Felix Stalder on Mon, 28 Apr 2003 13:42:26 +0200 (CEST)


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

<nettime> Linux and DRM





http://linuxtoday.com/developer/2003042401126OSKNLL

Date:   Wed, 23 Apr 2003 20:59:45 -0700 (PDT)
From: Linus Torvalds <[email protected]>
To: Kernel Mailing List <[email protected]>
Subject: Flame Linus to a crisp!

-------------------------------

Ok, there's no way to do this gracefully, so I won't even try. I'm
going to  just hunker down for some really impressive extended flaming,
and my  asbestos underwear is firmly in place, and extremely
uncomfortable.

I want to make it clear that DRM is perfectly ok with Linux!

There, I've said it. I'm out of the closet. So bring it on...

I've had some private discussions with various people about this
already, and I do realize that a lot of people want to use the kernel
in some way to just make DRM go away, at least as far as Linux is
concerned. Either by some policy decision or by extending the GPL to
just not allow it.

In some ways the discussion was very similar to some of the software
patent related GPL-NG discussions from a year or so ago: "we don't like
it, and we should change the license to make it not work somehow".

And like the software patent issue, I also don't necessarily like DRM
myself, but I still ended up feeling the same: I'm an "Oppenheimer",
and I refuse to play politics with Linux, and I think you can use Linux
for whatever you want to - which very much includes things I don't
necessarily personally approve of.

The GPL requires you to give out sources to the kernel, but it doesn't
limit what you can _do_ with the kernel. On the whole, this is just
another example of why rms calls me "just an engineer" and thinks I
have no ideals.

[Personally, I see it as a virtue - trying to make the world a
slightly better place _without_ trying to impose your moral values on
other people. You do whatever the h*ll rings your bell, I'm just an
engineer who wants to make the best OS possible. ]

In short, it's perfectly ok to sign a kernel image - I do it myself
indirectly every day through the kernel.org, as kernel.org will sign
the tar-balls I upload to make sure people can at least verify that
they came that way. Doing the same thing on the binary is no different:
signing a binary is a perfectly fine way to show the world that you're
the one behind it, and that _you_ trust it.

And since I can imaging signing binaries myself, I don't feel that I
can disallow anybody else doing so.

Another part of the DRM discussion is the fact that signing is only the  
first step: _acting_ on the fact whether a binary is signed or not (by 
refusing to load it, for example, or by refusing to give it a secret
key) is required too.

But since the signature is pointless unless you _use_ it for something,
and since the decision how to use the signature is clearly outside of
the scope of the kernel itself (and thus not a "derived work" or
anything like that), I have to convince myself that not only is it
clearly ok to act on the knowledge of whather the kernel is signed or
not, it's also outside of the scope of what the GPL talks about, and
thus irrelevant to the license.

That's the short and sweet of it. I wanted to bring this out in the
open,  because I know there are people who think that signed binaries
are an act  of "subversion" (or "perversion") of the GPL, and I wanted
to make sure  that people don't live under mis-apprehension that it
can't be done.

I think there are many quite valid reasons to sign (and verify) your
kernel images, and while some of the uses of signing are odious, I
don't see any sane way to distinguish between "good" signers and "bad"
signers.

Comments? I'd love to get some real discussion about this, but in the
end  I'm personally convinced that we have to allow it.

Btw, one thing that is clearly _not_ allowed by the GPL is hiding
private keys in the binary. You can sign the binary that is a result of
the build process, but you can _not_ make a binary that is aware of
certain keys without making those keys public - because those keys will
obviously have been part of the kernel build itself.

So don't get these two things confused - one is an external key that is
applied _to_ the kernel (ok, and outside the license), and the other
one is embedding a key _into_ the kernel (still ok, but the GPL
requires that such a key has to be made available as "source" to the
kernel).

Linus

#  distributed via <nettime>: no commercial use without permission
#  <nettime> is a moderated mailing list for net criticism,
#  collaborative text filtering and cultural politics of the nets
#  more info: [email protected] and "info nettime-l" in the msg body
#  archive: http://www.nettime.org contact: [email protected]