[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: ITI: HTTPS method for apt

On Sun, Mar 24, 2002 at 02:56:49PM -0800, Joseph Carter wrote:
> On Sun, Mar 24, 2002 at 12:21:02PM -0800, Adam McKenna wrote:
> > > >Signing packages themselves is a much better approach IMHO.
> > > 
> > > But https also allows the use of client certificates, which is quite
> > > useful if you use the .deb format to distribute commercial software
> > > that should only be downloaded by sites that paid for it.
> > 
> > So, let the company that is distributing the non-free software donate the 
> > time and resources required to build this support into apt.
> So just because it may benefit some hypotethetical commercial project, we
> should not do it?  If a developer has desire and interest to write the
> code, why oppose it?  Besides, I refuse to accept the suggestion that a
> commercial effort is welcome to do anything for Debian.  Politics and
> paranoia will kill any such effort quickly.  Remember slink.5 anyone?

Uh, right.  Actually, what I was saying was that the reason you mentioned
above, alone, is not really a great reason to do this.  If someone is already
volunteering to write the code then go for it.

As far as corporate contributions, I don't see why Debian wouldn't accept
code from anyone, provided it was released under a DFSG-free license.


Adam McKenna  <adam@debian.org>  <adam@flounder.net>

To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to: