Boost logo

Boost :

From: David Abrahams (dave_at_[hidden])
Date: 2004-08-17 14:00:37

"John Maddock" <john_at_[hidden]> writes:

>> > Another permission for our records:
>> Speaking of "records", what mechanism are we using to keep track of
>> these?
>> Also, blanket-permission.txt is reasonably reliable, since ssh
>> connections are secure. Email is less-so, since it can be spoofed. I
>> hate to suggest this, but perhaps it would be best to ask those
>> without CVS access to mail a signed note, just to be sure. I can't
>> think of another mechanism that has legal verifiability. I'm going
>> to have lunch with Boost's lawyer today, so I can ask him about it.
> Uh, yes I know what you're getting at, I just don't want the bar set so high
> that no one replies. So far I've been forwarding to the list any
> permissions that have come back to myself or to boost-owner, and then adding
> the permissions to blanket-permission.txt.
> The problem we have is not everyone we need to contact has cvs access, or is
> even still subscribed to the list.
> We also don't do any more than look at someone email address, when accepting
> contributions to boost in the first place, do we? Of course maybe we
> should...

The lawyer is satisfied that in practice what we're doing is fine, so
we don't have to worry ;-)

Dave Abrahams
Boost Consulting

Boost list run by bdawes at, gregod at, cpdaniel at, john at