Re: Proposed spec for external packages


Jeremiah Foster <jeremiah.foster@...>
 



On Tue, Aug 4, 2015 at 6:40 PM, Mike Milinkovich <mike.milinkovich@...> wrote:
On 04/08/2015 12:15 PM, Kate Stewart wrote:
I agree we should not depend on closed standards.  However,  the question is do we want to be able to reference to external packages that other systems are supporting?

Its impossible to answer this question, largely because there's not enough data -- what are these "other systems" (Windows?) and what are the "external packages"? 

Beats me. But to me the proposed solution looks much worse than whatever problem it is that you're trying to solve. Speaking of which, where is the document that describes the problem you're trying to solve?

My impression is that the consumers of open source software are trying to create a system to make it easier to identify and manage the artifacts used within their organization. Is that correct?

This is my assumption as well.
 
If so, what I am missing is how you are going to motivate the producers of open source to use such a system. You're already getting our libre software for free. Why are we going to do more work to make your lives easier?

My apologies in advance if I'm completely off base here.

I think you're on target. 

Much of this design is coming from the pseudo-standard world where standards are made on paper and forced to be adopted. FOSS works in completely the opposite direction; multiple implementations are tested and then adopted as a standard once proven. If this is not the planned way of working then I suggest looking at W3C's requirements for standards adoption which *requires* two independent implementations of the standard before it can be adopted. 

Regards,

Jeremiah 

Join spdx@lists.spdx.org to automatically receive all group messages.