IETF Logo Mail Archive

Re: [Ietf-and-github] Mail regarding draft-ietf-git-github-wg-configuration, section 3.1 (Contributions)

Stephan Wenger <stewe@stewe.org> Tue, 05 March 2019 18:46 UTC

Return-Path: <stewe@stewe.org>
X-Original-To: ietf-and-github@ietfa.amsl.com
Delivered-To: ietf-and-github@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C360B12F1A5 for <ietf-and-github@ietfa.amsl.com>; Tue, 5 Mar 2019 10:46:05 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=steweorg.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ktBSw85bgPVR for <ietf-and-github@ietfa.amsl.com>; Tue, 5 Mar 2019 10:46:03 -0800 (PST)
Received: from NAM01-SN1-obe.outbound.protection.outlook.com (mail-eopbgr820100.outbound.protection.outlook.com [40.107.82.100]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B7E6B12F19D for <ietf-and-github@ietf.org>; Tue, 5 Mar 2019 10:46:03 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=steweorg.onmicrosoft.com; s=selector1-stewe-org; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=8lZMymQpnBK8XLj3en69OXBSm4zKT5a6vRZ6iDxl5Ls=; b=vv7CwJiJNlC9hoaDamDnaK4yVNy3DAhdmrz+Zc6byI+OO+rvF0hnJkdzgvovw1szKWpY7jxMRwQeBlWlv29vb3UrfkjhpCFe4avo/ghBjoHmsemM3IF5EslLRPNb1H8ulmKZkSqNrq6DgYTLxlGQEDOhQUHM0vwUSBwhcdXc69w=
Received: from MWHPR17MB1503.namprd17.prod.outlook.com (10.173.241.21) by MWHPR17MB0990.namprd17.prod.outlook.com (10.173.121.20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1686.16; Tue, 5 Mar 2019 18:45:59 +0000
Received: from MWHPR17MB1503.namprd17.prod.outlook.com ([fe80::20e7:159:4ecb:8902]) by MWHPR17MB1503.namprd17.prod.outlook.com ([fe80::20e7:159:4ecb:8902%8]) with mapi id 15.20.1665.020; Tue, 5 Mar 2019 18:45:59 +0000
From: Stephan Wenger <stewe@stewe.org>
To: "Salz, Rich" <rsalz@akamai.com>, Martin Thomson <mt@lowentropy.net>, "ietf-and-github@ietf.org" <ietf-and-github@ietf.org>
Thread-Topic: [Ietf-and-github] Mail regarding draft-ietf-git-github-wg-configuration, section 3.1 (Contributions)
Thread-Index: AQHU04EorZybyxiYGE28QXQ0pfZcEaX82jkA
Date: Tue, 05 Mar 2019 18:45:59 +0000
Message-ID: <05D64B3D-8FB9-4AE8-8BE7-9D0996B59E39@stewe.org>
References: <C29868B2-6489-4D3C-A57F-4A6A52CA72B3@contoso.com> <c99214a2-40ee-41dd-a4dc-e361d56771cd@www.fastmail.com> <4D3661B2-5083-48F5-8D52-079E90ED9C0D@stewe.org> <12778523-2a7f-492c-bb2c-9e234980594d@www.fastmail.com> <75E45066-B654-4334-BD02-690404C73BF6@stewe.org> <E4B655B7-CE33-486F-B5DF-282FE89E3BDF@akamai.com>
In-Reply-To: <E4B655B7-CE33-486F-B5DF-282FE89E3BDF@akamai.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=stewe@stewe.org;
x-originating-ip: [66.201.43.226]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 7ea47f49-b899-42fc-0fc5-08d6a19acf84
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(7021145)(8989299)(4534185)(7022145)(4603075)(4627221)(201702281549075)(8990200)(7048125)(7024125)(7027125)(7023125)(5600127)(711020)(4605104)(2017052603328)(7153060)(7193020); SRVR:MWHPR17MB0990;
x-ms-traffictypediagnostic: MWHPR17MB0990:
x-microsoft-antispam-prvs: <MWHPR17MB09907D729944B37DCC6CB743AE720@MWHPR17MB0990.namprd17.prod.outlook.com>
x-forefront-prvs: 0967749BC1
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(39830400003)(376002)(346002)(366004)(396003)(136003)(199004)(189003)(6506007)(11346002)(3846002)(68736007)(53936002)(66066001)(36756003)(102836004)(6512007)(6116002)(486006)(5660300002)(81156014)(86362001)(2616005)(26005)(186003)(82746002)(446003)(105586002)(106356001)(8936002)(8676002)(476003)(33656002)(81166006)(71190400001)(71200400001)(83716004)(2906002)(7736002)(25786009)(305945005)(14454004)(6246003)(93886005)(508600001)(97736004)(99286004)(2501003)(6486002)(6436002)(76176011)(316002)(229853002)(110136005)(256004)(14444005)(5024004); DIR:OUT; SFP:1102; SCL:1; SRVR:MWHPR17MB0990; H:MWHPR17MB1503.namprd17.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:0; MX:1;
