On 11/15/05, robert burrell donkin <[EMAIL PROTECTED]> wrote: > i think i understand now.
but i would like to ask about software grant best practice. (again, i'm not sure whether this is documentated anywhere or not) i've done some digging around and think that the software grant applies to a specific, concrete instance of the source. this will typically be examplared by a tarballed source artifact checked into subversion. am i right and is the incubator the right place to check in this artifact (and if so, where)? it seems typical to use an md5 sum from a known version of an application as the content of exhibit A. this allows the artifact checked into subversion to be checked against the legal paperwork. is this sufficient? would asking for an OpenPGP-compatible signature in addition be overkill? - robert
