path: root/doc
diff options
authorAndreas Schneider <asn@cryptomilk.org>2012-10-12 18:16:16 +0200
committerAndreas Schneider <asn@cryptomilk.org>2012-10-14 19:58:07 +0200
commitf86b2bf743e8d01884c36252812ade97d7a253c2 (patch)
treee6a96622913501c22bde6c89a06f0e06892bcb25 /doc
parent13c26f0733ab624e25373e56e205775708a513b0 (diff)
doc: Update copyright policy.
Diffstat (limited to 'doc')
1 files changed, 99 insertions, 14 deletions
diff --git a/doc/mainpage.dox b/doc/mainpage.dox
index 8bf78e41..fc65e413 100644
--- a/doc/mainpage.dox
+++ b/doc/mainpage.dox
@@ -40,20 +40,105 @@ The libssh library provides:
@section main-copyright Copyright Policy
-The developers of libssh have a policy of asking for contributions to be made
-under the personal copyright of the contributor, instead of a corporate
-There are some reasons for the establishment of this policy:
- @li Individual copyrights make copyright registration in the US a simpler
- process.
- @li If libssh is copyrighted by individuals rather than corporations,
- decisions regarding enforcement and protection of copyright will, more
- likely, be made in the interests of the project, and not in the interests
- of any corporation’s shareholders.
- @li If we ever need to relicense a portion of the code contacting individuals
- for permission to do so is much easier than contacting a company.
+libssh is a project with distributed copyright ownership, which means we prefer
+the copyright on parts of libssh to be held by individuals rather than
+corporations if possible. There are historical legal reasons for this, but one
+of the best ways to explain it is that it’s much easier to work with
+individuals who have ownership than corporate legal departments if we ever need
+to make reasonable compromises with people using and working with libssh.
+We track the ownership of every part of libssh via git, our source code control
+system, so we know the provenance of every piece of code that is committed to
+So if possible, if you’re doing libssh changes on behalf of a company who
+normally owns all the work you do please get them to assign personal copyright
+ownership of your changes to you as an individual, that makes things very easy
+for us to work with and avoids bringing corporate legal departments into the
+If you can’t do this we can still accept patches from you owned by your
+employer under a standard employment contract with corporate copyright
+ownership. It just requires a simple set-up process first.
+We use a process very similar to the way things are done in the Linux Kernel
+community, so it should be very easy to get a sign off from your corporate
+legal department. The only changes we’ve made are to accommodate the license we
+use, which is LGPLv2 (or later) whereas the Linux kernel uses GPLv2.
+The process is called signing.
+How to sign your work
+Once you have permission to contribute to libssh from your employer, simply
+email a copy of the following text from your corporate email address to:
+libssh Developer's Certificate of Origin. Version 1.0
+By making a contribution to this project, I certify that:
+(a) The contribution was created in whole or in part by me and I
+ have the right to submit it under the appropriate
+ version of the GNU General Public License; or
+(b) The contribution is based upon previous work that, to the best of
+ my knowledge, is covered under an appropriate open source license
+ and I have the right under that license to submit that work with
+ modifications, whether created in whole or in part by me, under
+ the GNU General Public License, in the appropriate version; or
+(c) The contribution was provided directly to me by some other
+ person who certified (a) or (b) and I have not modified it.
+(d) I understand and agree that this project and the contribution are
+ public and that a record of the contribution (including all
+ metadata and personal information I submit with it, including my
+ sign-off) is maintained indefinitely and may be redistributed
+ consistent with the libssh Team's policies and the requirements of
+ the GNU GPL where they are relevant.
+(e) I am granting this work to this project under the terms of the
+ GNU Lesser General Public License as published by the
+ Free Software Foundation; either version 2.1 of
+ the License, or (at the option of the project) any later version.
+We will maintain a copy of that email as a record that you have the rights to
+contribute code to libssh under the required licenses whilst working for the
+company where the email came from.
+Then when sending in a patch via the normal mechanisms described above, add a
+line that states:
+ Signed-off-by: Random J Developer <random@developer.example.org>
+using your real name and the email address you sent the original email you used
+to send the libssh Developer’s Certificate of Origin to us (sorry, no
+pseudonyms or anonymous contributions.)
+That’s it! Such code can then quite happily contain changes that have copyright
+messages such as:
+ (c) Example Corporation.
+and can be merged into the libssh codebase in the same way as patches from any
+other individual. You don’t need to send in a copy of the libssh Developer’s
+Certificate of Origin for each patch, or inside each patch. Just the sign-off
+message is all that is required once we’ve received the initial email.
+Have fun and happy libssh hacking!
+The libssh Team
@section main-rfc Internet standard