received-spf: None (protection.outlook.com: stewe.org does not designate permitted sender hosts)
x-microsoft-exchange-diagnostics: 1;MWHPR17MB0990;23:gQHjHtIjBPEv10h53w9fStfbw167lcofVdViy6g+0lcgqk0dAOQVVcyrdGd3l36mqh2Rc8wSk330b0SuyppjNJg4d0mMYb0PK+92DRPAEpD7v4ctzafQOLuNmtkmY3ueovvFp0BbDzSF6wiviUxsOjHjEPAXGdCckdOjrllt7LXW7mxPor5jhpcW2jOAU52ZKgJIWpW2XRMRK4TYmox0f8daJA8dA7tKk6mfYFhfP/twf7jtpquK57Yx2H9zZpxswebwVwAFDIVgwyLMW6tchH1q+oA7ado1A501kZg5Mj9wQkYFZaI9Wau0k9Y1sdYAegWPxHDXQuBbPOjFjcStV8YNM5itZsiGI6n3RKGJqQZyK7rs8EeKTQOx0JYuGbxsoX+BsoYp1eLQweOjqk8vI18QcKTDUkDAhEn7lNF64D2xEfuFVLbLz4wa7HJfGbaV1vkxS8P0tRCFiQ1D5WrAHpCJGkc/jr5uffomEikkQvAVyHYgI9YkfwA/3hk3VFHsybVhydzKADKIK0FI1vLyxwMW+L7OvD4En5oLvSWgXlilYscpw2GxUw+XFOvxL4LmxPcZSWXis2zU5rmumvTNm7JyibhAC/V+P2gZaQPA4OCy+NzLRO1Fz6eO4zI6UODt3kRZ+yhn/rWTeAEDJ/iLykKJGzp54D6YOgaPk6pUSI9VW2E4646s60NmFukNPBmP8++LTAzSduT5d/009OjwWIeXTIQeNIDE4tnn19OW3w6OqsQY3JIUnOxR1DDK2uYwq2u/TBRepyV8rqCBlWlSU28c1gTej+8FXY46Hri6Aer5Ao60ZNAL2bLS6yTZ3E9jx6rOK9uZht7VoMvqlizA/JM1/gy9upfFT2IstNXdYs4tLxrLhsdIkALfxdIN+Q/JEwFc6MIA5092XHcdvV8q+fZ1Eb0yYwuGPwKPN9J8ZUZRG/Q2u7xHYapKWpg+IVzZaSn7CxAmN8ixbgSGkg4upmOX/tn9CE5AD4YuOBQ7wrhHnJ4U1tGB9DMbzF99hCpvxkM7+oq+A7EizJ2QrW9aMZnWmoEX6W2ef3qPaPLyR54Lu+9QdjtORofQUtL0Zr/sNApjMFlNDW4DHOiIbwQ1DdNL4jdOq9M4wpbLWzJ3ERVYDgqK59rjR6uQEtEA/jvpmrQrUyo+zARC2WfTPrwhcdud8sjHPwk3nMOm4XQZdTji9o7LAgc8ToAbohM9FiqcEQ8RnIMgIbTLGD5u0VbOxxZ1SwhjkX01gGwNuw/KvCUx+o8EIgro31sAof1SgOx3
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: yNiFgBz1bV/apUVC++Mq7N1sMCNXLUEAXQP6UrkUQgZQAnGyn7m3epXMqWoZsFFYcm2VQWjS6C8zoKpG9Jy9hTExr+VpQ+dpTqd+HARUHew1mRG7zaVi38WjIUs5g2LD/Hvpqe5Pw7VEmsv6T4n+LjIf6losaS+5OUAqFYDm8bxOiNnQJUDUHgPmHUh8TlRmm/lkKwX44KB0RWoGGGbL4Kcnump2D9ybOiimWvTpCfNm9uKekMxj2gP7u7t0yzvjtzDJe8aAGXi71sxo8y7QBGNDtyEuSChYG2RyjXPhXOzWQpYa3FAGwI819E25XV/tnAl3tjXfRCYI5kwSNt+In/aui2DR5tn4ZbE9eLK8lBVNrA0/pBXMdwigUf4S8ylzn+QaqyVkVWIziIAT2TOJ2S1C2Z6QBF53pOKAq479Il0=
Content-Type: text/plain; charset="utf-8"
Content-ID: <F035271D11A3664D868FD1C2A7F61396@namprd17.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: stewe.org
X-MS-Exchange-CrossTenant-Network-Message-Id: 7ea47f49-b899-42fc-0fc5-08d6a19acf84
X-MS-Exchange-CrossTenant-originalarrivaltime: 05 Mar 2019 18:45:59.6526 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 865fc51c-5fae-4322-98ef-0121a85df0b6
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR17MB0990
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-and-github/Pnu4l3o0RLmr152kA6E5bmxsUoc>
Subject: Re: [Ietf-and-github] Mail regarding draft-ietf-git-github-wg-configuration, section 3.1 (Contributions)
X-BeenThere: ietf-and-github@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discussion of using GitHub in IETF activities, particularly for Working Groups" <ietf-and-github.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-and-github>, <mailto:ietf-and-github-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-and-github/>
List-Post: <mailto:ietf-and-github@ietf.org>
List-Help: <mailto:ietf-and-github-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-and-github>, <mailto:ietf-and-github-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 05 Mar 2019 18:46:06 -0000

