On Mon, 2010-02-01 at 09:58 -0800, Luis R. Rodriguez wrote: > I can help with this only if no one else is up for it. I personally > however find building a key on the fly for each build pretty pointless > and would like to know if a package would be acceptable upstream on > Debian if OpenSSL is used to allow administrators to add their own > keys into the /etc/wireless-regdb/pubkeys/ dir for CRDA and from the > start only trust John's key. As part of upstream, you're probably the best person to do the packaging stuff for Debian. The idea was that by default there would be no Debian key installed because the text and binary databases would be unmodified. The build system would detect if Debian had patched the databases and if so generate a new key, sign the binary database with it and install the public key to the /etc/wireless-regdb/pubkeys/ dir. Debian might need to patch the database for the stable release. Thanks for all the information about how wireless card firmware and drivers interact with regulatory information. > > Hmmm, OK. I guess that makes sense. I imagine it will definitely be the > > source of some annoyance for users in the future though. > > Tell me about it, but changing that would mean first getting > regulatory agencies to allow regulatory compliance to fall down to the > user when they customize a device's regulatory settings. As it stands > that is not the case so all we can do upstream for now is allow users > to enhance compliance, never allow more. There is also the complexity > of calibration involved in allowing new channels but that is a > separate topic as well. There is also the opportunity for user-based advocacy for change in the regulations. Whenever someone comes to the kernel wireless folks with a situation where they have been prevented from connecting to a wireless network because of restrictive wireless regulatory data, explain the issue and give them a form letter they can send to their local regulatory agency complaining about the situation and suggesting change. A list of relevant regulatory agency contact details would be useful here too I think. Ideally the manufacturer should be obligated to give users hardware that can be compliant for any level of radio license and defaults to being compliant for the default radio license for the whole population. It would then be up to individual users to comply with the relevant radio license(s). Such a situation would then turn into a much bigger enforcement problem, I guess that is the main reason it doesn't work this way. -- bye, pabs http://wiki.debian.org/PaulWise
Attachment:
signature.asc
Description: This is a digitally signed message part