Search Engine on start.fedoraproject.org

Toshio Kuratomi a.badger at gmail.com
Sun Jul 25 01:26:04 UTC 2010


On Sat, Jul 24, 2010 at 01:13:06PM -0800, Jeff Spaleta wrote:
> On Sat, Jul 24, 2010 at 12:56 PM, Toshio Kuratomi <a.badger at gmail.com> wrote:
> > In our case this is what happens when something that has an unknown
> > licensing issue becomes an integral part of Fedora Infrastructure and we
> > find out after the fact?
> 
> 
> >
> > Perhaps we need to say that we cannot let any external service become
> > essential to the running of Fedora Infrastructure.
> >
> > Perhaps we need signed contracts with any third parties that guarantee for
> > us the open sourceness of their code with monetary damages if there is
> > a violation.  Perhaps we do need the right to audit the third parties.
> >
> > I do not think that API compliance is a really worthwhile definition.  If
> > all it takes is API compliance why aren't we running the service ourselves?
> 
> Maybe because running our own infrastructure requires resources and
> other service providers make actually be much better and much more
> efficient than our infrastructure team is at maintaining a particular
> service and our available admin manpower and system resources doesn't
> scale to provide all possible services in house in a maintainable way.
>  Its the same question that every corporate entity must consider when
> they decide to deploy internally our outsource any part of their
> infrastructure to make best benefit of available resources.    If we
> can run it ourselves is a different question than is it most efficient
> to run it ourselves.  API compliance allows a graceful fallback if the
> overall efficiency/cost  landscape changes.
> 

I think that you're weighing the possibility of running it ourselves too
much compared to the convenience of outsourcing.  If it truly is compelling
to outsource the service, that very likely means that it will be hard for us
to deploy and maintain it in house.  And if that's the case, then we don't
really save much by mandating simple API compatibility.

-Toshio
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
Url : http://lists.fedoraproject.org/pipermail/advisory-board/attachments/20100724/4eb0a3fb/attachment.bin 


More information about the advisory-board mailing list