Hi Rich,
No, I fear it's not OK.  See below.
Stephan

On 3/5/19, 10:27, "Salz, Rich" <rsalz@akamai.com> wrote:

    > but I see plenty of personal repositories with drafts sitting in them that accept issues and pull requests but don't have any notices attached.
    
    Isn't that okay?  Presumably when the submit the document to the IETF datatracker, they are accepting the IETF copyright and intellectual property requirements.  

StW: Who's "They"?  The submitters, right?    Assume there are 10 people contributing on GitHub, three named editors,  seven guys contributing through GitHub, and one of the editors finally submits to the IETF machine.  Clearly, the submitter is under BCP79.  The (named) editors, perhaps.  (Perhaps not.  Haven't done that analysis.)  But the other seven, who may have never seen a Note Well, and could perhaps convincingly argue in a courtroom that they didn't know that they have a disclosure obligation under BCP79?  What if one of them is nice and competent enough to be accepted into the gang, but has malicious intent?  With the perhaps only sanction being bad reputation in the community?  
There's a reason why most sane open source projects make you sign a CLA before they accept anything into their repository.  I'm arguing we need something similar, or at least need text in the subject draft that tells folks that they enter a minefield if they are not careful.

 If folks choose to collaborate with an individual, trusting that the right thing will be done, who can stop them?  Prior to that, consider it as a dual-licensed thing if you want.

StW: I agree there's always a risk.  Private communication can be done today.  However, the current toolchain generally discourages such individualism--more often than not people are ask to propose text in writing, on the IETF mailing lists--whereas private GitHub repositories would almost encourage such behavior (as it may be seen as more lightweight and friendly than posting to an IETF list).  
Further, I argued before that a more heavy-handed approach may be the best, though that's out of scope.
Another point: your remark regarding dual licensing seems to suggest that you think here in the copyright dimension.  There may be a risk in that dimension as well, but it's dwarfed by the patent related risks.  With patent IP in mind, your "dual licensing" remark does not make sense to me.

v2.23.0 | Report a Bug | By Email