Update contribution guidelines.

1 files changed, 37 insertions, 56 deletions

diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index 17006e85..51e96e5f 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -1,63 +1,44 @@
-Sequoia PGP is owned by the [p≡p foundation] and licensed under the
-terms of the LGPLv2+.
-
-  [p≡p foundation]: https://pep.foundation/
-
-To finance its mission, privacy by default, the [p≡p foundation]
-allows third parties to relicense its software.  Consistent with the
-rules of a foundation, the money collected by the foundation in this
-manner is fully reinvested in the foundation's mission, which includes
-further development of Sequoia PGP.
-
-To do this, the [p≡p foundation] needs permission from all
-contributors to relicense their changes.  In return, the
-[p≡p foundation] guarantees that *all* releases of Sequoia PGP (and
-any other software it owns) will also be released under a GNU-approved
-license.  That is, even if Foo Corp is granted a license to use
-Sequoia PGP in a proprietary product, the exact code that Foo Corp
-uses will also be licensed under a GNU-approved license.
-
-If you want to contribute to Sequoia PGP, and you agree to the above,
-please clear sign the [p≡p foundation]'s CLA (in [doc/CLA.txt]), and
-send it to [contribution@pep.foundation] and cc
-[team@sequoia-pgp.org].  Please use the same certificate as you'll use
-to sign your commits.  This allows us to automatically link CLAs to
-commits.
-
-  [contribution@pep.foundation]: mailto:contribution@pep.foundation
-  [team@sequoia-pgp.org]: mailto:team@sequoia-pgp.org
-  [doc/CLA.txt]: https://gitlab.com/sequoia-pgp/sequoia/-/blob/main/doc/CLA.txt
-
-You can do this using `sq` as follows:
-
-```bash
-$ sq sign --cleartext-signature doc/CLA.txt --signer-file contributor.pgp
------BEGIN PGP SIGNED MESSAGE-----
-Hash: SHA512
-
-p≡p Foundation – Contributor Copyright Assignment
-...
-```
+Sequoia PGP is licensed under the terms of the LGPLv2+.
 
-Or using the
-[chameleon](https://gitlab.com/sequoia-pgp/sequoia-chameleon-gnupg) as
-follows:
+Contributions are governed by the Developer Certificate of Origin,
+which can be obtained from [https://developercertificate.org/].  A
+copy is reproduced below, for your convenience.
 
-```
-$ gpg-sq -u FINGERPRINT --clear-sign doc/CLA.txt
------BEGIN PGP SIGNED MESSAGE-----
-Hash: SHA512
+# Developer Certificate of Origin
 
-p≡p Foundation – Contributor Copyright Assignment
-...
-```
+```text
+Developer Certificate of Origin
+Version 1.1
+
+Copyright (C) 2004, 2006 The Linux Foundation and its contributors.
+
+Everyone is permitted to copy and distribute verbatim copies of this
+license document, but changing it is not allowed.
 
-Or, just use `gpg`, if `gpg-sq` or an API-compatible tool is installed
-as `gpg` on your system.
 
-This is an electronic assignment; no paper work is required.
+Developer's Certificate of Origin 1.1
 
-Please direct questions regarding the CLA to
-[contribution@pep.foundation] and cc [team@sequoia-pgp.org].
+By making a contribution to this project, I certify that:
 
-Thanks for considering contributing to Sequoia PGP!
+(a) The contribution was created in whole or in part by me and I
+    have the right to submit it under the open source license
+    indicated in the file; or
+
+(b) The contribution is based upon previous work that, to the best
+    of my knowledge, is covered under an appropriate open source
+    license and I have the right under that license to submit that
+    work with modifications, whether created in whole or in part
+    by me, under the same open source license (unless I am
+    permitted to submit under a different license), as indicated
+    in the file; or
+
+(c) The contribution was provided directly to me by some other
+    person who certified (a), (b) or (c) and I have not modified
+    it.
+
+(d) I understand and agree that this project and the contribution
+    are public and that a record of the contribution (including all
+    personal information I submit with it, including my sign-off) is
+    maintained indefinitely and may be redistributed consistent with
+    this project or the open source license(s) involved.
+```