Linux: GPLv3, DRM, and Exceptions (KernelTrap.org) [LWN.net]

Linux: GPLv3, DRM, and Exceptions (KernelTrap.org)

Posted Oct 26, 2006 15:56 UTC (Thu) by lysse (guest, #3190)
In reply to: Linux: GPLv3, DRM, and Exceptions (KernelTrap.org) by bronson
Parent article: Linux: GPLv3, DRM, and Exceptions (KernelTrap.org)

> The problem is that, if a hardware manufacturer creates a hardware platform that will only run signed binaries, the GPLv3 requires the manufacturer to give away his private keys.

Does it, though? or does it merely require that the manufacturer provide some means of ensuring that the user can run a binary they compile? The two requirements are not identical, after all.

For example, a manufacturer could provide a GPL'd program, running under Linux, that sends a specific request to the device (via USB, Bluetooth, whatever) and causes the device to yield a key which can be used to sign a binary that will run on that device (and only that device). The manufacturer could make that part of the GPLv3 source distribution that it is required to provide.

Is that permissible under the GPLv3? If not, could the GPLv3 be reworded so that it is? And would that satisfy the objections?

(Log in to post comments)

Linux: GPLv3, DRM, and Exceptions (KernelTrap.org)

Posted Oct 26, 2006 20:37 UTC (Thu) by bojan (subscriber, #14302) [Link]

> For example, a manufacturer could provide a GPL'd program, running under Linux, that sends a specific request to the device (via USB, Bluetooth, whatever) and causes the device to yield a key which can be used to sign a binary that will run on that device (and only that device). The manufacturer could make that part of the GPLv3 source distribution that it is required to provide.

This is just about the same - the user is put in the position of trust. They don't want that - they want to trust only the device. I know, that's really bad and all, but that's what TC is all about.