Linux DCO: Friend or Foe?

Although the requirement of "signing" Linux kernel contributions may seem to add to the red tape surrounding code development, it's little different from the process most enterprises go through to ensure their own code does not infringe on an existing patent or copyright. It's an attempt to address industry concerns over code origination within the Linux kernel, which have become public since SCO filed court documents alleging that Linux infringes on its intellectual property rights.

The DCO is a CYA measure for Linux, and it may have a feel-good benefit for organizations that are deploying or planning Linux in their IT infrastructures. But it won't preclude suits like SCO's, because it's still unclear whether intellectual property protection extends to the software design or to the actual lines of code. However, DCO limits the liability of Linux distributors and places it squarely on the shoulders of individual developers.

If you've put your Linux deployment on hold pending the results of current litigation, the DCO is unlikely to change your position--it applies only to future development and doesn't resolve allegations of past infringement. Looking forward, however, the DCO offers accountability, which is a must for any software vendor that deals with enterprises. It should provide a level of comfort for organizations that want to deploy Linux but need reassurance about the legality of its source.