On 8 February 2018 at 09:25, Laszlo Ersek <ler...@redhat.com> wrote: > On 02/08/18 09:32, Jordan Justen wrote: > >> Given the wording from the contribution agreement, it appears that it >> would also be fine to just use Mike's Signed-off-by if he is >> authorized to contribute the code even though he didn't author it. > > So basically just > > """ > Contributed-under: TianoCore Contribution Agreement 1.1 > Signed-off-by: Michael D Kinney <michael.d.kin...@intel.com> > """ > > implies Mike saying, "trust me guys, I got Microsoft's authorization (or > whoever the original authors were) to contribute their code under the > 2-clause BSDL". Is that right? > > Dunno why but this concept is hard for me to accept. :) "whoever the > original authors were" is super vague to me. Let's say I want to verify > that authorization myself: whom do I contact? Are the > "https://github.com/Microsoft/MS_UEFI/..."; references considered > sufficient origin information? >
This is exactly the reason: if someone contributes code under a suitable license, they should take full responsibility that the code in question is actually covered by that license. I refuse any responsibility for verifying the origin of code that others contribute, and I'm sure your workload doesn't allow it either. _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
