* Raphael Hertzog (raphael@ouaza.com) wrote: > Le jeudi 16 juin 2005 à 01:03 -0400, Eric Dorland a écrit : > > > The Mozilla Foundation have made many shows of good faith via Gervase in > > > this long running debate which he has continued to follow despite the > > > criticisms levelled at him/the Mozilla Foundation. Obviously if they > > > turn around in the future and say "oh we hate your blah patch you can't > > > use the name" then we can /then/ make it a big issue and change the name > > > to iceweasel and be happy. I honestly think this is unlikely though and > > > to do so now would be not only be premature but be harmful to users and > > > your/the project's relationship with Mozilla. > > > > Well actually to some degree they've already done this. Recently the > > CAcert (www.cacert.org) project's root CA made it into our > > ca-certificates package. However I can't have Firefox use that as a > > root CA by default and still use the trademark: > > > > http://article.gmane.org/gmane.comp.security.cacert/2752 > > > > This seems like a pretty unacceptable to me. > > Given the trademark license, you can just add the CA-Cert and wait until > MoFo complains to you... if they decide to complain ! Ummm, did you read the thread? It was pretty clear they would not find it acceptable. > Another approach (which would be more respectful to MoFo) would be to > ask them to add the CA certificate into upstream's list of trusted CA so > that the whole issue becomes a non-issue for us. We're all reasonable > people, if we add that CA cert it's because we trust them. Given our > track of security consciousness I see no reason why MoFo wouldn't trust > what we trust (that's even the reason why they made an exceptin). Will the add the SPI root CA to their root CA list? It's pretty Debian specific, so I doubt it. > Third approach is to ask again for an exception concerning this change. > > Choose whatever you prefer. In any case it doesn't change anything to > the status of the software ... Firefox with its original name is free > software and should be included as-is within Debian. > > Furthermore I'm sure that you can avoid that problem by using a debconf > question: "Do you want to add the CA certs contained in CA-certificates > in the list of CA trusted by Firefox ?" > > We don't change the list of CA certs but we're letting the user change > it on his own machine. And I suppose that this has always been > possible... (it was just more difficult for the user) > > Cheers, -- Eric Dorland <eric.dorland@mail.mcgill.ca> ICQ: #61138586, Jabber: hooty@jabber.com 1024D/16D970C6 097C 4861 9934 27A0 8E1C 2B0A 61E9 8ECF 16D9 70C6 -----BEGIN GEEK CODE BLOCK----- Version: 3.12 GCS d- s++: a-- C+++ UL+++ P++ L++ E++ W++ N+ o K- w+ O? M++ V-- PS+ PE Y+ PGP++ t++ 5++ X+ R tv++ b+++ DI+ D+ G e h! r- y+ ------END GEEK CODE BLOCK------
Attachment:
signature.asc
Description: Digital signature