From: Joel Jaeggli <joelja@darkwing.uoregon.edu>
To: Linus Torvalds <torvalds@transmeta.com>
Cc: Kernel Mailing List <linux-kernel@vger.kernel.org>
Subject: Re: Flame Linus to a crisp!
Date: Wed, 23 Apr 2003 21:40:50 -0700 (PDT) [thread overview]
Message-ID: <Pine.LNX.4.44.0304232121340.21091-100000@twin.uoregon.edu> (raw)
In-Reply-To: <Pine.LNX.4.44.0304232012400.19176-100000@home.transmeta.com>
I'm not philosophically opposed to DRM systems. What I am concerned with
is being made a prisoner by my applications. So, if the kernel I run has
to be signed by the someone my proprietary application vendor trusts, so
that I can view a piece of data provided by a third party, that limits the
freedom I have to choose what I put in my kernel. In some circumstances I
might be willing to forgo that freedom, but as a general rule I see it as
an unfortunate instrustion.
Signatures for the purposes of establishing the identity of authors, and
the intactness or binary or sources packages. are a seperate issue,
I support that entirely...
joelja
On Wed, 23 Apr 2003, Linus
Torvalds wrote:
>
> Ok,
> there's no way to do this gracefully, so I won't even try. I'm going to
> just hunker down for some really impressive extended flaming, and my
> asbestos underwear is firmly in place, and extremely uncomfortable.
>
> I want to make it clear that DRM is perfectly ok with Linux!
>
> There, I've said it. I'm out of the closet. So bring it on...
>
> I've had some private discussions with various people about this already,
> and I do realize that a lot of people want to use the kernel in some way
> to just make DRM go away, at least as far as Linux is concerned. Either by
> some policy decision or by extending the GPL to just not allow it.
>
> In some ways the discussion was very similar to some of the software
> patent related GPL-NG discussions from a year or so ago: "we don't like
> it, and we should change the license to make it not work somehow".
>
> And like the software patent issue, I also don't necessarily like DRM
> myself, but I still ended up feeling the same: I'm an "Oppenheimer", and I
> refuse to play politics with Linux, and I think you can use Linux for
> whatever you want to - which very much includes things I don't necessarily
> personally approve of.
>
> The GPL requires you to give out sources to the kernel, but it doesn't
> limit what you can _do_ with the kernel. On the whole, this is just
> another example of why rms calls me "just an engineer" and thinks I have
> no ideals.
>
> [ Personally, I see it as a virtue - trying to make the world a slightly
> better place _without_ trying to impose your moral values on other
> people. You do whatever the h*ll rings your bell, I'm just an engineer
> who wants to make the best OS possible. ]
>
> In short, it's perfectly ok to sign a kernel image - I do it myself
> indirectly every day through the kernel.org, as kernel.org will sign the
> tar-balls I upload to make sure people can at least verify that they came
> that way. Doing the same thing on the binary is no different: signing a
> binary is a perfectly fine way to show the world that you're the one
> behind it, and that _you_ trust it.
>
> And since I can imaging signing binaries myself, I don't feel that I can
> disallow anybody else doing so.
>
> Another part of the DRM discussion is the fact that signing is only the
> first step: _acting_ on the fact whether a binary is signed or not (by
> refusing to load it, for example, or by refusing to give it a secret key)
> is required too.
>
> But since the signature is pointless unless you _use_ it for something,
> and since the decision how to use the signature is clearly outside of the
> scope of the kernel itself (and thus not a "derived work" or anything like
> that), I have to convince myself that not only is it clearly ok to act on
> the knowledge of whather the kernel is signed or not, it's also outside of
> the scope of what the GPL talks about, and thus irrelevant to the license.
>
> That's the short and sweet of it. I wanted to bring this out in the open,
> because I know there are people who think that signed binaries are an act
> of "subversion" (or "perversion") of the GPL, and I wanted to make sure
> that people don't live under mis-apprehension that it can't be done.
>
> I think there are many quite valid reasons to sign (and verify) your
> kernel images, and while some of the uses of signing are odious, I don't
> see any sane way to distinguish between "good" signers and "bad" signers.
>
> Comments? I'd love to get some real discussion about this, but in the end
> I'm personally convinced that we have to allow it.
>
> Btw, one thing that is clearly _not_ allowed by the GPL is hiding private
> keys in the binary. You can sign the binary that is a result of the build
> process, but you can _not_ make a binary that is aware of certain keys
> without making those keys public - because those keys will obviously have
> been part of the kernel build itself.
>
> So don't get these two things confused - one is an external key that is
> applied _to_ the kernel (ok, and outside the license), and the other one
> is embedding a key _into_ the kernel (still ok, but the GPL requires that
> such a key has to be made available as "source" to the kernel).
