Re: [PATCH] MAINTAINERS: Remove some entries due to various compliance requirements.
From: James Bottomley
Date: Thu Oct 24 2024 - 11:39:25 EST
> On Fri, 18 Oct 2024, Greg Kroah-Hartman wrote:
> > Remove some entries due to various compliance requirements. They
> > can come back in the future if sufficient documentation is
> > provided.
>
> This is very vague...
We finally got clearance to publish the actual advice:
If your company is on the U.S. OFAC SDN lists, subject to an OFAC
sanctions program, or owned/controlled by a company on the list, our
ability to collaborate with you will be subject to restrictions, and
you cannot be in the MAINTAINERS file.
> What are "various compliance requirements"?
> What does "sufficient documentation" mean?
The documentation Greg is looking for (which a group of Lawyers at the
LF will verify) is that someone in the removed list doesn't actually
work for an OFAC SDN sanctioned entity.
> I can guess, but I think it's better to spell out the rules, as Linux
> kernel development is done "in the open". I am also afraid this is
> opening the door for further (ab)use...
I agree we should have been more transparent about this but I think it
would be hard for someone other than Greg to get a Maintainer removed
on the "compliance issue" grounds so it's probably not that open to
abuse.
Regards,
James