On Tue, Nov 06, 2018 at 09:21:32AM -0800, Russ Allbery wrote: > >> What is non-free? Signing stuff does not change the freeness of the > >> software. > > it does introduce https://en.wikipedia.org/wiki/Tivoisation however. > I'm not sure how us signing our stuff does that. you are right and I was sloppy to express what I meant. Sorry about this. > The computer's firmware > may do this if it enforces secure boot and doesn't provide a way to turn > it off. this is what I meant with "it" in the above sentence... > But only running signed software is a valid and sometimes > desirable security configuration, which our users may want to choose. > > By default, apt will only install software signed by Debian's archive keys > and will refuse to install anything else. We rightfully don't consider > that to be Tivoisation. I feel like supporting secure boot is similar. > > By this, I am not trying to defend hardware vendors who lock the owners > of the hardware out of installing software of their choice, only > contending that Debian signing its software doesn't create that problem. agreed. thanks for correcting me! -- cheers, Holger ------------------------------------------------------------------------------- holger@(debian|reproducible-builds|layer-acht).org PGP fingerprint: B8BF 5413 7B09 D35C F026 FE9D 091A B856 069A AA1C
Attachment:
signature.asc
Description: PGP signature