>
> Linus
>
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at http://www.tux.org/lkml/
>
--
--------------------------------------------------------------------------
Joel Jaeggli Academic User Services joelja@darkwing.uoregon.edu
-- PGP Key Fingerprint: 1DE9 8FCA 51FB 4195 B42A 9C32 A30D 121E --
In Dr. Johnson's famous dictionary patriotism is defined as the last
resort of the scoundrel. With all due respect to an enlightened but
inferior lexicographer I beg to submit that it is the first.
-- Ambrose Bierce, "The Devil's Dictionary"
next prev parent reply other threads:[~2003-04-24 4:33 UTC|newest]
Thread overview: 230+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-04-24 3:59 Flame Linus to a crisp! Linus Torvalds
2003-04-24 4:40 ` Joel Jaeggli [this message]
2003-04-24 4:43 ` Greg KH
2003-04-24 4:57 ` Linus Torvalds
2003-04-24 5:02 ` Clemens Schwaighofer
2003-04-24 5:39 ` viro
2003-04-24 5:56 ` Valdis.Kletnieks
2003-04-24 8:46 ` Dax Kelson
2003-04-24 9:46 ` Clemens Schwaighofer
2003-04-24 10:54 ` Felipe Alfaro Solana
2003-04-25 0:07 ` Clemens Schwaighofer
2003-04-24 4:54 ` Andre Hedrick
2003-04-24 5:16 ` Linus Torvalds
2003-04-24 13:08 ` Shawn
2003-04-24 20:12 ` Kenneth Johansson
2003-04-24 17:32 ` Andreas Boman
2003-04-24 17:41 ` William Lee Irwin III
2003-04-24 19:39 ` Balram Adlakha
2003-04-26 17:05 ` Riley Williams
2003-04-24 5:02 ` Mark J Roberts
2003-04-24 5:13 ` Clemens Schwaighofer
2003-04-24 5:15 ` William Lee Irwin III
2003-04-24 5:43 ` Linus Torvalds
2003-04-24 6:15 ` William Lee Irwin III
2003-04-24 7:44 ` Jamie Lokier
2003-04-24 8:03 ` Jan-Benedict Glaw
2003-04-25 1:16 ` Jan Harkes
2003-04-25 1:35 ` Stan Bubrouski
2003-04-24 8:16 ` John Bradford
2003-04-24 8:31 ` Jamie Lokier
2003-04-24 8:59 ` John Bradford
2003-04-24 8:50 ` Jamie Lokier
2003-04-24 14:45 ` Linus Torvalds
2003-04-24 15:00 ` Jeff Garzik
2003-04-24 19:03 ` Daniel Phillips
2003-04-24 19:32 ` Timothy Miller
2003-04-24 19:22 ` Linus Torvalds
2003-04-24 20:19 ` Jamie Lokier
2003-04-24 20:35 ` Timothy Miller
2003-04-24 19:39 ` Balram Adlakha
2003-04-24 21:02 ` Jamie Lokier
2003-04-24 18:58 ` Daniel Phillips
2003-04-24 21:08 ` Jamie Lokier
2003-04-24 21:37 ` Timothy Miller
2003-04-24 21:30 ` Jamie Lokier
2003-04-24 21:38 ` John Bradford
2003-04-25 3:20 ` Shawn
2003-04-25 5:47 ` Jamie Lokier
2003-04-25 7:02 ` John Bradford
2003-04-25 8:05 ` Simple x86 Simulator (was: Re: Flame Linus to a crisp!) Steven Augart
2003-04-25 15:38 ` Timothy Miller
2003-04-25 16:10 ` John Bradford
2003-04-25 11:44 ` Antonio Vargas
2003-04-25 8:52 ` Flame Linus to a crisp! Helge Hafting
2003-04-25 14:03 ` Mike Dresser
2003-04-24 21:42 ` Russell King
2003-04-25 6:08 ` Jan-Benedict Glaw
2003-04-25 11:46 ` Antonio Vargas
2003-04-24 10:57 ` Giuliano Pochini
2003-04-24 22:51 ` Adrian Bunk
2003-04-24 7:55 ` Jamie Lokier
2003-04-24 8:37 ` Andreas Jellinghaus
2003-04-24 8:59 ` Jamie Lokier
2003-04-24 12:52 ` Andreas Jellinghaus
2003-04-24 15:37 ` Timothy Miller
2003-04-24 18:35 ` Alan Cox
2003-04-24 20:46 ` Timothy Miller
2003-04-24 20:50 ` Jamie Lokier
