Subject: Re: EU-kommissionen och FOSS-stockholm

Re: EU-kommissionen och FOSS-stockholm

From: Tommy Nevtelen <tommy_at_nevtelen.com>
Date: Fri, 31 Jan 2014 13:20:31 +0100

On Fri, Jan 31, 2014 at 08:47:41AM +0100, Janne Johansson wrote:
> On 01/30/2014 10:55 PM, Jeremiah C. Foster wrote:
> >
> >"Öppen källkod", translated to English as "Open Source code", is not
> >appropriate when it comes to information security. Information needs
> >to be kept and transmitted in systems with the ability to encrypt
> >information using strong encryption. Strong encryption needs to be
> >auditable. Auditable code needs to be shared under a license that has
> >strong copyleft, a Free Software license. This is why tools like Gnu
>
> I'd say this is an opinion and not a fact.
>
> >privacy guard are GPL v3, to ensure that anyone can audit and implement
> >strong encryption. Open Source does not provide the same guarantees.
>
> I don't see people having a hard time auditing OpenSSL due to the
> license, and that isn't GPLv3.
>

What I think he means is that with Open Source licenses you can make
propritary producs that are changed in a way that differs from public
versions of openssl. If our goal is to make the EU run code that is auditable
then we need to have a license that guarantees this. But that could ofcourse
be solved with some law or regulation which would provide a safeguard
against propritary binaries. But why not use a license that guarantees this
from the beginning?

-- 
Kind Regards
Tommy Nevtelen				
_______________________________________________
http://www.foss-sthlm.se/
http://cool.haxx.se/cgi-bin/mailman/listinfo/foss-sthlm
Received on 2014-01-31