incubator-ooo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ross Gardler <rgard...@opendirective.com>
Subject Re: FW: New: fake openoffice site
Date Wed, 28 Dec 2011 22:23:35 GMT
On 28 December 2011 20:18, Dennis E. Hamilton <dennis.hamilton@acm.org> wrote:
> I see a number of factors related to the bug report, below:
>
>  1. The high search-result placement for a pay-for-download site

This is pretty much impossible to manage. There needs to be an attempt
to get them to respect our trademark policy, this will help a little
and will at least require them to link back to the AOO site.

>  2. The prospect that the download is not authentic

As others have said Apache releases need to be signed and can
therefore be authenticated. Again, enforcing the trademark policy is
important here as we can communicate this information to those who
look. Perhaps it would be possible to make the installer verify the
package automatically.

Of course, they could always build their own package from our sources,
but then it wouldn't be verifiable against our keys.

>  3. The collection of a payment for the download

There is nothing to prevent people from taking payment for
distributing open source software.

Ross

Mime
View raw message