[Catalog-sig] [PSF-Board] Troubled by changes to PyPI usage agreement

Tarek Ziadé ziade.tarek at gmail.com
Thu Jan 21 12:42:51 CET 2010

On Thu, Jan 21, 2010 at 11:59 AM, M.-A. Lemburg <mal at egenix.com> wrote:
> "Martin v. Löwis" wrote:
>>> Sure, the PEP can be used as basis for the decision process, but
>>> someone still has to make the decision to add a mirror or not
>>> and these people should be appointed to by the PSF - much like we
>>> have an infrastructure committee to see after the python.org site.
>>> The situation is a lot like with the Python trademarks:
>>> The good guys always come and ask for permission. The bad guys
>>> don't.
>> With PEP 381, the bad guys won't get any attention. You can already
>> run as many public mirrors of PyPI as you want, but nobody will notice.
>> To become an official mirror, you have to ask for permission already;
>> see the PEP.
>>> In order to go after them we need a clear set of
>>> rules for setting up and running a PyPI mirror and disallowing
>>> setups that don't follow these rules.
>> See the PEP.
> Like I said: the PEP can be used to document the technical requirements
> of being accepted as official mirror, but it doesn't cover any
> of the legal requirements the PSF will need to put in place in
> order to prevent unofficial mirrors which use the content to
> e.g. increase their page rank, add advertisement and other
> drive-by revenue, misrepresent authorship, add malware to popular
> packages, etc.

As Martin mentioned yesterday, the latter can't happen : see


More information about the Catalog-SIG mailing list