the upstream repos. The derivative distribution has the liability to produce sources for the binaries on demand - if they can substantially establish that the so-claimed upstream binaries packaged are no different from the ones obtained through Fedora repos they might just be able to deliver a derivative distribution. I am not suggesting that upstream take on the onus for providing the source, rather what I would like to know whether there can be a means for the derivative distributions to point to upstream sources as pristine and hence be able to (re)distribute them towards compliance. :Sankarshan ps; I am still looking into the earlier posts on this (MUA freakishness) so pardon me if I post to a closed issue -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFEu5nI+g4kmZ76nyERAtRWAJ9VtBDDTOKDb8LLWAIzRdvtZJje7QCffzzF BH8/lsqgWCKVtMiMqIBn5Eg= =2wWl -----END PGP SIGNATURE----- -- Fedora-marketing-list mailing list Fedora-marketing-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-marketing-list
