memcached origins

86 views
Skip to first unread message

Jonathan Louie

unread,
Mar 10, 2023, 4:52:01 PM3/10/23
to memcached
Hello,

Software being used by my organization is being reviewed, memcached being one of them. They're asking about for Trade Agreements Act (TAA) compliance, basically restrictions on software/hardware from certain countries. I know this is FOSS and they're still working out what they actually need, but is it possible for you to confirm the top 4 contributors countries of citizenship? 

I tried to do the research myself:
Dormando:           USA
Dustin Sallings:   USA
Brad Fitzpatrick: USA
Trond Norbye :    Norway

I appreciate any help in advanced. Thank you!

dormando

unread,
Mar 10, 2023, 8:39:14 PM3/10/23
to memc...@googlegroups.com
Hey,

Uhh well I can say I'm from the USA. I'm pretty sure Brad is too. Probably the rest is accurate.

Probably worth noting the other three haven't contributed in over ten years.

On Mar 10, 2023, at 1:52 PM, Jonathan Louie <jonlo...@gmail.com> wrote:

Hello,
--

---
You received this message because you are subscribed to the Google Groups "memcached" group.
To unsubscribe from this group and stop receiving emails from it, send an email to memcached+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/memcached/5b78b720-3de0-4755-94fc-3ec46727fda1n%40googlegroups.com.

Rajesh Nair

unread,
Apr 16, 2023, 12:54:43 PM4/16/23
to memc...@googlegroups.com
Sorry for the rant!

But I have heard this kind of FOSS compliance in my org as well.

IMHO this is meaningless. 
We should be checking the software for security vulnerabilities and not check the origin country of the authors.
This goes against the entire value of FOSS software
1. Anybody can contribute to an open source software
2. Any contribution would go through vigorous checks purely from technical perspective, irrespective of country of origin.
3. The more a FOSS software is able to keep the checks and balances in place while still maintaining features, it would attract better community and larger acceptance

I understand there are legal reasons for checking authors country of origin because of trade laws and software export laws. 
But , in my mind, the lawmakers needs to differentiate between how software is "manufactured" vs other commodities ( say cars)
and that is all the more true in this post pandemic world, where I have contributed from 3 different continents

Any feedback on what can be done to make the lawmakers understand this?

Reply all
Reply to author
Forward
0 new messages