LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for February 16, 2012

Book review: Open Advice

Linux support for ARM big.LITTLE

LWN.net Weekly Edition for February 9, 2012

XBMC 11 "Eden"

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Giving up your keys

Giving up your keys

Posted Aug 4, 2005 10:35 UTC (Thu) by man_ls (subscriber, #15091)
In reply to: Wiring DRM into the system by MathFox
Parent article: Wiring DRM into the system

IANAL, but it is easy to argue this one out. The keys are not essential to the build process; Red Hat uses their own keys, just as you could use yours. You might build a Red Hat clone with your own keys (some people do that already) and it would work just as well.

And, given that a "key" in this case is a prime number chosen at random (or similar mathematical artifact) there is no shortage of them that you might require Red Hat's; you might as well ask for the developer's password.

(Log in to post comments)

Giving up your keys

Posted Aug 4, 2005 11:12 UTC (Thu) by MathFox (guest, #6104) [Link]

IANAL either, but I see that I was not clear in my previous comment.
If the key is not essential to the ability to run a binary, I see no reason to force someone to provide the key (like the RedHat signature on some RPMs).

When someone provides an "trusted" platform that requires signed executables signing the executable is an essential step in the building and installation process. Under those circumstances the distributor of an GPL application running on the trusted platform might be forced to provide a key that allows signing of modified binaries, so that they can run on the platform.
I am only saying that in that case a convincing argument can be made in front of a judge, not what the final decision will be.

Giving up your keys

Posted Aug 4, 2005 18:01 UTC (Thu) by man_ls (subscriber, #15091) [Link]

My point, apart from being a bit bogus itself, was not clear either. It may be integral to the process that you sign the executable; but the particular key that you use is not. You can choose a prime number (or a couple of them) at random, and you can use that to sign the package / executable / kernel / whatever. If you need a signed certificate, go to whomever signs them.

And then you complain that you cannot run it on your machine, because your hardware vendor is an evil company and has locked it up. The software vendor will say: "Well, that is not my problem; find another machine which accepts your signature (credentials) or build it yourself or forget about it. You have the source code, so suit yourself." You are in the jury; what would you say?

You can build a case for a judge, but IMHO you might as well complain that you need the root password to build and install a program, and Red Hat did not provide it.

Giving up your keys

Posted Aug 6, 2005 22:30 UTC (Sat) by giraffedata (subscriber, #1954) [Link]

I believe the argument that GPL requires the distributor to supply his signing key is this:

GPL says that if I give you a binary, I must also give you all the source material needed to build that binary. Not just a similar binary; the one I actually gave you. I have to give you the scripts that contain the linker options I used, for one thing. Giving you the signing key isn't much of a stretch from that.

You can argue technically either way, but the spirit of the GPL is that the recipient of a binary is supposed to be able to make useful modifications. Shipping a binary that works only because it's signed with a key the recipient doesn't know clearly does an end run around that goal and produces the same result as shipping object code without source.

Copyright © 2012, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds