*countable infinities only

Jesse Keating jkeating at j2solutions.net
Sat Jun 2 16:57:39 UTC 2012

On 06/02/2012 09:24 AM, Gregory Maxwell wrote:
>> (Users would have to disable
>> >  yum's gpg checking in order to install your unsigned package, or they would
>> >  have to install/your/  gpg key and trust it in order to install the package
>> >  signed with your key).
> I distribute modified copies of Fedora's OpenSSL libraries, they're
> signed my by key not Fedora's.  Users— even rather technically
> unsophisticated— install them without any difficulty.  The install
> tools do not enforce that the files be signed, they do not have to
> install my key.
> Try for yourself, if you like:http://people.xiph.org/~greg/openssl/

My point here was that you don't enjoy equal footing with Fedora in this 
regard, today.  User's have to do something /extra/ to get your 
software.  They have to either disable GPG protection in yum, install 
your GPG key, or install the packages outside of yum.

This is not unlike disabling Secure Boot or adding your key to Secure Boot.

>> >  You have as
>> >  much equal footing as Fedora does to plunk down the $99 and play along in
>> >  the PC sandbox.
> So if I were to take, say, a GPLed compositing window manager and then
> I paid $99 for a license to embed a copy of commercial opengl special
> effects— which prohibited modification, reverse engineering,
> redistribution by unlicensed parties, and commercial use—  then I
> started distributing this modified version... and I gave it to you and
> told you that you were free to pay $99 to play in the
> graphically-enhanced distribution sandbox,   you'd think that was
> okay?

That's a nice strawman you've built up there, however I'm quite unable 
to see what point you're trying to make here.

Help me fight child abuse: http://tinyurl.com/jlkcourage

- jlk

More information about the devel mailing list