lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Sat, 16 Jun 2007 14:48:52 +0200
From:	Nicolas Mailhot <nicolas.mailhot@...oste.net>
To:	Daniel Hazelton <dhazelton@...er.net>
Cc:	linux-kernel@...r.kernel.org
Subject: Re: Dual-Licensing Linux Kernel with GPL V2 and GPL V3

Daniel Hazelton wrote:

>> I always did imply a "within reason". To me that means "if it is
>> simple for them to do it and can be simply extended to me as well
>> then they have to extend it". Handing out a SHA1 key definitely is
>> simple and thus IMO something I can expect them to do.

> But the "within reason" isn't there. That some people have inferred that term 
> applies doesn't matter. 

You know I was reading the "Wizard of the crow" yesterday (a terrific
book about an imaginary dictatorship in Africa) and at one point a
minister makes the mistake of using a wording that implies the Ruler and
the Country may not be one and the same. Realising his error he quickly
suggests adding to the constitution Ruler=Country. Which fails to
mollify the Ruler who replies something like "the constitution does not
writes the Sun shines, should it?"¹

Law texts are not self-contained logical units like software code. There
is always an implied "#include common-sense.h and #include reason.h" in
them. Law texts won't spell out common-sense limits. Law texts won't
write about situations not happening in real life.

Which brings me to another point. What happens when a new situation
arises? Is it sufficient to do a litteral reading of existing legal
texts to decide what's authorised or not? I'll say no. If something
obviously new happens (like DRM did those past years) you *have* to
check intent and not just verify if you can weasel by existing wording
(and of course ideally wording is adjusted to lift any ambiguïty).

Alan Cox could sue Tivo today for all his code they use because his
reading of the license he released code under is not the same as theirs.
Hell if Linus was named Tivo CEO today Alan could probably sue Linus
successfully too.

All the messages of people who claim they know the legal status of Tivo
WRT its use of GPL-v2 Linux code under DRM is just this – noise. It's
trivial to show GPL-v2 didn't envision DRM. It's trivial to show many
smart people do not have the same GPLv2 interpretation as Linus. Till
the intent of every significant kernel contributor is checked there is
no legal certainty. Refusing to look it up may be expedient but won't
lift the legal cloud.

¹ Hope this will lighten the mood a bit
-- 
Nicolas Mailhot

Download attachment "signature.asc" of type "application/pgp-signature" (198 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