Re: What to do when DD considers policy to be optional? [kubernetes]

To: debian-devel@lists.debian.org
Subject: Re: What to do when DD considers policy to be optional? [kubernetes]
From: Christian Kastner <ckk@debian.org>
Date: Thu, 26 Mar 2020 21:12:26 +0100
Message-id: <[🔎] 6ebf480e-02f6-9502-83dc-4186492f74f5@debian.org>
In-reply-to: <[🔎] CACujMDOMFY5-JYgeiCTYCOjM0WFaeHChjCaiAjuM8WA0rNkWXg@mail.gmail.com>
References: <[🔎] 6621155.inLKrcisiX@deblab> <[🔎] 87k13attg9.fsf@iris.silentflame.com> <[🔎] CAGsaWmP4O3ZqbbQRGF3Z076Aod=Y1Gd_QDWT+HqQrzYu+02E-w@mail.gmail.com> <[🔎] 20200324203716.kzypgt33y3n47v4y@yuggoth.org> <[🔎] 871rphqus8.fsf@hope.eyrie.org> <[🔎] 20200325010713.GA796247@bongo.bofh.it> <[🔎] 20200324203917.0bbe1d5f@toast> <[🔎] 87eethp3v6.fsf@hope.eyrie.org> <[🔎] 66e09484-fc61-26a3-3e9e-5739f643505e@debian.org> <[🔎] 69FB2213-C0F9-42BA-BB95-6058D8B5C7FC@kitterman.com> <[🔎] c9a221bb-064d-dbd7-93d5-c22de5640f86@debian.org> <[🔎] CACujMDOMFY5-JYgeiCTYCOjM0WFaeHChjCaiAjuM8WA0rNkWXg@mail.gmail.com>

On 26.03.20 19:57, Andrej Shadura wrote:
> An example: commercial users. They need to know *exactly* what they
> are running and under which licenses.

The only way to know that is by performing your own due diligence.

> They are often bound by regulations with heavy fines for violating
> them, and not only fines, but a threat of your product being banned,
> and that often means they want only specific licenses in their
> products.

There is no way whatsoever that a regulator, or a court, will accept
checking a single third-party file (debian/copyright), created by an
unpaid volunteer one has never even met, much less have a business
relation with, as proper due diligence in a copyright infringement case.

[Well, technically, you could use your own lawyer to perform the due
diligence and have them submit any necessary changes to the BTS, but I
think it's safe to assume that that is a theoretical example.]

Don't get me wrong, debian/copyright is certainly useful in general, but
the only value in a legal conflict I can see is for Debian, namely to
demonstrate our own compliance when distributing binaries (see Scott's
and Sean's replies).

Reply to:

Follow-Ups:
- Re: What to do when DD considers policy to be optional? [kubernetes]
  - From: Paul Wise <pabs@debian.org>

References:
- What to do when DD considers policy to be optional? [kubernetes]
  - From: Dmitry Smirnov <onlyjob@debian.org>
- Re: What to do when DD considers policy to be optional? [kubernetes]
  - From: Sean Whitton <spwhitton@spwhitton.name>
- Re: What to do when DD considers policy to be optional? [kubernetes]
  - From: Janos LENART <ocsi@debian.org>
- Re: What to do when DD considers policy to be optional? [kubernetes]
  - From: Jeremy Stanley <fungi@yuggoth.org>
- Re: What to do when DD considers policy to be optional? [kubernetes]
  - From: Russ Allbery <rra@debian.org>
- Re: What to do when DD considers policy to be optional? [kubernetes]
  - From: Marco d'Itri <md@Linux.IT>
- Re: What to do when DD considers policy to be optional? [kubernetes]
  - From: Michael Lustfield <michael@lustfield.net>
- Re: What to do when DD considers policy to be optional? [kubernetes]
  - From: Russ Allbery <rra@debian.org>
- Re: What to do when DD considers policy to be optional? [kubernetes]
  - From: Christian Kastner <ckk@debian.org>
- Re: What to do when DD considers policy to be optional? [kubernetes]
  - From: Scott Kitterman <debian@kitterman.com>
- Re: What to do when DD considers policy to be optional? [kubernetes]
  - From: Christian Kastner <ckk@debian.org>
- Re: What to do when DD considers policy to be optional? [kubernetes]
  - From: Andrej Shadura <andrew@shadura.me>

Prev by Date: Re: What to do when DD considers policy to be optional? [kubernetes]
Next by Date: Re: What to do when DD considers policy to be optional? [kubernetes]
Previous by thread: Re: What to do when DD considers policy to be optional? [kubernetes]
Next by thread: Re: What to do when DD considers policy to be optional? [kubernetes]
Index(es):
- Date
- Thread