You are viewing a plain text version of this content. The canonical link for it is here.
Posted to legal-discuss@apache.org by Michael Mior <mm...@uwaterloo.ca> on 2018/04/06 20:12:26 UTC
Re: HTTPS for license URL in recommended header
Slow follow up from me on this, but any reason not to edit the site to
change the URL to https? If there are no objections, I'll just go ahead and
do this.
If PMCs are going to be emailed, obviously it's more far-reaching than just
the license. Many projects still use unsecured HTTP when promoting their
homepages and also for links on within project webpages when an HTTPS
alternative available. I think the expectation should be set that HTTPS is
the default unless there are very good reasons to do otherwise.
--
Michael Mior
mmior@apache.org
2018-03-11 11:41 GMT-04:00 Pierre Smits <pi...@apache.org>:
> Hi all,
>
> I believe this needs to be brought to the attention of every project
> (PMCs). Maybe an email from VP Legal would help.
>
>
>
> Best regards,
>
> Pierre Smits
>
> V.P. Apache Trafodion
>
> On Sat, Mar 10, 2018 at 6:37 PM, Christopher <ct...@apache.org> wrote:
>
>> +1 for using https everywhere possible. :)
>>
>> On Fri, Mar 9, 2018 at 5:47 PM Daniel Ruggeri <dr...@primary.net>
>> wrote:
>>
>>> Strong +1 for https
>>>
>>> --
>>> Daniel Ruggeri
>>>
>>>
>>> On March 9, 2018 3:33:01 PM CST, Michael Mior <mm...@apache.org> wrote:
>>>>
>>>> I noticed that the URL to the Apache license given in the recommender
>>>> header[0] currently uses unsecured HTTP in the URL. Is there any reason not
>>>> to update this to HTTPS?
>>>>
>>>> [0] https://www.apache.org/legal/src-headers.html#headers
>>>>
>>>> Cheers,
>>>> --
>>>> Michael Mior
>>>> mmior@apache.org
>>>>
>>>
>
Re: HTTPS for license URL in recommended header
Posted by Mark Thomas <ma...@apache.org>.
On 06/04/18 21:12, Michael Mior wrote:
> Slow follow up from me on this, but any reason not to edit the site to
> change the URL to https? If there are no objections, I'll just go ahead
> and do this.
I object.
Changing the standard license text in any way at all is a big deal. It
creates a huge amount of work for projects for no obvious benefit.
Any change needs the explicit approval of V.P. Legal.
I'd suggest providing projects with a choice to use http or https as
they wish with a recommendation, but not a requirement, to use https.
But that is just my recommendation. The final decision lies with V.P. Legal.
Mark
>
> If PMCs are going to be emailed, obviously it's more far-reaching than
> just the license. Many projects still use unsecured HTTP when promoting
> their homepages and also for links on within project webpages when an
> HTTPS alternative available. I think the expectation should be set that
> HTTPS is the default unless there are very good reasons to do otherwise.
>
> --
> Michael Mior
> mmior@apache.org <ma...@apache.org>
>
> 2018-03-11 11:41 GMT-04:00 Pierre Smits <pierresmits@apache.org
> <ma...@apache.org>>:
>
> Hi all,
>
> I believe this needs to be brought to the attention of every project
> (PMCs). Maybe an email from VP Legal would help.
>
>
>
> Best regards,
>
> Pierre Smits
>
> V.P. Apache Trafodion
>
> On Sat, Mar 10, 2018 at 6:37 PM, Christopher <ctubbsii@apache.org
> <ma...@apache.org>> wrote:
>
> +1 for using https everywhere possible. :)
>
> On Fri, Mar 9, 2018 at 5:47 PM Daniel Ruggeri
> <druggeri@primary.net <ma...@primary.net>> wrote:
>
> Strong +1 for https
>
> --
> Daniel Ruggeri
>
>
> On March 9, 2018 3:33:01 PM CST, Michael Mior
> <mmior@apache.org <ma...@apache.org>> wrote:
>
> I noticed that the URL to the Apache license given in
> the recommender header[0] currently uses unsecured HTTP
> in the URL. Is there any reason not to update this to HTTPS?
>
> [0]
> https://www.apache.org/legal/src-headers.html#headers
> <https://www.apache.org/legal/src-headers.html#headers>
>
> Cheers,
> --
> Michael Mior
> mmior@apache.org <ma...@apache.org>
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
For additional commands, e-mail: legal-discuss-help@apache.org
Re: HTTPS for license URL in recommended header
Posted by Pierre Smits <pi...@apache.org>.
Regardless of my earlier posting in this thread, I am wholeheartedly +1 on
this.
Best regards,
Pierre Smits
Apache Trafodion <https://trafodion.apache.org>, Vice President
Apache Directory <https://directory.apache.org>, PMC Member
Apache Incubator <https://incubator.apache.org>, committer
Apache OFBiz <https://ofbiz.apache.org>, contributor since 2008
Apache Steve <https://steve.apache.org>, committer
On Fri, Apr 6, 2018 at 10:12 PM, Michael Mior <mm...@uwaterloo.ca> wrote:
> Slow follow up from me on this, but any reason not to edit the site to
> change the URL to https? If there are no objections, I'll just go ahead and
> do this.
>
> If PMCs are going to be emailed, obviously it's more far-reaching than
> just the license. Many projects still use unsecured HTTP when promoting
> their homepages and also for links on within project webpages when an HTTPS
> alternative available. I think the expectation should be set that HTTPS is
> the default unless there are very good reasons to do otherwise.
>
> --
> Michael Mior
> mmior@apache.org
>
> 2018-03-11 11:41 GMT-04:00 Pierre Smits <pi...@apache.org>:
>
>> Hi all,
>>
>> I believe this needs to be brought to the attention of every project
>> (PMCs). Maybe an email from VP Legal would help.
>>
>>
>>
>> Best regards,
>>
>> Pierre Smits
>>
>> V.P. Apache Trafodion
>>
>> On Sat, Mar 10, 2018 at 6:37 PM, Christopher <ct...@apache.org> wrote:
>>
>>> +1 for using https everywhere possible. :)
>>>
>>> On Fri, Mar 9, 2018 at 5:47 PM Daniel Ruggeri <dr...@primary.net>
>>> wrote:
>>>
>>>> Strong +1 for https
>>>>
>>>> --
>>>> Daniel Ruggeri
>>>>
>>>>
>>>> On March 9, 2018 3:33:01 PM CST, Michael Mior <mm...@apache.org> wrote:
>>>>>
>>>>> I noticed that the URL to the Apache license given in the recommender
>>>>> header[0] currently uses unsecured HTTP in the URL. Is there any reason not
>>>>> to update this to HTTPS?
>>>>>
>>>>> [0] https://www.apache.org/legal/src-headers.html#headers
>>>>>
>>>>> Cheers,
>>>>> --
>>>>> Michael Mior
>>>>> mmior@apache.org
>>>>>
>>>>
>>
>