On Tue, Nov 06, 2018 at 09:21:32AM -0800, Russ Allbery wrote:
> >> What is non-free? Signing stuff does not change the freeness of the
> >> software.
> > it does introduce https://en.wikipedia.org/wiki/Tivoisation however.
> I'm not sure how us signing our stuff does that.
you are right and I was sloppy to express what I meant. Sorry about
this.
> The computer's firmware
> may do this if it enforces secure boot and doesn't provide a way to turn
> it off.
this is what I meant with "it" in the above sentence...
> But only running signed software is a valid and sometimes
> desirable security configuration, which our users may want to choose.
>
> By default, apt will only install software signed by Debian's archive keys
> and will refuse to install anything else. We rightfully don't consider
> that to be Tivoisation. I feel like supporting secure boot is similar.
>
> By this, I am not trying to defend hardware vendors who lock the owners
> of the hardware out of installing software of their choice, only
> contending that Debian signing its software doesn't create that problem.
agreed.
thanks for correcting me!
--
cheers,
Holger
-------------------------------------------------------------------------------
holger@(debian|reproducible-builds|layer-acht).org
PGP fingerprint: B8BF 5413 7B09 D35C F026 FE9D 091A B856 069A AA1C
Attachment:
signature.asc
Description: PGP signature