The EIP process doesn’t require CLAs from anyone. Merely that the EIP is licensed under CC0. As I understand it ProgPOW meets that requirement. I don’t know where you pulled the requirement for a CLA from, but it’s not a part of the Ethereum governance processes.
-
-
Replying to @ajsutton @hudsonjameson and
I know it is not a requirement. I am saying that is a big problem in this instance (and generally) because it means that there is essentially no IP risk management defined within the EIP process. And in this critical case, it means we are very exposed.
1 reply 0 retweets 1 like -
Replying to @BobSummerwill @ajsutton and
Bob Summerwill Retweeted Bob Summerwill
Aside, I learnt that CLA implies more than DCO, where I assumed CLA was a general grouping. I would suggest that the EIP process should add the requirement for a DCO, just as
@Hyperledger dictates for its codebases.https://twitter.com/BobSummerwill/status/1174198882017955843?s=19 …Bob Summerwill added,
Bob Summerwill @BobSummerwillReplying to @mysticryuujin @hudsonjameson and 4 othersThanks, Chase. It looks from this article that CLA is a term with a more specific meaning than I was aware of. It advocates for DCO (developer certificate of origin) rather than heavy weight legal docs. Great! This works just fine ... https://developercertificate.org/1 reply 0 retweets 0 likes -
Replying to @BobSummerwill @ajsutton and
For example, I think the current process gives no protection against patent trolling. Stuff like this:https://www.zdnet.com/article/biggest-patent-win-ever-microsofts-billion-dollar-a-year-samsung-deal/ …
1 reply 0 retweets 1 like -
Replying to @BobSummerwill @ajsutton and
@bmann pointed me to this prior discussion on that topic: https://ethereum-magicians.org/t/patent-covenant-for-eip-submissions/2901 … which@mr_ligi,@shemnon and@jemenger commented on. Worth chasing again, I think! CC@ameensol,@koeppelmann.2 replies 0 retweets 0 likes -
Replying to @BobSummerwill @ajsutton and
So on the EIPs, I would propose adopting exactly the same DCO pattern as Besu has: https://github.com/hyperledger/besu/blob/master/DCO.md … Legal name, not pseudonym sign-off declaring you authored the code and have the right to submit it.pic.twitter.com/2Q6GHMK8hJ
2 replies 0 retweets 1 like -
Replying to @BobSummerwill @ajsutton and
How about you give this, or for that matter any other IP process, a test spin in the ECIP process. Note that the ECIP process (https://github.com/ethereumproject/ECIPs/blob/master/ECIP-1.sample.md …) doesn’t have any copyright requirements, while "All EIPs must be in the public domain." (https://eips.ethereum.org/EIPS/eip-1 ).
3 replies 0 retweets 4 likes -
Yes, we can certainly do that, Danno. I will create an ECIP proposing that. The majority of protocol changes for ETC have come via the EIP process, so we are limited in the protection that would give us, unless we blocked EIPs from ETC if they did not meet that higher bar.
1 reply 0 retweets 0 likes -
Replying to @BobSummerwill @shemnon and
So we could "raise the bar" on ECIPs themselves (and really should), but would still have ECIPs which are essentially just wrappers for unprotected EIPs. But yes, you are right. And we should walk the walk within ETC, to set the example and encourage the same in ETH.
1 reply 0 retweets 0 likes -
Replying to @BobSummerwill @shemnon and
So maybe we start with patent covenant as per
@bmann? https://ethereum-magicians.org/t/patent-covenant-for-eip-submissions/2901 … Or maybe we go full DCO for the ECIP repository, with real names a la@PegaSysEng? https://github.com/hyperledger/besu … I can propose both, and then we can work through the consensus process on that.2 replies 0 retweets 0 likes
Just to be clear, the DCO and real name requirement is ultimately from the Linux Foundation. PegaSys previously used a CLA process. Interestingly that didn’t require real names - the sign-off was just by GitHub account. And a client codebase is very different to specifications.
-
-
Interesting! I am glad Hyperledger have a higher standard. I would also like to hear legal opinion on the protection a GitHub CLA with a pseudonym gives a project, if any. Client and specs are different, yes, but why should specs need LESS in the way of IP protection, Adrian?
3 replies 0 retweets 0 likes -
Replying to @BobSummerwill @shemnon and
The other key question here - how are we supposed to know what your legal name actually is? DCO doesn’t require valid ID and in a global environment I couldn’t say what valid ID is anyway.
1 reply 0 retweets 1 like - 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.