Update on some maintainers / contributors.

Paul Fertser fercerpav at gmail.com
Fri Apr 4 07:43:06 AEDT 2025


Hello Patrick,

On Thu, Apr 03, 2025 at 11:04:40AM -0400, Patrick Williams wrote:
> The Linux Foundation made a clarifying post on this situation[1].
> 
> [1]: https://www.linuxfoundation.org/blog/navigating-global-regulations-and-open-source-us-ofac-sanctions

Kudos to the Linux Foundation lawyers for this prompt,
well-thought-out and, most importantly, directly applicable advice.

For those who get a little bit sea-sick reading legalese I took the
liberty of extracting what I found to be the most relevant to the
OpenBMC community:

"
developers[...] need to be cautious about who you interact with and
where your contributions come from.
[...]
Specially Designated Nationals and Blocked Persons ("SDN") List. OFAC
updates this list regularly, adding or removing names as global
situations change.
[...]
Key Points for Developers
[...]
you should consult your legal counsel immediately
[...]
1. OFAC's SDN "List" Is Not Enough
[...]
First there's the 50% percent rule if an entity is 50% or more owned
directly or indirectly by one or more SDNs. That requires identifying
who owns an entity, and (in many cases) who also owns that entity, up
until all owners are identified. Second, some sanctions apply to
entire countries (e.g. Iran), regions (e.g., the Crimea region of
Ukraine), or governments (e.g., the Government of
Venezuela)[...]. Additionally, the SDN List is constantly
changing. Just because an individual or entity is not on the SDN List
today does not mean they, or their owner, will not be added
tomorrow.
[...]
3. Avoid Two-Way Engagement
[...] help improve a patch or modify code would likely cross the line.
[...]
5. Avoid Indirect Contributions
[...]
seek legal advice early to avoid compliance issues.[...] By staying
aware and proactive, you can contribute to open source confidently

"

HTH


More information about the openbmc mailing list