[Owasp-testing] OSSTMM manual
jfernandez at germinus.com
Tue Jan 23 07:06:27 EST 2007
Andrew van der Stock dijo:
> is it possible for us to re-license the OWASP Guide 3.0 with this
> license, or do I have to find all the 1.x contributors and ask them for
A license change requires all people with copyright over the text to
approve it (that approval needs to be signed to be legal). All document
authors are actually copyright holders of the text they wrote unless
they transfer (c) to some other organisation beforehand (and typically
this needs to be also signed for it to be legal under most jurisdictions).
That's why many projects, right from the start, ask contributors to
either adhere to a license that they don't expect to change, or transfer
(c) to the main leader of the project. This is, IIRC, done now when
people sign in the Wiki but was not done previously in OWASP.
That's also why having a version control system (even for documentation)
where people contribute makes it easier to determine who wrote what.
Without it is impossible to track who made significant changes to the
document (and is, consequently, co-author of it).
Of course, this does not apply to small "patches" to the documents (typo
fixes, reviews, ideas that get written by somebody else) since those are
not major contributions.
Some (OSS) projects have had to rewrite some parts full of it because
they could not get hold of one of the earlier contributors when they
wanted to do a license change :(
More information about the Owasp-testing