lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <orabuw8xdb.fsf@oliva.athome.lsd.ic.unicamp.br>
Date:	Mon, 18 Jun 2007 23:57:20 -0300
From:	Alexandre Oliva <aoliva@...hat.com>
To:	Daniel Hazelton <dhazelton@...er.net>
Cc:	Alan Cox <alan@...rguk.ukuu.org.uk>, Ingo Molnar <mingo@...e.hu>,
	Linus Torvalds <torvalds@...ux-foundation.org>,
	Greg KH <greg@...ah.com>,
	debian developer <debiandev@...il.com>, david@...g.hm,
	Tarkan Erimer <tarkan@...one.net.tr>,
	linux-kernel@...r.kernel.org,
	Andrew Morton <akpm@...ux-foundation.org>,
	Chris Friesen <cfriesen@...tel.com>,
	Bernd Schmidt <bernds_cb1@...nline.de>,
	Robin Getz <rgetz@...ckfin.uclinux.org>,
	Rob Landley <rob@...dley.net>,
	Bron Gondwana <brong@...tmail.fm>,
	Al Viro <viro@....linux.org.uk>
Subject: Re: mea culpa on the meaning of Tivoization

On Jun 18, 2007, Daniel Hazelton <dhazelton@...er.net> wrote:

> On Monday 18 June 2007 17:31:47 Alexandre Oliva wrote:
>> And if you look at GPLv3dd1 or dd2 IIRC, that's how it started.  For
>> some reason, the FSF turned it into the more lax (in some senses)
>> installation information for user products in dd3.  Maybe they decided
>> that the argument about the signature being effectively part of the
>> executable, and therefore the key being effectively part of the source
>> code, was less likely to be upheld in a court of law than this
>> alternate phrasing.  All in all, the effect is the same AFAICT, and
>> the spirit is being complied with.

> But the change has some massive problems.

Such as?  Is the effect really any different?

> If dd1 or dd2 was clearly and concisely written such that the
> conditions were not open to a different interpretation without
> creative re-definition of words then changes would not be
> needed. (I'm still working on the version I mentioned - give me a
> bit, writing english in such a way that a lawyer can't twist it to
> mean whatever they are paid to make it mean is difficult.)

It's very difficult and, worse, it might turn out to be unenforceable.
You'd have to count on signing keys being copyrightable, and they are
unlikely to be, and on signatures being derived works of both, which
is a tough call.  The whole idea resonates very well with the spirit
of the license, but we need more than that, we need it to be very
likely to work.  I suspect this is why the FSF has decided to take
another route to achieve the same (AFAICT) effect.

>> I don't see how this is different from refraining from accepting
>> contributions under any other license, except that you can't use
>> license incompatibility to reason it out as an impossibility you
>> established for yourself in just the very same way.

> I think there was more to it than that, but the point doesn't
> matter. If the license used on contributed code *isn't* completely
> compatible with the license on the project it can't be used
> anyway. (doesn't the GPLv3 cover situations like that?)

I'm not sure what you're asking.  GPLv3 covers additional permissions,
that are really no different from dual-licensing, so anyone can choose
to drop them when combining with works (including their own) that
don't offer such additional permissions.

>> My objection was mainly about the "forcing".  FSF's stance is about
>> educating users as to the moral and ethical reasons, such that they
>> reject non-Free Software, while at the same time providing software
>> authors with means to stop others from hurting users, by depriving
>> them of the freedoms they're morally entitled to have.

> Hrm... When I first hit the end of this massive sentence I was really 
> confused. Took about five minutes for me to remember that "morally entitled" 
> is based on the morals promoted by the FSF.

Yes.  And the 'them' after the last comma refers to the users, not the
authors (although they can be users too), in case it's not clear ;-)
:-D

> Everyone that has been part of this discussion - my personal code of morals 
> will not let me get away without this: "Forgive me if, in the heat of the 
> moment, I offended any of you."

FWIW, I never felt offended by you, but I second your request and
extend it to all participants in the thread too, particularly to Ingo,
to whom I remember having directed some harsh words.

-- 
Alexandre Oliva         http://www.lsd.ic.unicamp.br/~oliva/
FSF Latin America Board Member         http://www.fsfla.org/
Red Hat Compiler Engineer   aoliva@...dhat.com, gcc.gnu.org}
Free Software Evangelist  oliva@...d.ic.unicamp.br, gnu.org}
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