2003-04-24 21:03 ` Chris Adams
2003-04-24 22:29 ` Werner Almesberger
2003-04-24 22:41 ` Jamie Lokier
2003-04-24 22:54 ` Werner Almesberger
2003-04-25 0:26 ` Jamie Lokier
2003-04-24 22:41 ` Alan Cox
2003-04-27 14:21 ` Matthias Andree
2003-04-27 16:13 ` Stephan von Krawczynski
2003-04-27 16:59 ` Why DRM exists [was Re: Flame Linus to a crisp!] Larry McVoy
2003-04-27 17:04 ` Ben Collins
2003-04-27 17:34 ` Michael Buesch
2003-04-27 18:41 ` Henrik Persson
2003-04-27 17:35 ` Måns Rullgård
2003-04-27 17:49 ` Mirar
2003-04-27 23:15 ` H. Peter Anvin
2003-04-27 17:59 ` Michael Buesch
2003-04-27 21:28 ` Alan Cox
2003-04-28 1:48 ` rmoser
2003-04-28 9:05 ` Måns Rullgård
2003-04-28 10:44 ` The X-Window System John Bradford
2003-04-28 14:37 ` Herman Oosthuysen
2003-04-28 16:28 ` uaca
2003-05-06 3:55 ` Miles Bader
2003-04-27 18:07 ` Why DRM exists [was Re: Flame Linus to a crisp!] Matthias Schniedermeyer
2003-04-27 18:35 ` Chris Adams
2003-04-27 18:50 ` Larry McVoy
2003-04-27 19:11 ` Davide Libenzi
2003-04-27 20:13 ` Frank van Maarseveen
2003-04-27 20:34 ` walt
2003-04-27 21:26 ` Alan Cox
2003-04-27 22:07 ` Ross Vandegrift
2003-04-27 22:32 ` Larry McVoy
2003-04-27 22:05 ` Alan Cox
2003-04-27 23:28 ` Larry McVoy
2003-04-28 0:06 ` Ross Vandegrift
2003-04-28 11:03 ` Alan Cox
2003-04-29 18:06 ` Timothy Miller
2003-04-28 9:06 ` Eric W. Biederman
2003-04-28 14:55 ` Michael Buesch
2003-04-28 20:04 ` Matthias Schniedermeyer
2003-04-28 20:18 ` Larry McVoy
2003-04-28 20:22 ` Chris Adams
2003-04-28 21:24 ` Larry McVoy
2003-04-28 21:40 ` Roman Zippel
2003-04-28 22:13 ` Alan Cox
2003-04-28 22:16 ` Alan Cox
2003-04-29 0:09 ` Larry McVoy
2003-04-29 4:07 ` Dax Kelson
2003-04-29 5:08 ` Larry McVoy
2003-04-29 16:40 ` Scott Robert Ladd
2003-04-29 21:45 ` Helge Hafting
2003-04-30 9:58 ` Jamie Lokier
2003-04-30 15:06 ` Scott Robert Ladd
2003-04-29 5:59 ` Theodore Ts'o
2003-04-29 16:41 ` Scott Robert Ladd
2003-04-29 14:35 ` Alan Cox
2003-04-27 22:34 ` Matthias Andree
2003-04-27 22:51 ` Matthew Kirkwood
2003-04-27 23:53 ` Larry McVoy
2003-04-28 0:00 ` rmoser
[not found] ` <20030428001001.GP23068@work.bitmover.com>
2003-04-28 0:19 ` rmoser
2003-04-28 0:37 ` Larry McVoy
2003-04-28 0:40 ` rmoser
2003-04-28 11:38 ` Jan-Benedict Glaw
2003-04-29 14:21 ` Timothy Miller
2003-04-29 14:27 ` Henrik Persson
2003-04-29 19:56 ` Timothy Miller
2003-04-29 20:35 ` Henrik Persson
2003-04-30 8:39 ` Jamie Lokier
2003-04-27 18:47 ` William Lee Irwin III
2003-04-27 18:56 ` Werner Almesberger
2003-04-27 19:20 ` Geert Uytterhoeven
2003-04-27 21:30 ` Jon Portnoy
2003-04-27 21:32 ` Alan Cox
2003-04-27 22:36 ` Larry McVoy
2003-04-27 21:56 ` Alan Cox
2003-04-27 23:08 ` Matthew Kirkwood
2003-04-27 22:16 ` Alan Cox
2003-04-27 23:35 ` Matthias Andree
2003-04-27 22:07 ` Matthias Andree
2003-04-28 0:36 ` Scott Robert Ladd
2003-04-28 9:57 ` Stephan von Krawczynski
2003-05-06 15:58 ` Henning P. Schmiedehausen
2003-05-07 14:44 ` Stephan von Krawczynski
2003-05-07 14:28 ` Alan Cox
2003-05-07 21:40 ` Henning P. Schmiedehausen
2003-05-07 22:16 ` Alan Cox
2003-05-08 0:33 ` Kurt Wall
2003-04-28 11:26 ` Jan-Benedict Glaw
2003-05-06 15:59 ` Henning P. Schmiedehausen
2003-04-28 22:50 ` Timothy Miller
2003-04-29 14:46 ` Jeffrey Souza
2003-04-29 15:16 ` venom
2003-04-30 9:35 ` Jamie Lokier
[not found] ` <20030427171007$6d24@gated-at.bofh.it>
2003-04-27 20:08 ` Why DRM exists Florian Weimer
2003-04-24 19:23 ` Flame Linus to a crisp! Jamie Lokier
2003-04-24 19:50 ` Balram Adlakha
2003-04-24 8:57 ` Arjan van de Ven
2003-04-24 9:19 ` Russell King
2003-04-24 11:38 ` Shachar Shemesh
2003-04-24 17:46 ` Shachar Shemesh
2003-04-24 14:59 ` Linus Torvalds
2003-04-24 12:39 ` Mark Mielke
2003-04-24 15:53 ` Elladan
2003-04-24 18:31 ` Daniel Phillips
2003-04-24 23:15 ` Werner Almesberger
2003-04-25 11:28 ` Eric W. Biederman
2003-04-27 1:31 ` Werner Almesberger
2003-04-27 1:59 ` David Wagner
2003-04-25 14:37 ` Daniel Phillips
2003-04-25 15:17 ` Valdis.Kletnieks
2003-04-25 17:37 ` Werner Almesberger
2003-04-26 21:59 ` Daniel Phillips
2003-04-26 13:00 ` Geert Uytterhoeven
2003-04-26 18:22 ` Linus Torvalds
2003-04-26 18:41 ` viro
2003-04-26 18:48 ` Linus Torvalds
2003-04-28 14:20 ` John Stoffel
2003-04-26 19:23 ` Michael Buesch
2003-04-28 10:35 ` Andre Hedrick
2003-04-28 12:12 ` Jörn Engel
2003-04-28 14:01 ` Zack Gilburd
2003-04-28 14:30 ` Geert Uytterhoeven
2003-04-26 18:21 ` Rik van Riel
2003-04-26 23:34 ` Jamie Lokier
2003-04-27 3:59 ` Werner Almesberger
2003-04-24 20:16 ` Nils Holland
2003-04-25 4:46 ` My take on Trusted Computing and DRM Joseph Pingenot
[not found] <20030424041004$113a@gated-at.bofh.it>
2003-04-24 4:53 ` Flame Linus to a crisp! Tony 'Nicoya' Mantler
2003-04-24 12:36 Downing, Thomas
2003-04-24 14:12 ` Timothy Miller
2003-04-24 22:48 ` Werner Almesberger
2003-04-25 12:29 ` Ragnar Hojland Espinosa
2003-04-25 15:45 ` Timothy Miller
2003-04-24 20:39 Downing, Thomas
2003-04-24 21:28 ` Jamie Lokier
2003-04-24 21:42 ` Daniel Phillips
2003-04-24 22:45 ` Alan Cox
2003-04-24 23:59 ` Daniel Phillips
2003-04-25 9:07 ` Helge Hafting
2003-04-25 13:01 ` David Luyer
2003-04-25 8:13 ` Andreas Jellinghaus
2003-04-25 19:12 ` Jamie Lokier
2003-04-25 20:56 ` Andreas Jellinghaus
2003-04-25 21:50 ` Jamie Lokier
2003-04-24 21:55 Daniel Callahan
2003-04-24 22:10 Downing, Thomas
2003-04-24 22:36 ` Jamie Lokier
2003-04-25 12:23 Downing, Thomas
2003-04-25 12:36 Downing, Thomas
2003-04-27 7:25 ` Adrian Bunk
2003-04-25 12:41 Downing, Thomas
2003-04-25 12:57 Downing, Thomas
[not found] <Pine.LNX.4.44.0304232012400.19176-100000@home.transmeta.co m>
2003-04-27 10:52 ` Houston, I think we have a problem Mike Galbraith
2003-04-27 14:41 ` Martin J. Bligh
2003-04-27 17:25 ` Mike Galbraith
2003-04-27 17:29 ` Martin J. Bligh
2003-04-27 17:41 ` Mike Galbraith
2003-04-27 17:54 ` Mike Galbraith
2003-04-28 5:17 ` Mike Galbraith
2003-04-28 6:15 ` Jan Harkes
2003-04-28 9:30 Flame Linus to a crisp! Martin_List-Petersen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Pine.LNX.4.44.0304232121340.21091-100000@twin.uoregon.edu \
--to=joelja@darkwing.uoregon.edu \
--cc=linux-kernel@vger.kernel.org \
--cc=torvalds@transmeta.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).