Mozilla Foundation Committers' Agreement
THIS IS A DRAFT VERSION OF THE AGREEMENT AND SHOULD NOT BE USED. There is a list of changes. For more information see bug 342029.
In order to become a Committer - that is, to obtain the ability to contribute information ("Code") to a Mozilla Foundation source code or data repository - you ("You") must indicate your agreement to the terms below by completing and signing this agreement and returning it to a Mozilla Foundation representative at the address specified at http://www.mozilla.org/hacking/notification/ (the "Notification Address").
1. Contact Information
2. Treatment of Account
You will receive one or more sets of Mozilla project access credentials. You will not allow anyone else to use these credentials to access any Mozilla project system. Should You become aware of any such use, You will immediately notify the Mozilla Foundation in the manner specified at http://www.mozilla.org/hacking/notification/; until such notice is received You will be presumed to have taken all actions made using Your credentials. The Mozilla Foundation and their designates will have complete control and discretion over capabilities associated with Your credentials and may change them for any reason at any time. Your name and email address, or a derivative of it, may be visible worldwide via the Internet.
3. License Terms
Code committed to a Mozilla Foundation repository must be governed by the mozilla.org tri-license, consisting of the Mozilla Public License ("MPL"), the GNU General Public License ("GPL") and the GNU Lesser General Public License ("LGPL"), or another license or set of licenses acceptable to the Mozilla Foundation for the Code in question. Other licenses are not acceptable to the Mozilla Foundation until the Foundation declares them to be acceptable in writing at http://www.mozilla.org/MPL/license-policy.html. You will verify that committed Code contains appropriate boilerplate licensing text.
4. Committing Code Created by Others
You may check in Code to a Mozilla Foundation repository that was not written by You, provided that:
a) The checkin comment contains information (or references to information) sufficient to identify the author of the Code, including at minimum an email address; and
b) You make all reasonable and appropriate efforts to ensure that such Code conforms to the terms of this agreement.
You understand that cryptographic Code may be subject to government regulations with which the Mozilla Foundation and/or entities using such Code must comply. Any Code which contains any of the items listed below must either be checked-in to a module explicitly identified as containing cryptography, or must not be checked in until the Mozilla Foundation has been notified and has approved such contribution in writing.
a) Cryptographic capabilities or features; or
b) Calls to cryptographic features; or
c) User interface elements which provide context relating to cryptography; or
d) Code which may, under casual inspection, appear to be cryptographic.
6. Notices and Knowledge
By contributing Code, You confirm that, to the best of Your knowledge:
a) For any Code contributed under MPL terms, any notices required by Sections 3.3, 3.4 or Section 4 of the MPL have been appropriately placed; and
b) Code does not violate the rights of any person or entity.
If You contribute Code on behalf of Your employer, then You must confirm that an appropriate representative of that employer has authorized the inclusion of such Code in a Mozilla Foundation repository under the terms of this agreement.
- Do we need to better define "a module explicitly identified as containing cryptography"? What does this requirement mean in practice?