copyright file and non-secure URL's

To: debian-devel@lists.debian.org
Subject: copyright file and non-secure URL's
From: Vincent Lefevre <vincent@vinc17.net>
Date: Wed, 18 Jun 2014 16:10:19 +0200
Message-id: <[🔎] 20140618141019.GA21518@ypig.lip.ens-lyon.fr>
Mail-followup-to: debian-devel@lists.debian.org

The Debian Policy Manual on

  https://www.debian.org/doc/debian-policy/ch-docs.html#s-copyrightfile

says:

  12.5 Copyright information

  [...]

  In addition, the copyright file must say where the upstream sources
  (if any) were obtained, and should name the original authors.

But I wonder whether it is a good idea to promote only non-secure URL's
to the source (at least if there are no associated signtures), as some
packages do. One may also wonder whether the package maintainer has
used such a URL to download upstream's source. For instance, for libc6,
/usr/share/doc/libc6/copyright contains:

--------
It was put together by the GNU Libc Maintainers <debian-glibc@lists.debian.org>
from <svn://svn.eglibc.org>
--------

-- 
Vincent Lefèvre <vincent@vinc17.net> - Web: <https://www.vinc17.net/>
100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/>
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)

Reply to:

Follow-Ups:
- Re: copyright file and non-secure URL's
  - From: Lars Wirzenius <liw@liw.fi>

Prev by Date: Re: Unicode 7.0 released - some packages contain outdated embedded data copies
Next by Date: Re: copyright file and non-secure URL's
Previous by thread: Re: Unicode 7.0 released - some packages contain outdated embedded data copies
Next by thread: Re: copyright file and non-secure URL's
Index(es):
- Date
- Thread