Hi Marco,
- users need to be aware of non-free licenses
I believe that "need" here is a strong word. Some users will /like/ to know which non-free firmwares they need to use (I do!), but I cannot think of any reasonable scenario in which somebody /needs/ to know that.
As I've mentioned earlier, Debian has other users than end users installing their personal laptops. I wholly agree that "personal computer" users are best served with a default installation that includes non-free firmware.
However in a professional environment, both licensing and availability of support options are important concerns. There are companies and individual consultants who can fix driver issues years after vendor support has run out. I've forward-ported quite a few drivers for industrial machines and specialized hardware like badge readers from 2.6.18 to 2.6.36 to 4.18 to 5.10[1].
None of us can help with firmware issues without vendor support, though, so these users absolutely have a *need* to know what non-free firmware they are using, who is providing that, and what level of support they can expect in the future, just from a continuity of business perspective, and they also need to be fully compliant with any licenses, so they *need* to run these by their legal team.
Intel microcode used to come with a license that included
DO NOT DOWNLOAD, INSTALL, ACCESS, COPY, OR USE ANY PORTION OF THE
SOFTWARE UNTIL YOU HAVE READ AND ACCEPTED THE TERMS AND CONDITIONS
OF THIS AGREEMENT. BY INSTALLING, COPYING, ACCESSING, OR USING THE
SOFTWARE, YOU AGREE TO BE LEGALLY BOUND BY THE TERMS AND CONDITIONS
OF THIS AGREEMENT.
They have, at the insistence of the community, revised these terms to
allow us to redistribute the microcode files, and this extends down to
derived distributions and media producers, so corporations are likely in
the clear from a legal point of view if they distribute these files from
their in-house servers as well.
What is the license status of all the other firmware files? I do not know. I don't have to care, I'm not in charge of a company network.
If Debian provides an installer image, but does not at the same time promise to have vetted all applicable licenses against a list of criteria that is acceptable to the legal department, this installer image becomes close to useless to corporate users.
What is convenience to end users is a liability in the professional world, and convenience to corporate users is a blanket statement that all the licenses have been vetted to comply with the DFSG.
For that reason alone I don't believe we can't get rid of the "free software only" installer. Debian's foundation documents are another.
The actual technical difference between the two installer images should be only whether the files are actually included. Even the free installer will need to be able to generate a report of missing firmware files, and so will the non-free installer (because there are firmware files we can't include legally, that are not in non-free either, but that users may want to install on their own), and the running system.
Simon[1] These kernel versions are not by accident those that Debian shipped in stable releases.
Attachment:
OpenPGP_signature
Description: OpenPGP digital signature