Acked-by, signed-off-by, vs reviewed-by

Keith Packard keithp at
Sat Oct 24 06:00:08 PDT 2009

Excerpts from Greg KH's message of Fri Oct 23 15:55:07 +0900 2009:

> Do you want to do what the Linux kernel does, and state that S-o-b is
> agreeing to the Developer's Certificate of Origin?  That is where this
> came from, so keeping it to mean the same thing might be a good
> idea.

We haven't ever considered doing this in the past, and I think we'd
need to get broad agreement among developers and their respective
employers that this was both necessary and useful. I would like to
consider doing this for as it does provide additional
documentation about the origin of each line of code in the system
going forward. What do other people think? Too much process here? A
great plan?

For reference, the C-o-O that Greg refers to is from the Linux kernel
documentation found in the file Documentation/SubmittingPatches in the
Linux tree and is reproduced here for your enjoyment:

12) Sign your work

To improve tracking of who did what, especially with patches that can
percolate to their final resting place in the kernel through several
layers of maintainers, we've introduced a "sign-off" procedure on
patches that are being emailed around.

The sign-off is a simple line at the end of the explanation for the
patch, which certifies that you wrote it or otherwise have the right to
pass it on as a open-source patch.  The rules are pretty simple: if you
can certify the below:

        Developer's Certificate of Origin 1.1

        By making a contribution to this project, I certify that:

        (a) The contribution was created in whole or in part by me and I
            have the right to submit it under the open source license
            indicated in the file; or

        (b) The contribution is based upon previous work that, to the best
            of my knowledge, is covered under an appropriate open source
            license and I have the right under that license to submit that
            work with modifications, whether created in whole or in part
            by me, under the same open source license (unless I am
            permitted to submit under a different license), as indicated
            in the file; or

        (c) The contribution was provided directly to me by some other
            person who certified (a), (b) or (c) and I have not modified

	(d) I understand and agree that this project and the contribution
	    are public and that a record of the contribution (including all
	    personal information I submit with it, including my sign-off) is
	    maintained indefinitely and may be redistributed consistent with
	    this project or the open source license(s) involved.

then you just add a line saying

	Signed-off-by: Random J Developer <random at>

using your real name (sorry, no pseudonyms or anonymous contributions.)

keith.packard at
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 190 bytes
Desc: not available
Url : 

More information about the xorg-devel mailing list