Hi! after seeing this thread on legal-discuss: https://mail-archives.apache.org/mod_mbox/www-legal-discuss/201706.mbox/%3CCAGJoAUn-hiE89mWObh1Lb2S_vgqQJ%3DDC%3D1P_V1REQ9hUERCFog%40mail.gmail.com%3E
I'd like to ask a policy related question. What we currently have is a whole bunch of binaries hosted by ASF: https://ignite.apache.org/download.cgi#binaries that collect user data and ship it away to a host currently not associated with ASF (nor does it seem to be associated with Ignite's PMC). The host name is ignite.run (and, as a side note, as it turns out the connection to that host in Ignite releases prior to 1.9 is unsecure: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6805 ) Is this something ASF should be concerned with from a standpoint of the policy that we have for binary convenience artifacts that are hosted on our end? Would it make it different if ignite.run and the data collected by it was managed by an Ignite PMC as opposed to an unidentified 3d party? Thanks, Roman. --------------------------------------------------------------------- To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org For additional commands, e-mail: general-h...@incubator.apache.org