Re: Web application licenses

[Raul Miller <moth@debian.org>]

On Tue, Aug 03, 2004 at 09:40:12AM +0100, Edmund GRIMLEY EVANS wrote:
> Security isn't just a binary quality.

[Can't sleep, trying to find something boring enough to fix that.
Didn't quite work...]

Security is not always the same thing from one person to the next.

Ok, sure, some things are fairly obvious for almost everyone (buffer
overflows are bad security -- more generally, anything where "what the
computer does" is different from "what the responsible person thinks
the computer is doing" is bad), but...  I'm tempted to bring in Ben
Franklin's quote about temporary security.

That said, the concept of "http headers must say apache 1.36" is so far
out of line from free software that it's almost irrelevant.  Even if we
somehow allowed a requirement to announce specific information about
version, a requirement that the software couldn't be upgraded to some
locally defined version would make it non-free.

-- 
Raul