Re: Debian Crypto in Main document...

To: Debian Technical Committee <debian-ctte@lists.debian.org>
Subject: Re: Debian Crypto in Main document...
From: Raul Miller <moth@debian.org>
Date: Sat, 16 Jun 2001 17:38:58 -0400
Message-id: <[🔎] 992727400.429345ab@debian.org>

Er.. I've not seen any other proposals.  Unless I see something
in the next six hours, voting will start with the following ballot:

a -- Proposal A (below)
n -- we don't have anything worthwhile to say.

Thanks,

-- 
Raul

============================== Proposal A ==============================

*** debian-crypto.sgml	Fri Jun 15 11:31:33 2001
--- debian-crypto-revised.sgml	Fri Jun 15 11:31:03 2001
***************
*** 33,39 ****
      groups that copy the Debian software onto
      <glossterm>mirrors</glossterm> so that people around the world can
      download and use it.  Others make and sell CDs of Debian.  All
!     these groups might be accountable to a greater or lesser extent for the decisions Debian makes.  We want to conduct ourselves in a manner that minimizes the liability for all parties.
   </para>
      <para> As with all operating system vendors, Debian needs to
      include cryptographic software.  This software provides security,
--- 33,42 ----
      groups that copy the Debian software onto
      <glossterm>mirrors</glossterm> so that people around the world can
      download and use it.  Others make and sell CDs of Debian.  All
!     these groups might be accountable to a greater or lesser extent
!     for the decisions Debian makes.  We want to conduct ourselves in
!     a manner that minimizes the liability for all parties and, within
!     that constraint, maximizes the value of our efforts.
   </para>
      <para> As with all operating system vendors, Debian needs to
      include cryptographic software.  This software provides security,
***************
*** 43,49 ****
      developers in following export control regulations if they upload
      software to the non-US archive or to prevent them from uploading software.  We would like to
      move cryptographic software from the server outside the US onto
!   our main server in the US.  The rest of this document will
      focus on the main server within the US and on its mirrors and
      copies around the world.  It's important to realize that there is
      currently a parallel structure set up to deal with the non-US server.  </para>
--- 46,69 ----
      developers in following export control regulations if they upload
      software to the non-US archive or to prevent them from uploading software.  We would like to
      move cryptographic software from the server outside the US onto
!     our main server in the US.</para>
! 
!     <para>With the increasing networked nature of the work, and the fact
!     that more and more critical functions are being placed on computing
!     platforms, and the unfortunate growth of mischief and deliberate
!     malice, security is going to be increasingly important. Cryptography
!     is an important corner stone of a number of security processes. Any
!     OS that does not make an effort to seamlessly integrate cryptography
!     is unlikely to be competitive.</para>
!  
!     <para>Putting all software on a single source, and the corresponding
!     ability to create a single set of CD's that have integrated
!     cryptographic support makes it easier for the users, makes it easier
!     for CD vendors, simplifies the task of developers uploading software
!     to these sites, and simplifies the task of replicating the software
!     repositories on the internet.</para>
!  
!     <para>The rest of this document will
      focus on the main server within the US and on its mirrors and
      copies around the world.  It's important to realize that there is
      currently a parallel structure set up to deal with the non-US server.  </para>
***************
*** 146,151 ****
--- 166,175 ----
  	  <para>Adding and changing DFSG-free cryptographic software
  	  on our CVS server.</para>
  	</listitem>
+ 	<listitem>
+ 	  <para>Any reactions we'd have to have to any changes in
+ 	  cryptographic regulations (or laws).</para>
+ 	</listitem>
        </itemizedlist>
  </para>
    </sect1>
***************
*** 160,165 ****
--- 184,197 ----
        possible as it creates more work for us and for the government,
        but we want to notify as often   as necessary to follow the
        regulations.  </para>
+       <para> If we move our cryptographic software into this country,
+       and the laws or regulations change to be more restrictive, what
+       are we likely to lose?  Would we have to destroy any software,
+       or CDs?  Would we have to remove it from our master or secondary
+       sites?  If we use the increased availability of cryptographic
+       software to improve the security of the rest of the system, and
+       the cryptographic legal climate worsens, would be likely to have
+       to discard all copies of such software in the U.S.?</para>
        <Para> In order of decreasing preference, we would like
        to notify: 
  	<itemizedlist>


======================================================================

Reply to:

Prev by Date: Re: Debian Crypto in Main document...
Next by Date: CFV: Debian Crypto in Main document...
Previous by thread: Re: Debian Crypto in Main document...
Next by thread: CFV: Debian Crypto in Main document...
Index(es):
- Date
- Thread