Hi all, On IRC it was mentioned that there are updates to the CRA that may address the concerns of the FLOSS community. These blogs have updates at the top: https://blog.nlnetlabs.nl/open-source-software-vs-the-cyber-resilience-act/ 🥳 update, december 2023: The concerns expressed in this blog have been heard and are being addressed in the final text. If you read on, do so because you are interested in historical context, not because you seek an understanding of how the CRA will apply in practice. https://berthub.eu/articles/posts/eu-cra-best-open-source-security/ UPDATE: On December 1st the EU agreed on a version of the Cyber Resilience Act that appears to have substantially addressed the concerns in the post below. Further analysis awaits, but do know that the text that follows is now mostly of historical interest! Does anyone have any more info about the changes? -- bye, pabs https://wiki.debian.org/PaulWise
Attachment:
signature.asc
Description: This is a digitally signed message part