LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Weekly Edition

Return to the Announcements page

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

OSDL on kernel patch provenance

[Posted May 24, 2004 by corbet]

Yesterday, Linus posted a request for discussion on the idea of a "developer's certificate of origin" for kernel patches. Today, the Open Source Development Labs has announced that it is helping to implement the process. "OSDL has committed to providing resources to ensure that contributions made to the kernel adhere to the DCO and the process improvements. The Lab will review the content of the contributions to confirm that submissions to the kernel have been signed off by contributors in accordance with the DCO. In addition, OSDL plans to launch an educational campaign for developers and end users on the DCO and the process improvements."
(Log in to post comments)

OSDL on kernel patch provenance

Posted May 24, 2004 12:38 UTC (Mon) by NAR (subscriber, #1313) [Link]

They've messed up the URL in the press release: http://webtest/newsroom/press_releases/2004/2004_05_24_dco.html doesn't work for me. That's what I call bad PR.

Bye,NAR

OSDL on kernel patch provenance

Posted May 24, 2004 13:11 UTC (Mon) by bbolli (guest, #19153) [Link]

Just replace "webtest" by "www.osdl.org".

OSDL on kernel patch provenance

Posted May 24, 2004 15:52 UTC (Mon) by leandro (guest, #1460) [Link]

So what we have here is something similar to FSF's copy rights assignment policy, but with some differences: DCO doesn't seem to have the same legal teeth as assignments, but hopefully it will be more straightforward for contributors; and the OSDL isn't so tied to Linux as the FSF is to GNU. It should become an interesting experiment.

OSDL on kernel patch provenance

Posted May 24, 2004 16:46 UTC (Mon) by iabervon (subscriber, #722) [Link]

Well, this doesn't involve copyright assignments, which is a major difference; contributors continue to own their contributions. This isn't really a particularly strong legal document (what with not being signed, and the developer not getting anything in exchange). The part added to patches is just a bit of information, and the DCO explains the intended semantics. It wouldn't stand up in court as evidence, but it would be a good clue as to who to ask for the actual evidence.

The real benefit to this plan is to be able to track the path of the patch through maintainers and such, so that that Linus can figure out who wrote a patch that he got out of -mm, which got there from Greg K-H, who got it from Matt Dharm, who picked it up from someone with an obscure USB MP3 player that needed a tweak to work. Sure, he could probably figure out that Matt knows if he found it in one of Matt's postings of various little changes, but that's a bunch of detective work, and it might be harder if Greg fixed a bunch of spelling and whitespace and Andrew rediffed it. Even if Linus had the name of the original author, he wouldn't have had any contact with the person. He wants to be able to look at the patch and know that the right people have seen it, and that he could find somebody who could recognize the original author if necessary.

OSDL on kernel patch provenance

Posted May 24, 2004 18:50 UTC (Mon) by ordonnateur (guest, #6652) [Link]

Yes, to put it simply, it is a matter of what an art historian would call 'provenance' or an accountant an 'audit trail'.

OSDL on kernel patch provenance

Posted May 24, 2004 21:00 UTC (Mon) by dlang (✭ supporter ✭, #313) [Link]

as Linus just posted to the kernel list, this really isn't anything new.

in the past the community assumed that if someone sent a patch in that they were implicity stating that they are authorised to do so, all that this does is document this statement explicitly in a way that will be easy to understand for the non-technical folks.

it's trying to not change how people really work, just document it more obviously

OSDL on kernel patch provenance

Posted May 25, 2004 0:08 UTC (Tue) by mbp (subscriber, #2737) [Link]

"Stand up in court" is not binary. Even written contracts can be questioned, and even verbal agreements can have some weight.

If this ever gets to court, it will show that Linus & co made some efforts to make sure they were allowed to redistribute the code. It is a little stronger than the implied permission they have at the moment.

Unlicenced code could still get in if someone lies when making that statement -- either they don't own the code, or they're not allowed to sign for their organization. But both of those can happen with written assignments as the FSF uses. It would still be possible for SCO to say "oops, we didn't mean to assign our copyright."

Copyright © 2004, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds