Re: ITI: HTTPS method for apt
On Sun, Mar 24, 2002 at 02:56:49PM -0800, Joseph Carter wrote:
> On Sun, Mar 24, 2002 at 12:21:02PM -0800, Adam McKenna wrote:
> > > >Signing packages themselves is a much better approach IMHO.
> > >
> > > But https also allows the use of client certificates, which is quite
> > > useful if you use the .deb format to distribute commercial software
> > > that should only be downloaded by sites that paid for it.
> > So, let the company that is distributing the non-free software donate the
> > time and resources required to build this support into apt.
> So just because it may benefit some hypotethetical commercial project, we
> should not do it? If a developer has desire and interest to write the
> code, why oppose it? Besides, I refuse to accept the suggestion that a
> commercial effort is welcome to do anything for Debian. Politics and
> paranoia will kill any such effort quickly. Remember slink.5 anyone?
Uh, right. Actually, what I was saying was that the reason you mentioned
above, alone, is not really a great reason to do this. If someone is already
volunteering to write the code then go for it.
As far as corporate contributions, I don't see why Debian wouldn't accept
code from anyone, provided it was released under a DFSG-free license.
Adam McKenna <firstname.lastname@example.org> <email@example.com>
To UNSUBSCRIBE, email to firstname.lastname@example.org
with a subject of "unsubscribe". Trouble? Contact email@example.com