On Wed, Jun 24, 2009 at 08:23:49PM -0700, Steve Langasek wrote: > And how do you know that the due diligence Debian shows in seeking > to avoid distribution of software in violation of copyright isn't > the *reason* that Debian has avoided being sued?
We don't know, but it's guesswork in both senses.
In that respect, the argument is that doing NEW review only at binary
package change time is good, but not enough. I've recently witnessed
maintainers that totally overlooked the introduction of tons of new
dependencies (not packaged in debian) from one upstream release to the
other and uploaded to the archive; go figure whether they would have
noticed a change in licensing conditions.
So, the real question is whether it is the case or not that FTP
masters are legally responsible for the archive content or not. I've
always been dubious about that. It might be that the responsibles are
the package maintainers or that the responsibles are (unfortunately
for them) mirror administrators.
In the former case FTP masters are wasting their time, in the latter
case their role is indeed useful to "defend" our mirror tenants, but
then copyright reviews must be *intensified*.
Have we ever asked SPI lawyers about who is legally responsible for
archive content?
(Cc-ing leader, if we haven't, I'm asking him to do that.)
Cheers.
--
Stefano Zacchiroli -o- PhD in Computer Science \ PostDoc @ Univ. Paris 7
z...@{upsilon.cc,pps.jussieu.fr,debian.org} -<>- http://upsilon.cc/zack/
Dietro un grande uomo c'è ..| . |. Et ne m'en veux pas si je te tutoie
sempre uno zaino ...........| ..: |.... Je dis tu à tous ceux que j'aime
signature.asc
Description: Digital signature
