[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

CA certificates (was: Re: Mass bug filing: Cryptographic protection against modification)

Don Armstrong <don@donarmstrong.com> writes:

> On Tue, 04 May 2004, Florian Weimer wrote:
>> A few packages contain "software" (well, everything's software these
>> days) which is cryptographically protected against modification.
>> This seems to violate DFSG §3.
> Uh, if you're refering to the PGP keys and certificates inclosed in
> these works, you really need to reread DFSG §3 very carefully.
> Presumably the licenses[1] of these works allows modified works,
> derived works, and distribution of said works. If it does, there is no
> DFSG §3 violation.

I've digged a bit more, and VeriSign actually has a license governing
the *use* of their certificates (including the root and intermediate


The license seems to violate DFSG §6.  It also fails the Desert Island

Current mail filters: many dial-up/DSL/cable modem hosts, and the
following domains: atlas.cz, bigpond.com, di-ve.com, hotmail.com,
jumpy.it, libero.it, netscape.net, postino.it, simplesnet.pt,
tiscali.co.uk, tiscali.cz, tiscali.it, voila.fr.

Reply to: