[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: FTP Team -- call for volunteers

Alexis Murzeau <amubtdx@gmail.com> writes:

> If it's just about legal risk, couldn't the responsibility of the
> right to redistribute of the uploaded software be moved on the
> uploader instead ?

How well does that work if someone outside the USA uploads software to
this USA based server which is legal in their own jurisdiction, but
falls foul of US law either by being on the server, or perhaps by being
distributed or (re)exported, say.

ISTR that uploading the ssh binaries from the UK seemed likely to
involve me crossing one or other of those lines back in the days of the
non-US archive (what with the RSA patent, and the export restrictions on
crypto at the time).

I know times have changed, but are we not still notionally informing
someone of every package that goes through NEW?  Telling them (perhaps
in a queued email that doesn't get sent any more) that each and every
package in Debian may well include crypto at some future date, if it
doesn't already, and declaring an initial point of distribution.

I would suspect that we might want to check that technical changes to
this process remain compatible with the paperwork, because the paperwork
may well be harder to change than the technology, and keeping the
paperwork in good working order may be a useful shield if some
capricious maniac ever managed to be in charge of things.

Cheers, Phil.
|)|  Philip Hands  [+44 (0)20 8530 9560]  HANDS.COM Ltd.
|-|  http://www.hands.com/    http://ftp.uk.debian.org/
|(|  Hugo-Klemm-Strasse 34,   21075 Hamburg,    GERMANY

Attachment: signature.asc
Description: PGP signature

Reply to: