Problems with the GPL as I see them

Thu Sep 28 05:24:58 UTC 2006

* simo wrote, On 28/09/06 01:06:
> On Wed, 2006-09-27 at 19:13 +0100, Niall Douglas wrote:
>   
>> On 26 Sep 2006 at 22:54, Bjoern Schiessle wrote:
>>     
>>> Draf2 of GPLv3 says:
>>> "The Corresponding Source also includes any encryption or authorization
>>> keys necessary to install and/or execute modified versions from source
>>> code in the recommended or principal context of use, such that they can
>>> implement all the same functionality in the same range of
>>> circumstances."
>>>
>>> If you sign a program so that i know that the program comes from you i
>>> can "install and/or execute modified versions from source
>>> code in the recommended or principal context of use, such that they can
>>> implement all the same functionality in the same range of
>>> circumstances." So you don't have to give me your signing key.
>>>       
>> Ah but that doesn't permit "all the same functionality" now does it! 
>> It means that if you were to run a signing authenticator, you'd get 
>> different functionality.
>>     
>
> You are confusing "different functionality" (of the GPLed program) with
> different output (of the signing authenticator).
> They are 2 different things, the GPLv3 draft obviously can only refer to
> the functionality of the GPLv3 program it covers.
>
>   
But in my reading still requires the distributor to puts generous
constraints on the use of the signing authenticator output if they
retain the right to distribute.
>> We all know what it means, it's just it's ambiguous. Under a tight 
>> interpretation, it means you must disclose signing keys.
>>     
>
> No, only under a broad and tendentious interpretation.
>   
Lets not debate over ambiguous/broad-and-tendentious but consider how
many people's ambiguous is your broad-and-tendentious - which surely is
the point. And lets pray that one of them is not a judge - or, lets
discuss it and see if it needs fixing.
> 1st there is no way you can interpret an SSL connection as a container,
> as it is a mean. You never keep your file on your disk as a network
> trace of an SSL connection.
>   
replace SSL (+HTTP) with S/MIME (+SMTP)
> 2nd you don't need a *special* password to unpack/read/copy the source
> code. The SSL layer is transparent and accessible to anyone.
>   
replace SSL (+HTTP) with S/MIME (+SMTP) and a per-recipient encryption
with a key generated by the distributor, which key contains copyrighted
data and trademarks in the accompanying signed-key certificate.
> 3rd SSL is also publicly documented with an implementation available in
> source code form, so even if some silly person could conceive and
> convince someone that SSL is a container you have no problems under this
> license.
>
>   
>> Again, we know what is intended. The problem is, how precisely do you 
>> disambiguate an encrypted zip file from a SSL connection which copies 
>> it between computers? At a binary level there isn't really much 
>> difference between what is being copied and that which copies it. 
>> Again, we simply need clarification here.
>>     
>
> There is a big difference between the two, there is no need to clarify
> further. If you really want to be silly you can go down and require to
> include a whole dictionary with the license, to be sure each word
> meaning is really really really clear.
>
>   
I don't like your calling Niall silly. The point is (I thought) during
the GPL3 draft process is that we need to explore ways in which other
peoples future silliness will be upheld in law as a valid
interpretation. Save your insults for those who thus overthrow the GPL3
when its too late, not those who try to find such "silliness" within the
GPL3 during it's draft - unless you think the GPL3 wording is a done
deal and you are merely preparing the way to publish a pre-decided wording.
>> No. I was waiting for draft 3 to see if they'd get fixed on their 
>> own. I'm not a fan of the GPL, everyone knows that, so I was doubting 
>> they'd take much notice.
>>     
>
> Why not waiting till GPLv4 is out then?
> If you see problems and want them fixed at least please file a bug :-)
>   
Or discuss them on an mailing list before submitting the bug, and then
get insulted to hell till you feel disaffected, maybe, don't you think?

Sam
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fsfe.org/pipermail/discussion/attachments/20060928/f4f00a2b/attachment.html>