Bug#393402: Bug#393356: Source package contains non-free IETF
RFC/I-D's
Steve Langasek
vorlon at debian.org
Tue Oct 17 05:02:24 UTC 2006
tags 393356 etch-ignore
tags 393357 etch-ignore
tags 393358 etch-ignore
tags 393359 etch-ignore
tags 393360 etch-ignore
tags 393361 etch-ignore
tags 393364 etch-ignore
tags 393365 etch-ignore
tags 393366 etch-ignore
tags 393367 etch-ignore
tags 393368 etch-ignore
tags 393369 etch-ignore
tags 393370 etch-ignore
tags 393371 etch-ignore
tags 393372 etch-ignore
tags 393373 etch-ignore
tags 393374 etch-ignore
tags 393375 etch-ignore
tags 393376 etch-ignore
tags 393377 etch-ignore
tags 393378 etch-ignore
tags 393379 etch-ignore
tags 393380 etch-ignore
tags 393381 etch-ignore
tags 393382 etch-ignore
tags 393383 etch-ignore
tags 393384 etch-ignore
tags 393385 etch-ignore
tags 393386 etch-ignore
tags 393387 etch-ignore
tags 393388 etch-ignore
tags 393389 etch-ignore
tags 393390 etch-ignore
tags 393391 etch-ignore
tags 393392 etch-ignore
tags 393393 etch-ignore
tags 393394 etch-ignore
tags 393395 etch-ignore
tags 393396 etch-ignore
tags 393397 etch-ignore
tags 393398 etch-ignore
tags 393399 etch-ignore
tags 393400 etch-ignore
tags 393402 etch-ignore
tags 393403 etch-ignore
tags 393405 etch-ignore
tags 393406 etch-ignore
tags 393408 etch-ignore
tags 393409 etch-ignore
tags 393410 etch-ignore
tags 393411 etch-ignore
tags 393412 etch-ignore
tags 393413 etch-ignore
tags 393414 etch-ignore
tags 393415 etch-ignore
tags 393416 etch-ignore
tags 393417 etch-ignore
tags 393418 etch-ignore
tags 393419 etch-ignore
tags 393420 etch-ignore
tags 393421 etch-ignore
tags 393422 etch-ignore
tags 393423 etch-ignore
tags 393424 etch-ignore
tags 393425 etch-ignore
thanks
Hi Simon,
On Mon, Oct 16, 2006 at 11:51:17AM +0200, Simon Josefsson wrote:
> This bug has been filed on multiple packages, and general discussions
> are kindly requested to take place on debian-legal or debian-devel in
> the thread with Subject: "Non-free IETF RFC/I-Ds in source packages".
> It seems this source package contains the following files from the
> IETF under non-free license terms:
> apg-2.2.3/doc/rfc0972.txt
> apg-2.2.3/doc/rfc1750.txt
> The license on RFC/I-Ds is not DFSG-free, see:
> * http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=199810
> * http://release.debian.org/removing-non-free-documentation
> * http://wiki.debian.org/NonFreeIETFDocuments
> The etch release policy says binary and source packages must each be free:
> * http://release.debian.org/etch_rc_policy.txt
> The severity is serious, because this violates the Debian policy:
> * http://www.debian.org/doc/debian-policy/ch-archive.html#s-dfsg
> There are (at least) three ways to fix this problem. In order of
> preference:
> 1. Ask the author of the RFC to re-license the RFC under a free
> license. A template for this e-mail request can be found at
> http://wiki.debian.org/NonFreeIETFDocuments
> 2. Remove the non-free material from the source, e.g., by re-packaging
> the upstream archive and adding a 'dfsg' version name to it.
> 3. Move the package to non-free.
> I went over many packages looking for names of likely non-free files,
> and there may be false positives. If this is the case for your
> package, I'm sorry for the noise. I'll modify the scripts to take
> into account false positives when I learn of them, and publish the
> list of exceptions under "Known exceptions" at
> <http://wiki.debian.org/NonFreeIETFDocuments>.
Andi Barth and I have discussed these bugs, and we believe these bugs should
be granted an exception for etch, for the following reasons:
- As you mention, this mass-filing is based on file names and may include
false positives for this reason. Given this uncertainty, which covers
both files that may not actually contain RFCs and RFCs that may be
distributed with separate permissions from the authors, I do not consider
it reasonable for the burden to be on the maintainers (and the release
team) to demonstrate any particular bug to be a false-positive before the
package can be included in the release.
- The time between the bug filing and the scheduled release of etch is now
relatively short, and I don't believe, given the comparatively small
impact of these bugs (where RC bugs are concerned), that they should
warrant either delaying the release of etch or requiring the removal of a
package so affected. It is normal to allow some latitude for such license
issues while they are being investigated/addressed.
I'm happy to see that a number of maintainers have already made uploads (or
are preparing uploads) to address these bugs, and I would encourage all
maintainers to try to address such bugs in their packages for release. I am
also certainly happy to grant freeze exceptions for uploads fixing these
bugs. We only will not treat these as bugs that must be fixed prior to
release.
Thanks,
--
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
vorlon at debian.org http://www.debian.org/
More information about the Pkg-voip-maintainers
mailing list