On 8/22/07, Jeff Spaleta <jspaleta(a)gmail.com> wrote:
On 8/22/07, Owen Taylor <otaylor(a)redhat.com> wrote:
> So you wouldn't be endorsing Joe Smith's Package Repository at all,
Putting aside the debate of popularity != safety for the time being....
We don't have to "endorse" to run afoul of legal issues. Merely
helping users compile a list of any 3rd party repositories is
potentially off-limits.
Can you point to anything we are doing right now, where we make any
effort at all to comprehensively list 3rd party repositories inside
the official fedora project space.. even in the wiki.. even without
using urls? My understanding is that we aren't even allowed to do
that.
OK, so store everything indexed by one-way hash of a repo GUID, so
there is no way of mapping back from what is on the server to the 3rd
party repository at all, even if you have access to the raw data files
on our server...
I'm sure we can work with legal to come up with something acceptable.
- Owen