Technocrat

The Linux kernel and GPLv3 on DRM

Ciaran O'Riordan
Fri Oct 20 06:36:08 -0700 2006
Open+Source+Software.
manage

I've written an editorial "Linux kernel: GPLv3, DRM, and Exceptions" which is an attempt to examine the issues raised by the Linux kernel developers, the issues that GPLv3 tries to address with respect to devices rigged to malfunction, and what options are open.

Excerpted from the kerneltrap.org editorial:

About DRM, draft 2 says you may distribute the software:

...provided you also distribute any encryption or authorization keys necessary to install and/or execute modified versions...
(From Section 1, paragraph 4)

For the vast majority of distributors of GPL software, this requirement has zero impact because in normal circumstances, no keys are necessary to install and/or execute the distributed software. The rare special case that will be impacted by this clause is where software is being distributed as a software+device bundle and the Device is Rigged to Malfunction if it detects any software that hasn't been somehow authorised by the hardware distributor.

From following the debate over GPLv3 and DRM, I think the requirements are quite a bit smaller than one would imagine if they read only second-hand sources. There are some more DRM-related words in GPLv3 draft 2, but I think the above quote is the bulk of the substance.

The Linux kernel and GPLv3 on DRM
Beryllium Sphere(r)
Fri Oct 20 08:16:25 -0700 2006
 manage
If you're suffering from an overly good mood or from excessive respect for the mainstream media, read the Daniel Lyones hatchet piece in the current Forbes.
The Linux kernel and GPLv3 on DRM
kanem
Fri Oct 20 14:30:24 -0700 2006
 manage
Good thing I read it a few days ago, because I don't feel like being in a bad mood now.

I was astounded by the unprofessionalism of that article. Whatever side of the debate a person is on, I'd think they'd be turned off by the personal attacks. I never read Forbes before, but I had always assumed it was up there with other 'high-brow' pragmatic print media like the Wall Street Journal and the Economist. Was that... article.. actually in the magazine or just on the web?
The Linux kernel and GPLv3 on DRM
Beryllium Sphere(r)
Fri Oct 20 22:17:34 -0700 2006
 manage
In the print magazine. Usually they do much better.

Keys and signed packages

wowbagger
Fri Oct 20 08:20:27 -0700 2006
 manage
This touches upon one of the things that I think has been mis-characterized about the "provide the keys" clause.

It has been asserted that the "provide the keys" clause would either

  1. Prohibit companies like Redhat from signing their RPMs and requiring GPG checks before installing them
    2. or
  2. Require Redhat to provide their signing keys, thus eliminating the benefit of signed RPMs.

However, it seems to me that if a company says "We require ALL RPMs (or other packages) to be signed by somebody who's key is on the system before we will install them - but here's how you can install your own keys..." that would satisfy the GPL3.

It also seems to me that a company that says "Look - you can install your own keys along side ours, and install your own packages - but please DO NOT make warranty claims against us if you do!" is NOT violating GPL3 - thoughts?

Keys and signed packages
Simon.Pole
Fri Oct 20 16:31:47 -0700 2006
 manage
"It also seems to me that a company that says "Look - you can install your own keys along side ours, and install your own packages - but please DO NOT make warranty claims against us if you do!" is NOT violating GPL3 - thoughts?"

RMS used this example in a speech as to how the GPLv3 would work -- so it seems to be what the FSF expects to happen.
 

Do you have questions about the site? Write to bruce at perens.com . List of all articles we've ever published. Source Code Developer's Documentation RSS XML Sitemap XML News Sitemap Valid XHTML 1.0 Strict Valid CSS! [Valid RSS]