CA certificates (was: Re: Mass bug filing: Cryptographic protection against modification)
- To: debian-legal@lists.debian.org
- Subject: CA certificates (was: Re: Mass bug filing: Cryptographic protection against modification)
- From: Florian Weimer <fw@deneb.enyo.de>
- Date: Wed, 05 May 2004 06:34:55 +0200
- Message-id: <[🔎] 87wu3rebkg.fsf_-_@deneb.enyo.de>
- In-reply-to: <20040504065718.GX7487@archimedes.ucr.edu> (Don Armstrong's message of "Mon, 3 May 2004 23:57:18 -0700")
- References: <87r7u0yb6r.fsf@deneb.enyo.de> <20040504065718.GX7487@archimedes.ucr.edu>
Don Armstrong <don@donarmstrong.com> writes:
> On Tue, 04 May 2004, Florian Weimer wrote:
>> A few packages contain "software" (well, everything's software these
>> days) which is cryptographically protected against modification.
>> This seems to violate DFSG §3.
>
> Uh, if you're refering to the PGP keys and certificates inclosed in
> these works, you really need to reread DFSG §3 very carefully.
>
> Presumably the licenses[1] of these works allows modified works,
> derived works, and distribution of said works. If it does, there is no
> DFSG §3 violation.
I've digged a bit more, and VeriSign actually has a license governing
the *use* of their certificates (including the root and intermediate
certificates):
<https://www.verisign.com/repository/rpa.html>
The license seems to violate DFSG §6. It also fails the Desert Island
test.
--
Current mail filters: many dial-up/DSL/cable modem hosts, and the
following domains: atlas.cz, bigpond.com, di-ve.com, hotmail.com,
jumpy.it, libero.it, netscape.net, postino.it, simplesnet.pt,
tiscali.co.uk, tiscali.cz, tiscali.it, voila.fr.
Reply to: