Re: [renamed] Debian crda?
On Thursday 26 March 2009 03:41:30 Luis R. Rodriguez wrote:
> On Wed, Mar 25, 2009 at 10:37 AM, Kel Modderman <firstname.lastname@example.org> wrote:
> > On Wednesday 25 March 2009 17:51:41 Luis R. Rodriguez wrote:
> >> On Wed, Mar 25, 2009 at 12:47 AM, Luis R. Rodriguez <email@example.com> wrote:
> >> > On Wed, Mar 25, 2009 at 12:39 AM, Paul Wise <firstname.lastname@example.org> wrote:
> >> >> On Wed, Mar 25, 2009 at 4:09 PM, Luis R. Rodriguez <email@example.com> wrote:
> >> >>
> >> >>> Last time I poked them it seemed it was not easy to figure out how to
> >> >>> deal with, if at all, the optional but recommended RSA signature stuff
> >> >>>  with the DFSG.
> >> >>>
> >> >>>  http://wireless.kernel.org/en/developers/Regulatory#RSADigitalSignature
> >> >>
> >> >> What is the percieved DFSG/RSA conflict? I can't detect any based on
> >> >> that section of the page.
> >> >
> >> > Thanks Paul, then its just a matter of packaging. There is an
> >> > debian-example/ directory with a cdbs example of how to package for
> >> > wireless-regdb and crda if anyone is up for it.
> > The example packaging needs some love, I think. I don't see it as a great
> > reference to the eventual packaging material that would enter Debian.
> >> And as its probably best to coordinate with Ubuntu, they have a
> >> wireless-crda package which combines both into one package. Its
> >> shipping for Jaunty.
> > And that's the only way to sanely package it (by combining the two pieces
> > upstream splits) as show by Fedora also choosing that route.
> Well I actually disagree.
The DFSG seems to suggest that the source code to the regulatory database
should be modifiable and the derived work distributed under the same license.
For our possible, and resonsible, modifications to take effect we need to
build the regulatory database from source, not install the prebuilt/presigned
one. The building of Debian packages is mostly done in anonymous build chroot's
without access to personal cryptography information.
How can the CRDA and wireless-regdb binaries both be built from source
separately and share the same cryptographic information with these
restrictions? (only then would debian-volatile be an option for regdb afaiu)
Maybe the debian-kernel team should be contacted more directly, as it is
ultimately them who need to make a decision about