Re: [Ietf-and-github] Mail regarding draft-ietf-git-github-wg-configuration, section 3.1 (Contributions)
"Brad Biddle" <brad@biddle.law> Tue, 05 March 2019 06:12 UTC
Return-Path: <brad@biddle.law>
X-Original-To: ietf-and-github@ietfa.amsl.com
Delivered-To: ietf-and-github@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8F07F130FB5 for <ietf-and-github@ietfa.amsl.com>; Mon, 4 Mar 2019 22:12:02 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.9
X-Spam-Level:
X-Spam-Status: No, score=-101.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, URIBL_BLOCKED=0.001, USER_IN_WHITELIST=-100] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=biddle-law.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SQ6KtrN2U8ci for <ietf-and-github@ietfa.amsl.com>; Mon, 4 Mar 2019 22:11:59 -0800 (PST)
Received: from mail-pg1-x535.google.com (mail-pg1-x535.google.com [IPv6:2607:f8b0:4864:20::535]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 73643130FB2 for <ietf-and-github@ietf.org>; Mon, 4 Mar 2019 22:11:59 -0800 (PST)
Received: by mail-pg1-x535.google.com with SMTP id b2so4873900pgl.9 for <ietf-and-github@ietf.org>; Mon, 04 Mar 2019 22:11:59 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=biddle-law.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=rECAtL8c4uWMWuHurJH4Ff9fiRMIsvAaW75UqHBfY50=; b=xzTSpCHWoTuPjMjmKzsXzZ43wg+y1ScsyuBFMl8xFrkR48yg8nzA2u7bEoNbP6529D UDQFvpxRpPe2sXC4e0vFIJ4RBhQMpdi8J9DrTc8sqRCU8dhHCxjEH460sfNmts5h1cOx GIp+pF4mU5mVY3/w+6b89OoG47kO7HAVvCcutoWZF/GArrkXLPFcn1Fkxgs+Hx4yVCzE XJ+WI7+yovqk9ehqglFzXVXTyF30e9gToAE2M3QnCMGRzGbysJuTH1DWIg6JReWiNqJo nmM+XhO1vyZTjVPZ1iTwYaRNkrtR0VWqNpGXm2SPrcxp+S2OTSB5uirCxoTbcuEPFwVE iUDA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=rECAtL8c4uWMWuHurJH4Ff9fiRMIsvAaW75UqHBfY50=; b=Kp3U1qGzYcJlxoXbPNRTwP1S7D/XkCuQL56D3LZlhl+qxCSTXXUHLCie8qNqr5Xq4q KBFgfJpeBn64onxAEF9NZTToDiXDk5pGSAvhcUlODnB1LFciqRKtWEC6WVlPl+0aFbn6 PowTeAJsdhlXPGM3q37yBDlkloF1D+EbCCbR57r5m69k2id5kx3X4qBZ/ljZNv3MqQcf Mjgb4tjfoQYNAv2nSJhfhnj6Oah6+oE35GNfUHX/ZjOmJA6CiuynObfhBeFXDRerKXju 1M1YGKQUQpNBwZR7LCJlVeeCjFy2kp0EIfQoZ42M2oGd+IPkIQWS22TCURPhzEjQuX// J9eg==
X-Gm-Message-State: APjAAAU/1M1vcCM3HPyqyEGPvE2TSBeEH+M3UeUr81GEYEZogRdR6B7D FY5OisMTIhYFBJ09FhwKDpsRIg==
X-Google-Smtp-Source: APXvYqxWsCqlIKVmUshlR5pkXCUUQGoVBTQeEblEmpuAUHlmoghj3nCJgV3ytbFctxAMcfY330wFrA==
X-Received: by 2002:a63:80c7:: with SMTP id j190mr21366153pgd.357.1551766318458; Mon, 04 Mar 2019 22:11:58 -0800 (PST)
Received: from [192.168.86.23] (c-76-115-0-16.hsd1.or.comcast.net. [76.115.0.16]) by smtp.gmail.com with ESMTPSA id p11sm21910238pfi.10.2019.03.04.22.11.56 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 04 Mar 2019 22:11:57 -0800 (PST)
From: Brad Biddle <brad@biddle.law>
To: Stephan Wenger <stewe@stewe.org>
Cc: Martin Thomson <mt@lowentropy.net>, ietf-and-github@ietf.org
Date: Mon, 04 Mar 2019 22:11:55 -0800
X-Mailer: MailMate (1.12.4r5594)
Message-ID: <F43D9939-7935-4C8D-9C39-E069624B48C2@biddle.law>
In-Reply-To: <4D3661B2-5083-48F5-8D52-079E90ED9C0D@stewe.org>
References: <C29868B2-6489-4D3C-A57F-4A6A52CA72B3@contoso.com> <c99214a2-40ee-41dd-a4dc-e361d56771cd@www.fastmail.com> <4D3661B2-5083-48F5-8D52-079E90ED9C0D@stewe.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-and-github/mJf_Wi5gDX1PG0jJ8UpTbDIjedc>
Subject: Re: [Ietf-and-github] Mail regarding draft-ietf-git-github-wg-configuration, section 3.1 (Contributions)
X-BeenThere: ietf-and-github@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discussion of using GitHub in IETF activities, particularly for Working Groups" <ietf-and-github.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-and-github>, <mailto:ietf-and-github-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-and-github/>
List-Post: <mailto:ietf-and-github@ietf.org>
List-Help: <mailto:ietf-and-github-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-and-github>, <mailto:ietf-and-github-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 05 Mar 2019 06:12:02 -0000
All — an idea, offered for discussion: what about using the CLA-assistant tool to ensure that participants affirmatively acknowledge the current CONTRIBUTING.MD text (or a similar variation on the Note Well text)? I.e., the tool could present this text and require an express acknowledgement. See: https://github.com/cla-assistant/cla-assistant https://cla-assistant.io/ Several groups I work with use this tool in connection with their GitHub repositories, and I gather it’s pretty seamless. From a legal perspective it would offer a stronger argument that participants have in fact agreed to the relevant IETF terms than the current model. —Brad Brad Biddle | brad@biddle.law | +1.503.502.1259 (mobile) | http://biddle.law On 4 Mar 2019, at 18:57, Stephan Wenger wrote: > Hi Martin, > Thanks for your comments. Please see inline. > S. > > On 3/4/19, 18:42, "Ietf-and-github on behalf of Martin Thomson" > <ietf-and-github-bounces@ietf.org on behalf of mt@lowentropy.net> > wrote: > > Hi Stephan, > > I encourage you to attempt to contribute to a draft repository on > GitHub. The BCP79 notice is perhaps not as prominent as you might > like, but there is a fairly clear path to it. > > In case you can't find an example, here's a link where you can > create an issue for the draft I just posted: > https://github.com/martinthomson/hx-uri/issues/new > > I tend to think that is adequate. If you disagree, we can discuss > the pros and cons of searching for something more robust. > > StW: Yes, this seems adequate. However, I thought the subject draft > is guidance for WGs setting up their own GitHub projects. Nowhere it > is mandated that they use the IETF "tree" or whatever that thing may > be called. In theory, I could set up my own GitHub repository under > my own name, not using your excellent infrastructure, no Note Well, no > nothing, and invite the working group to contribute. Then all kinds > of random people (including potentially malicious ones) could > theoretically make Contributions in the BCP79 sense arguably without > being bound by BCP79. So I guess there should be a word of warning in > this draft--using the Martin Thomson-style infrastructure and the IETF > tree (or whatever that thing is called), or otherwise be very careful > to implement your own mechanisms to ensure that all Contributions are > made in accordance with BCP79 and the Note Well. > > Section 3.1 of the draft we're discussing here (of the long name) > includes provisions designed to accomplish the goal you describe. And > yes, the template code I maintain emplaces a default notice. I > understand that reading the code is difficult (I'll be the first to > acknowledge how arcane this stuff is), but it is described in language > I hope you can understand here: > https://github.com/martinthomson/i-d-template/blob/master/doc/FEATURES.md#setup-a-repository > > StW: yes, this is good, and so is your whole infrastructure. As > pointed out above, we are not mandating its use, though... > > Regarding the trust notice or the content of the contributing > notice, that's not something I'd care to comment on. You can see what > I have, which is - in part - something recommended by the IETF Trust > and IESG, and in part just text that I believe to be helpful: > https://github.com/martinthomson/i-d-template/blob/master/template/CONTRIBUTING.md > > StW: Your "Contributing" file is just fine with me. Personally, I > consider the code component part of it a rather minor aspect for IETF > work, and I think if you look at litigation statistics of IETF related > subject matter, you would likely agree. That's why I asked why that > aspect is prominently mentioned, while no particular attention is > drawn to BCP79 (which is where the music plays). I'll wait a bit more > for others to comment. > > Cheers, > Martin > > On Tue, Mar 5, 2019, at 04:16, Stephan Wenger wrote: > > > > Hi, > > > > > > One concern I have when I see people, in an IETF context, work > on docs > > in toolchains other than IETF mailing lists and posting of I-Ds > on the > > IETF infrastructure is that I think we should ensure that BCP79 > sticks. > > BCP79 is the IETF’s patent policy. A scenario to avoid is that > people > > insert patented technologies without being bound by the patent > policy. > > To avoid that, there ought to be a mechanism that a) > unambiguously > > makes it clear that any written contribution using GitHib tools > > constitute Contributions in the BCP79 sense, and b) ensures that > a user > > that makes a written contribution using GitHub tools would have > seen > > the Note Well at least once. > > > > > > I believe that most GitHub-using working groups in the IETF have > > assured that by including something like a click-through of the > Note > > Well when accessing the GitHub repository (writing to it in > whatever > > form). That, I think is sufficient, but perhaps should be > documented in > > this draft. I don’t know enough about the mechanics to propose > text > > myself. Lots of that may already be present in Martin’s > template, but > > that template is hard to read/understand for someone like me, > who’s not > > writing software or webpages. > > > > > > One thing I don’t understand is why the Trust outbound license > needs to > > be present in the repository, as suggested in section 3.1. > Especially > > for a WG that uses GitHub only for maintaining documents and not > > software. Can someone explain or point me to an explanation? > > > > > > Thanks, > > > > Stephan > > > > > > > > > > > > > > _______________________________________________ > > Ietf-and-github mailing list > > Ietf-and-github@ietf.org > > https://www.ietf.org/mailman/listinfo/ietf-and-github > > > > _______________________________________________ > Ietf-and-github mailing list > Ietf-and-github@ietf.org > https://www.ietf.org/mailman/listinfo/ietf-and-github > > > _______________________________________________ > Ietf-and-github mailing list > Ietf-and-github@ietf.org > https://www.ietf.org/mailman/listinfo/ietf-and-github
- [Ietf-and-github] Mail regarding draft-ietf-git-g… Stephan Wenger
- Re: [Ietf-and-github] Mail regarding draft-ietf-g… Martin Thomson
- Re: [Ietf-and-github] Mail regarding draft-ietf-g… Stephan Wenger
- Re: [Ietf-and-github] Mail regarding draft-ietf-g… Brad Biddle
- Re: [Ietf-and-github] Mail regarding draft-ietf-g… Martin Thomson
- Re: [Ietf-and-github] Mail regarding draft-ietf-g… Martin Thomson
- Re: [Ietf-and-github] Mail regarding draft-ietf-g… Stephan Wenger
- Re: [Ietf-and-github] Mail regarding draft-ietf-g… Stephan Wenger
- Re: [Ietf-and-github] Mail regarding draft-ietf-g… Salz, Rich
- Re: [Ietf-and-github] Mail regarding draft-ietf-g… Martin Thomson
- Re: [Ietf-and-github] Mail regarding draft-ietf-g… Christopher Wood