> -----Original Message----- > From: David Nalley [mailto:da...@gnsa.us] > Sent: Friday, February 21, 2014 4:13 PM > To: dev@cloudstack.apache.org > Subject: Re: [DISCUSS] Policy blocker? > > >> LEGAL - when I talk about legal problems below I refer to liability > >> incurred by individuals in the project, especially the release > >> manager, > > > > [Animesh] Can you clarify 'especially the release manager' part? Release > manager is just like any other volunteer and does not have any special > privileges. The community VOTEs on the release. > > > > Sure, it isn't about privilege, it's about liability. So the foundation covers > (and has insurance for) actions taken on behalf of the Foundation. If process > is followed (including getting the votes) releasing software is effectively a > function of the Foundation - and thus it bears liability. The foundation > needs to ensure that the release is a 'authorized business decision' on behalf > of the Foundation (which is why the Board has to ACK PMC additions, etc.). > Hence all the process and policy. > > Publishing software however, if really done by the release manager. > And if release process isn't followed, it's no longer a function of the > foundation - and software is effectively released by the RM, and thus he is > individually liable. [Animesh] How do you define the release process being followed or not? Isn't Voting on a release the process and PMC and everyone voting responsible for it. Release Manager is a facilitator. Without the protection why would anyone want to incur liability as a release manager? In the links that you sent I have not seen specific reference to Release Manager being liable.
Sadly this isn't theoretical, and is one of the reasons that > the foundation exists. [Animesh] What does foundation provide in that case? > > http://www.apache.org/dev/release.html#why > https://www.apache.org/foundation/faq.html#why > > --David
