[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Mass bug filing: Cryptographic protection against modification

[Florian Weimer]
> A few packages contain "software" (well, everything's software these
> days) which is cryptographically protected against modification.
> This seems to violate DFSG §3.

[Christian Perrier]
> I deeply hope this is a joke but in these days of free bigotry, no one
> may know.

Even if it is a joke, the interesting question is wether DFSG §3
prohibit using crypto do detect modified versions.

  §3 Derived Works

  The license must allow modifications and derived works, and must
  allow them to be distributed under the same terms as the license of
  the original software.

I see nothing in that paragraph that specifies that the data must
allow modified versions to continue to work as the unmodified version.
It also talk about allowing modifications, not allowing modified
version to be used as the unmodified version.

As far as I know, one can perfectly well change the keys and
signatures, and distribute the changed versions.  It just do not work.

So I do not belive paragraph 3 prohibits using crypto to detect
changed versions.

Reply to: