Re: [IANA #616232] Registration of text/vnd.debian.copyright: a media type for machine-readable copyright files.

To: debian-policy@lists.debian.org
Subject: Re: [IANA #616232] Registration of text/vnd.debian.copyright: a media type for machine-readable copyright files.
From: Russ Allbery <rra@debian.org>
Date: Wed, 17 Oct 2012 20:08:08 -0700
Message-id: <[🔎] 87hapspjdz.fsf@windlord.stanford.edu>
In-reply-to: <[🔎] 20121018003605.GB29754@falafel.plessy.net> (Charles Plessy's message of "Thu, 18 Oct 2012 09:36:05 +0900")
References: <RT-Ticket-616232@icann.org> <20120829232528.GC2556@falafel.plessy.net> <87obltjmzw.fsf@windlord.stanford.edu> <20120910231018.GA18608@falafel.plessy.net> <87har5a1ce.fsf@windlord.stanford.edu> <20120911075026.GC14220@an3as.eu> <20120912004203.GD5638@falafel.plessy.net> <[🔎] 20121006024850.GA17141@plessy.org> <rt-3.8.8-5587-1350324063-1009.616232-6-0@icann.org> <[🔎] 20121018003605.GB29754@falafel.plessy.net>

Charles Plessy <plessy@debian.org> writes:

>> The syntax of the revision number needs to be specified: digits,
>> digits.digits, digits.digits-digits, whatever.
>  
> Given that the current revision number is 1.0, and that I do not
> think that we aim at updating the format frequently, I propose
> the following:

>   Optional parameters:
>   revision - the revision number of the specification (digits.digits).

Yup, that looks right.

>> You should also specify if there are any privacy/integrity
>> considerations here. I rather doubt that privacy is an issue for this
>> type, but there may be cases where integrity protection is desirable.

> I propose to add the following paragraphs.

>   The comment or license fields may be used to quote discussions where
>   redistribution terms have been clarified.  There is no formal
>   mechanism to signal that a proper permission has been given to quote
>   the discussion if it was private.

>   The machine-readable debian/copyright file format does not feature
>   mechanisms to ensure the integrity of the file.  Consider using secure
>   transport when needed.

> I am not sure how the first paragraph is needed.  What do you think ?

I think that's an obscure enough case that it's not horribly important.  I
would just say something like:

    This media type has no special privacy considerations.

For the last, I would add "or a digital signature" after "secure
transport," since if Debian ever needed to guarantee integrity of the
file, that's probably the mechanism that we'd use.

Thank you for doing this work!

-- 
Russ Allbery (rra@debian.org)               <http://www.eyrie.org/~eagle/>

Reply to:

Follow-Ups:
- Re: [IANA #616232] Registration of text/vnd.debian.copyright: a media type for machine-readable copyright files.
  - From: Charles Plessy <plessy@debian.org>

References:
- Registration of text/vnd.debian.copyright: a media type for machine-readable copyright files.
  - From: Charles Plessy <plessy@debian.org>
- Re: [IANA #616232] Registration of text/vnd.debian.copyright: a media type for machine-readable copyright files.
  - From: Charles Plessy <plessy@debian.org>

Prev by Date: Re: [IANA #616232] Registration of text/vnd.debian.copyright: a media type for machine-readable copyright files.
Next by Date: Bug#690495: Prohibit click-through licenses or disclaimers
Previous by thread: Re: [IANA #616232] Registration of text/vnd.debian.copyright: a media type for machine-readable copyright files.
Next by thread: Re: [IANA #616232] Registration of text/vnd.debian.copyright: a media type for machine-readable copyright files.
Index(es):
- Date
- Thread