[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Status on Proposal for restricted packages

john@dhh.gt.org <john@dhh.gt.org> wrote:
> Much too complicated.  The software only needs to know where not to send
> the package.

And how is the software supposed to know where it is?  And, for example,
just what are the laws about crypto in sweden?

Much simpler to have details be managed by someone in a position
to know.

> That way someone has to develop a machine readable notation for all
> possible restrictions and maintain a database of all existing ones. An
> impossible task, IMHO. And an unnecessary one.

(1) Compiling this database can [must] be distributed, and
(2) it's simpler for a developer to check against a checklist of issues
than it is for the developer to study up on all the legal issues.
(3) All that's needs to be centralized in my scheme is the collection
of known significant issues (definitions and labels).
(4) In your scheme each developer also needs to keep track of what
dozens of countries laws are (presumably with a tag for each significant
country), what exceptions are permitted, etc.

Fundamentally, it's the person installing the software who should
take responsibility for legal issues pertaining to the installation
of software.  Not somebody in some other country.

Debian can help people by providing information about hot topics.  Or,
we can pretend to be legal experts and make claims about the legality of
things under legal systems most of us haven't studied for even a second.


Reply to: