Re: [PATCH] MAINTAINERS: Remove some entries due to various compliance requirements.

[James Bottomley]

> On Fri, 18 Oct 2024, Greg Kroah-Hartman wrote:
> > Remove some entries due to various compliance requirements. They
> > can come back in the future if sufficient documentation is
> > provided.
> 
> This is very vague...

We finally got clearance to publish the actual advice:

   If your company is on the U.S. OFAC SDN lists, subject to an OFAC
   sanctions program, or owned/controlled by a company on the list, our
   ability to collaborate with you will be subject to restrictions, and
   you cannot be in the MAINTAINERS file.

> What are "various compliance requirements"?
> What does "sufficient documentation" mean?

The documentation Greg is looking for (which a group of Lawyers at the
LF will verify) is that someone in the removed list doesn't actually
work for an OFAC SDN sanctioned entity.

> I can guess, but I think it's better to spell out the rules, as Linux
> kernel development is done "in the open". I am also afraid this is
> opening the door for further (ab)use...

I agree we should have been more transparent about this but I think it
would be hard for someone other than Greg to get a Maintainer removed
on the "compliance issue" grounds so it's probably not that open to
abuse.

Regards,

James