[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: ITP: debian-backports-keyring -- GnuPG archive key of the backports.org repository

On Sun, 22 Jun 2008 12:54:09 -0600 Wesley J. Landaker wrote:

> Actually, how are debian-keyring and debian-archive-keyring free-software, 
> anyway? Do I get source code for the all GPG keys they contain?

The most widely accepted definition of source code is the one found in
the GNU GPL: the preferred form for making modifications to the work.

If you modify a GPG public key, you obtain something that no longer
corresponds to the original private key (obviously).  You could end up
with a different GPG public key or with something that is no longer a
GPG public key.

OK, that said, if you wanted to modify a public key (in order to obtain
something else), what form would you use for making modifications?
I think the preferred form would be the one in which the GPG public key
is distributed by keyservers or some other equivalent form (which may
be losslessly obtained from the distribution form).

Hence, if I understand correctly, I think the Debian package does
provide source.

> The /usr/share/doc/debian-keyring/copyright even says "The keys in the 
> keyrings don't fall under any copyright." Ooooops!

This could be true, to the extent that the key generation process does
not involve any creative input.

However, I've seen GPG key pairs generated in such a way that the
ascii-armored public key embeds readable text provided by the user.
In those cases, the readable text could be creative enough to be
copyrighted by its author...
Moreover, GPG public keys may be accompanied by photo-ids (small images
that represent photo portraits of the key owner): those photo-ids, if
present, may constitute other copyrighted material...

Important disclaimers: IANAL, TINLA, IANADD, TINASOTODP.

 The nano-document series is here!
..................................................... Francesco Poli .
 GnuPG key fpr == C979 F34B 27CE 5CD8 DC12  31B5 78F4 279B DD6D FCF4

Attachment: pgpRdopGX1iLy.pgp
Description: PGP signature

Reply to: