[tz] NIST leap-second file not yet updated
paul at ganssle.io
Thu Feb 18 17:04:36 UTC 2016
-----BEGIN PGP SIGNED MESSAGE-----
Isn't CC0 designed specifically for this sort of situation? It's public domain with a fallback for jurisdictions where that concept doesn't exist.
I've always been warned against using "crayon licenses" like simple declarations. Seems to me that any way you go, it's best to use one of the well known permissive licenses over something ad hoc.
On February 18, 2016 11:29:44 AM EST, Paul Eggert <eggert at cs.ucla.edu> wrote:
>On 02/18/2016 07:12 AM, Martin Burnicki wrote:
>> after download you still can't be sure the file has not been
>> modified. The included SHA1 hash can be generated by anyone
>I wouldn't worry about this. We generate our own checksums for the
>entire tzdata distribution including the leap-seconds file, and sign
>The main problem here is legal, not technical.
>I agree with Tony that the EUPL is not suitable for the tz project.
>a pain to use the EUPL even with GPLed code (e.g., GNU/Linux), much
>BSD (e.g., FreeBSD). We need something more like public-domain or
>3-clause BSD, both of which we already use. Public domain is preferable
>because it's simpler. CC0 would also be OK, I expect.
>If this turns into a legal hassle for the IERS, as I suspect it will,
>then it's not worth their trouble. We'll just keep doing what we have
>been doing, or something like it.
-----BEGIN PGP SIGNATURE-----
Version: APG v1.1.1
-----END PGP SIGNATURE-----
More information about the tz