[OpenStack-Infra] Improving the way we handle Corporate CLAs

Jimmy McArthur / tipit.net jimmy at tipit.net
Tue Oct 29 02:54:35 UTC 2013


> I'm hesitant to suggest that any of our CLAs solves any real problem
> (after all, I'm not a lawyer, so I only know what I've heard them
> say). That aside, I agree the member database sounds like it would
> be a sane place to deal with that, but until we actually see the
> source code for that site it's hard to be sure.

I can speak to this a little bit. OpenStack.org already has the data model in place to handle agreements and contracts amongst user groups associated with an organization. The intention is to leverage this information to shape the user experience and drive data sharing amongst the OpenStack properties.  Extending a corporate CLA to the user base is a nominal change.

Setting up a specific set of users that are tied to a particular company, with a particular set of permissions, is right in line for the vision we are working towards for OpenStack.org and the coming OpenID/OAuth setup.  Some of these pieces are in place already, but we can expect most of them to be ready when we launch with OpenID.  

Long term, we aim to share this data, and more with all OpenStack web properties given the appropriate permissions.  For example, an OpenStack user employed by Tycoon Corp that logs into the Beijing User Group could receive a message prompting them to notify Tycoon Corp to update their CCLA to include them as a user that's authorized to commit code on their behalf.  

Of course, with OAuth in place, pretty much any piece of data that OpenStack and your contributors authorize to share will be available. CCLAs and CLA controversy or usefulness aside, it's a good opportunity for OpenStack to drive development on your web properties with real and useful user data.

Thanks!

Jimmy McArthur / tipit.net <jimmy at tipit.net> 
o: 512.481.1161 
m: 512.965.4846 

----- Original Message -----
> From: "Jeremy Stanley" <fungi at yuggoth.org>
> To: "Stefano Maffulli" <stefano at openstack.org>
> Cc: openstack-infra at lists.openstack.org
> Sent: Monday, October 28, 2013 6:09:19 PM
> Subject: Re: [OpenStack-Infra] Improving the way we handle Corporate CLAs
> 
> On 2013-10-28 10:00:03 -0700 (-0700), Stefano Maffulli wrote:
> [...]
> > Probably then we should keep the notion of the CCLA in the User/Member
> > database then? The manager of the CCLA would click-sign the agreement on
> > our site, we keep the historic record of that signature and the manager
> > herself declares who works for her, authorized to commit. It would still
> > not prevent people to commit code without a CCLA but I htink it would
> > improve the situation. What do you think?
> 
> I'm hesitant to suggest that any of our CLAs solves any real problem
> (after all, I'm not a lawyer, so I only know what I've heard them
> say). That aside, I agree the member database sounds like it would
> be a sane place to deal with that, but until we actually see the
> source code for that site it's hard to be sure.
> --
> Jeremy Stanley
> 
> _______________________________________________
> OpenStack-Infra mailing list
> OpenStack-Infra at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-infra
> 



More information about the OpenStack-Infra mailing list