*countable infinities only

Bill Nottingham notting at redhat.com
Thu May 31 16:47:26 UTC 2012

Gregory Maxwell (gmaxwell at gmail.com) said: > 
> It's perhaps just as troubling that there are people involved in this
> non-public decision who apparently have such a limited understanding
> of free software that they were unable to understand the point I made
> explicitly in my message (and more elliptically in my subject).   How
> can I trust that you really had no other alternative, when you can't
> even see the loss of freedom associated with this?


Gregory Maxwell (gmaxwell at gmail.com) said: 
> I did not say that this situation was "fedora's making", I know — for example—
> That MJG cares deeply about software freedom and that he understands
> the loss of freedom here.

I'm not sure how you meant this, but I'm having a hard time reading this in
a way that's not:

- directly contradictory
- intentional raising of FUD then stepping back
- insinuating some Shadowy Cabal Of Others behind this decision

Hopefully you meant something else?

In any case, I'm not really understanding the cabal implications here.
Matthew and Peter did this work for Fedora as part of their maintainer
responsibilities for the x86 boot portion of Fedora, much as the KDE
maintainers do work for Fedora as part of their maintainership. Sure,
some of the initial work and discussion of solutions was done within a
cosortium... well, consortiums suck. Not much that can be done there. But it
will be proposed as a F18 Feature, it will be sent to FESCo, and we can all
have an exciting, long, and shouty debate there. In the meantime, they're
being open and describing what they plan to do, much like any other group or
maintainer responsible for part of Fedora does.

Yes, we all understand what freedoms are being lost here. Fedora has made
compromises in the past, not limited to:
- No third party can have their software trusted to be installed on Fedora
  by default - we don't hand out RPM signing keys.
- Hey, look at that binary firmware over there.

Some of this is done for security reasons, some of this is done for market
share reasons and a desire to work on the most hardware possible. In the
grand scheme of things, vendors could come along any day and create a system
that works based off the existing Fedora package signing keys, and forks would
be in the same boat.

Furthermore, there's nothing in this proposal that would prevent forks from
doing the exact same key registration, *even if Fedora decided not to*, which
seems a prima facie argument that it's not an insurmountable loss of freedom
for clones.


More information about the devel mailing list