-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA224

> <snip>
>>
>> Some technical questions:
>>
>> 1) It would be useful to either pre-fill 'Us' or add instructions how it
>> should be filled.
>>
>> 2) Remember that the contributors can be from all over the world, and it
>> would
>> be good to specify the fax number including international callsign -
>> ie: +1 (415) 639-6630.
>>
>> 3) If sending by email procedure should be what? Print, fill in
>> informations 'You', be signed, scanned and sent as images?
>> It would be good instructions also add to the web page.
>>
>
> Slavek raised some good points.
>
> I went through the individual CLA and my understanding is that it should
> be signed by both the Contributor and by "Us". Am I right? How is the
> Contributor getting a copy from "Us" after the signature? It would be
> good to add some information as well.

This should now be clearer; as mentioned in my prior message I have now
signed the documents and the GPG signatures can be downloaded from the CLA
page.

> As a general observation, I have no problem with a CLA (as long as my
> employer approves that) and I do understand why you want to introduce
> them, but I think it may scare away potentially new contributors in case
> they come along, especially people from outside the US. The contents of
> the CLA is "nothing new", but being a legally binding document, some
> people may just think "What the hell? I will join another open project".

Yes, this was my concern too.  However it seems that not having a CLA is
really leaving yourself open to project-killing lawsuits; even if you
"win" in the end you still lose the project and (in many cases) everything
you own.  We aren't as civilized here as other countries; there are no
maximum penalties in copyright-related matters and one accusation brought
to court can ruin a life, even if proven baseless.

I looked around some and every major open source project including KDE
requires a CLA at this point.  Seems it just comes with the territory; if
we scare a potential contributor with our CLA they will probably be scared
off of any other major project as well.  I've tried to lay out the
rationale and mechanics of the CLA in plain English on the site; hopefully
this helps to mitigate the "scariness" factor.

Tim
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iFYEARELAAYFAlRAtl4ACgkQLaxZSoRZrGEOrwDgvp8k0eWE/dUVJjHUcSZz+7S1
V4ekIHRro/eDKADfZRcipGI735+bo8oxUEW+NXx9LihuOKfGic0sRw==
=xPKN
-----END PGP SIGNATURE-----