On Tue, May 14, 2013 at 01:53:19PM -0500, Mark Brown wrote:
However, I have had some very *practical* experience in this area; I was at one time directly involved in a major lawsuit surrounding open source, copyright and licensing (see my email address & your first guess will probably be correct). In several cases, the provenance of individual files was being investigated, and per-file copyright statements were an important part of that.
In the case of OpenStack, like many other modern projects, the most accurate file provenance record would seem to be the git commit history. That does not necessarily tell you anything conclusive about copyright ownership, but it is a better record to go by than examining copyright notices in source files (which, as noted, could well be, or become, inaccurate).
IANAL, but I heartily suggest that this topic be brought up at the Foundation level, before we put anything into effect at the Project level.
This honestly seems way too trivial to be a Foundation-level issue (I assume by that you mean something that requires a Board decision?). (Again, for clarification, I am not taking a particular stance on the issue being discussed here.) The reason is not just that the most accurate provenance record lies outside of the source tree, but also because of an awkward issue I have admittedly been trying to avoid bringing up -- the fact that the Foundation requires all contributors to sign an Apache-like CLA. Those two facts turn this into an issue that seems to me to be purely a matter of style, even if it otherwise might not be. - RF