Linus may have it wrong on digital rights management, but it's the vague wording and confusing concepts - like what is meant by a 'derivative work' - that is causing the real headaches over the next General Public License. A representative of the Free Software Foundation, leading the effort around GPL 3.0, said that Linux creator Linus Torvalds had 'misread' the license's provisional terms.
To view parent comment, click here.
To read all comments associated with this story, please click here.
Member since:2005-07-11
The sticking point is that GPL v3 would force Tivo to distribute a key which allows users to run a modified kernel on Tivo hardware. Tivo already distributes all of their changes along with the source, just as they are required to do, but they do not want to allow users to run anything on Tivo hardware except a Tivo signed kernel. Since that requirement is enforced at the hardware level, Linus feels that it thereby oversteps the boundary between what it can reasonably require and what it cannot.
Perhaps he's mistaken, and the GPL v3 would allow Tivo to continue doing as they've done all along, but I don't think so. Everyone, including the FSF, seems to agree that Tivo's DRM scheme wouldn't be allowed under the new version of the GPL (assuming of course that Linux were relicensed to fall under GPL v3).
Member since:
2006-02-16
If we can apply these new provisions of giving up keys when "distributing" encrypted kernels to Tivo, what is to stop someone demanding my private key if I send (or distribute) a kernel in an encrypted e-mail?
As I understand it, the GPL3 draft doesn't impose a requirement to distribute the same specific key you use, but rather to distribute _some_ key (if necessary) that gives others the same ability to run, distribute and modify the program that you enjoy as a result of agreeing to the license.
If you distribute the Linux kernel in an e-mail, encrypted using your private key, anyone else can modify the kernel and distribute it just as well in an e-mail using any other key (or, in fact, no key at all). So there is certainly no requirement for you to disclose your private key in that case.
And if it worries you, no one could force anyone else to disclose a key even in a real licensing breach. Rather there may be a cease-and-desist order to prevent future breach of copyright, and a suit for past breach of copyright (although GPL copyright holders generally don't seem to bother about the latter).