Re: Status on Proposal for restricted packages

[john@dhh.gt.org]

Ben Collins writes:
> This relies on a few things, 1) That we have a set standard of some
> common restrictions (ie. des, rsa, etc) 2) dpkg/apt, or some other
> essential packages, contains a database of these agreed upon common
> restrictions.

Much too complicated.  The software only needs to know where not to send
the package.

> This way most maintainers will only have to list the type and which files
> in the package it affects, and the restrictions can be centrally
> maintained by all of the developers.

That way someone has to develop a machine readable notation for all
possible restrictions and maintain a database of all existing ones.  An
impossible task, IMHO.  And an unnecessary one.

> This avoids 2 different developers having completely different
> descriptions and/or restriction definitions (the 'where-to' entries).

Raul seems to have already proposed a simple textual database of known
restrictions that developers can consult if they think their package may be
restricted.  It seems to me that a developer is less likely to make a
mistake in deciding on a set of 'where-to' restrictions then in deciding on
a 'type'.

> The advantage of listing the files affected by the encryption helps users
> know which files in the package they are free to distribute with out
> regard for the restrictions and which ones they can't. They can also track
> all the files on their system relative to a certain type of restriction.

Good idea.
-- 
John Hasler                This posting is in the public domain.
john@dhh.gt.org		   Do with it what you will.
Dancing Horse Hill         Make money from it if you can; I don't mind.
Elmwood, Wisconsin         Do not send email advertisements to this address.