With Colemak and its ilk, all such bets are off. I, for instance, do support it quite a lot, but nobody pays me to do so and there are absolutely no guarantees as the disclaimer states. This may make some IT dept. nervous, don't know.
But that may not be an issue in this case.
]]>We have lots of open source/public domain software on the approved list, but in the other cases, there's always some responsible party. For example, the Apache web server is overseen by the Apache Software Foundation. One could say that the license is lacking. It specifies "the authors" without identifying who they are.
I personally think this is a whole lot of kerfuffle over nothing, but the lawyers are thinking about things like making sure no author is connected to a party in a current or past legal action that could create a conflict of interest or invalidate a contract or agreement.
]]>I'd just enter "colemak.com" there, that's where you got the download from, and is what they will want to verify.
]]>The Vendor field should probably say "Open source" or "Public domain" then? On a side note, I use the Vendor field on PKL layouts as an attribution field saying, e.g., "Shai Coleman, DreymaR". But that would only confuse your IT dept. so for you it wouldn't be a good idea.
]]>I can't find anything on the website, and domain privacy is on, so I can't even look at who registered the domain.
]]>