Ok, here's the first order of business in the status on this proposal which is based mostly on the ideas I have seen come across the list. This _only_ includes a description of what the package will contain to let dpkg know about it's restrictions. This does not require any policy on how the dependencies need to be handled nor how it is distributed on the mirrors etc., just the package format. Basically it has been others opinions that the idea for a seperate control file named 'restrictions' needs to be used for any package which may fall under import/export restrictions due to whatever reason. This seems like the best way to handle this. The format would probably look something like this: Type: crypto-rsa Files: /usr/bin/ssh /usr/sbin/sshd Type: crypto-newtype Files: /usr/bin/ssh /usr/bin/sshd Restrictions: US-any any-DE Description: This package contains files which contain the 'newtype' encryption mechanism. It may be illegal for you to import and or export this package to or from certain countries blah blah blah Type: patent-rsa Files /usr/bin/ssh /usr/bin/sshd There are a few things to note with this format. You will notice that out of the 3 entries for restrictions only 1 was formatted completely. This relies on a few things, 1) That we have a set standard of some common restrictions (ie. des, rsa, etc) 2) dpkg/apt, or some other essential packages, contains a database of these agreed upon common restrictions. This way most maintainers will only have to list the type and which files in the package it affects, and the restrictions can be centrally maintained by all of the developers. This avoids 2 different developers having completely different descriptions and/or restriction definitions (the 'where-to' entries). If there is a package with a specific restriction then it can simply define it within itself for dpkg/apt to use. The database that dpkg/apt can use will look exactly like this format without the 'Files:' entry. However dpkg/apt can keep a database on installed packages with restrictions in say /var/lib/dpkg/restrictions with the same format except that it appends files with packages onto each restriction type like so: Type: crypto-des Files: ssh (/usr/bin/ssh /usr/sbin/sshd) \ krb5-client (/usr/bin/klogin) Restrictions: any-US Description: DES encryption blah blah blah The advantage of listing the files affected by the encryption helps users know which files in the package they are free to distribute with out regard for the restrictions and which ones they can't. They can also track all the files on their system relative to a certain type of restriction. QUESTION: I'm not too familiar with how things like this are supposed to be agreed upon and brought to a resolution for inclusion into the policy. Can some one help me out with these intricacies? I will write this up in a more 'Debian Policy' format tomorrow, similiar to how the other control file descriptions are layed out. thanks -- ----- -- - -------- --------- ---- ------- ----- - - --- -------- Ben Collins <b.m.collins@larc.nasa.gov> Debian GNU/Linux UnixGroup Admin - Jordan Systems Inc. bcollins@debian.org ------ -- ----- - - ------- ------- -- The Choice of the GNU Generation
Attachment:
pgp5KLQV2cVS4.pgp
Description: PGP signature