Why A Contributor Agreement?

Contributor agreements are provided mainly for two reasons:

  • Ensure the legal integrity of the project – so that everyone asserts that they’re providing original contributions to the project. This protects users and other contributors.
  • Ensure that no one is submitting code that they know to be covered by patents, and dealing with the cases where there might be such patents.

There are two ways to provide a signed copy of the agreement:

Printed Agreement

  • Print off a copy of the relevant agreement (individual or entity)
  • Read it carefully and agree to its terms
  • Sign it
  • Scan the entire unmodified agreement in as a single PDF with a resolution of 200 pixels/inch or more.
  • Email a copy of it to

Emailed Agreement

This method is only available if you can digitally sign files using a well-known public key.

  • Download and read the document carefully and agree to its terms
  • Send an email as described below to If you do not have a well-known GPG key, then you cannot use this signature method.
    • Create a plain text file with these statements in it. Please fill in your personal data as appropriate.

      I have read and agree to the terms of the document for contributions to the IT Best Practices Project whose sha1 signature is shown below.

      Submitting this digitally signed file to the IT Best Practices project constitutes my acceptance of the terms of this agreement and I provide this file as a legally binding signature to the unmodified agreement taken from the site.
      The sha1 checksum of the original agreement PDF is XXXXXXXXXXXXXX.

      I understand that this signed request will appear in the in the legal/signatures directory of the projects' source repository (currently on github) when my agreement is accepted.

      Your Name and email address

      Today's date

    • Create a clear text signed version of this file using
          gpg --output your-email-address.sig --clearsign file.txt
      and send the output file (your-email-address.sig) as an attachment to an email to These files will be stored in GitHub under the “legal/signatures” directory. You can see one such signature on github.
    • Note that this file is an ASCII-armored clear text signed version of the statement above. There is no encryption – everything is in plain text.