Hi Alexandru,
For brevity I've omitted the parts that look good.
Alexandru Mihail <alexandru.mihail2897@gmail.com> writes:
> RobMcCool's copyright was traced from a git repository which
> imported NCSA httpd (which was verified to be precise).
> Multiple commits by RobMcCool on HEAD
> show his contributions on the files specified here.
Thank you you have the right idea about writing how you established
copyright. That said, what you've written is impossible, because Rob
McCool's work was 1993-1994, but git's first release was in 2005 ;)
Also, please revise the text to explain what "verified to be precise"
means. Grammatically, it sounds like you verified that the tags in the
repository match the WayBack Machine's copies of release tarballs. Did
you verify that Jef Poskanzer didn't make edits? If Jef Poskanzer made
edits, they would most likely be under the mini-httpd project license,
thus the effective license would be BSD-2-clause. A simple solution
would be claim these files are BSD-2-clause, but to note that htpasswd*
contain (or are mostly) NCSA licensed, and then shift the NCSA licence
text into the Comment section of Files: htpasswd.* If you run lintian
without shifting the license text you'll learn why I recommend it.
---- \cut this/ ----
> The files are under the NCSA license which qualifies as DFSG
> compatible after inquiry (specifically, from the license text:
>
> "This code is in the public domain. Specifically, we give to the
> public
> domain all rights for future licensing of the source code, all resale
> rights, and all publishing rights"
>
> From DSFGLicenses's Q&A on DebianWiki:
>
> "Software placed in the public domain has all the freedoms
> required by the DFSG, and is free software."
---- /cut this\ ----
I'm still not certain that this wiki contributor's position is legally
sound everywhere in the world. For a counter example see:
https://opensource.stackexchange.com/questions/9871/why-is-there-no-public-domain-licensing-in-europe
> git repository: https://github.com/TooDumbForAName/ncsa-httpd/
Note: If you provide a link that isn't on Debian infrastructure then
you'll also need to summarise what it contains (for various reasons that
I can explain if you're interested). It may be worth noting that
someone else can use this to verify if the htpasswd.* copy in mini-httpd
corresponds to the NCSA copy.
> debian-legal thread:
> https://lists.debian.org/debian-legal/2023/07/msg00001.html
> DFSGLicenses: https://wiki.debian.org/DFSGLicenses
/ \
Nice, but cut the last line of /this\
Thanks again for reading this page, as well as for sharing the story of
how it inspired you to contribute to Debian! :)
> Is my TLDR still a bit TL ? I was trying not to leave out anything
> related to discussion on debian-legal or how we traced everything back
> to RobMcCool.
Thank you for your attention to detail, and yes, still too long.
There has been far more discussion at this bug than at debian-legal...
> Did i get the right field ?
>
> "6.6. Comment
>
> Formatted text, no synopsis: this field can provide additional
> information. For example, it might quote an e-mail from upstream
> justifying why the license is acceptable to the main archive, or an
> explanation of how this version of the package has been forked from a
> version known to be DFSG-free, even though the current upstream version
> is not. "
>
> Sounded like a good fit.
You're right, yes, that's the one :)
> Replying to previous untackled mail:
>>Wow, that's wonderful (and unexpected) news! I hope negotiations go
> well.
>
> Thanks, me too :) I'll have to complete the new maintainer process here
> (and actually have an upload by my mentor (you!) before I can discuss
> matters more firmly with higher-ups. There's no rush; your patience and
> attention to detail are very appreciated btw :)
Thanks :)
>>My key is on both the Debian keyring and public servers
>>
>> https://wiki.debian.org/DebianKeyring
>> https://keys.openpgp.org/
>> and maybe also here
>> http://pgp.mit.edu/
>
> OK, thanks, I'll have to find a good place for my key too, then.
I confirmed your signature on this email. Here are some key-related
resources:
https://wiki.debian.org/Keysigning
https://wiki.debian.org/Keysigning/Coordination
Best,
Nicholas
P.S. Please consider trimming the irrelevant quotation from
correspondences on the BTS. It's a top-posting convention that takes up
a lot of space and waste time (since we're an in-line posting community)
https://bugs.debian.org/1036751
Attachment:
signature.asc
Description: PGP signature