[Bug 474549] Review Request: ca-cacert.org - CAcert.org CA root certificates
bugzilla at redhat.com
bugzilla at redhat.com
Wed Feb 2 22:53:08 UTC 2011
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.
https://bugzilla.redhat.com/show_bug.cgi?id=474549
--- Comment #37 from Matt McCutchen <matt at mattmccutchen.net> 2011-02-02 17:53:06 EST ---
(In reply to comment #36)
> Without some reconsideration, it appears that Fedora and CACert have created an
> impasse. May I suggest that RedHat Legal reconsider the interpretation on the
> grounds that:
Red Hat Legal's analysis is correct. There is nothing to reconsider.
> a) the RDL language "specifically does not permit" is not the same as
> "prohibits." CACert disclaims express or implied warranties, and specifically
> withholds permission to rely (take on risk or liability).
A priori, I don't need CAcert's permission to rely on (= take on risk or
liability based on) their certificates. There is no law, and I have agreed to
no contract, that would forbid me to do this. A simple statement that they
withhold permission is meaningless; there is no permission to withhold. It
seems more likely, especially in view of the policy discussion you linked, that
the intended interpretation is to make non-reliance a condition of the
copyright license. (If this is not the case, CAcert should issue an official
clarification.)
> b) all software under GPL carries the same restriction, "No warranty... the
> entire risk as to the quality and performance of the program is with you [the
> user]." It seems consistent to say, from another perspective, that relying on
> the quality or performance of the program is specifically not permitted by the
> GPL.
Nope. Companies rely (= take on risk and liability based on) the correct
operation of GPL software every day. They just can't sue the copyright holders
if it breaks.
> The RDL language is a restatement of warranty disclaimer for clarity and
> emphasis, it is not an incremental restriction.
No, that is not what it says when "RELY" is expanded with the definition given
(comment #34).
--
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
More information about the package-review
mailing list