From: David Abrahams (dave_at_[hidden])
Date: 2004-08-17 14:00:37
"John Maddock" <john_at_[hidden]> writes:
>> > Another permission for our records:
>> Speaking of "records", what mechanism are we using to keep track of
>> Also, blanket-permission.txt is reasonably reliable, since ssh
>> connections are secure. Email is less-so, since it can be spoofed. I
>> hate to suggest this, but perhaps it would be best to ask those
>> without CVS access to mail a signed note, just to be sure. I can't
>> think of another mechanism that has legal verifiability. I'm going
>> to have lunch with Boost's lawyer today, so I can ask him about it.
> Uh, yes I know what you're getting at, I just don't want the bar set so high
> that no one replies. So far I've been forwarding to the list any
> permissions that have come back to myself or to boost-owner, and then adding
> the permissions to blanket-permission.txt.
> The problem we have is not everyone we need to contact has cvs access, or is
> even still subscribed to the list.
> We also don't do any more than look at someone email address, when accepting
> contributions to boost in the first place, do we? Of course maybe we
The lawyer is satisfied that in practice what we're doing is fine, so
we don't have to worry ;-)
-- Dave Abrahams Boost Consulting http://www.boost-consulting.com
Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk