On Wed, 2002-05-29 at 12:17, Simon Law wrote: > On 29 May 2002, Jeff Licquia wrote: > > Out of curiosity, do you have non-us in your sources.list? It would be > > interesting to find out how much of that software is really in main. > > Yes, I do have non-us in my list. Removing it narrow our group > down to 16, none of which seem to be in violation.
That's good to hear, at least. > > One "solution" to the problem, assuming that most of the violations are > > in non-us, would be to not generate ISOs with non-us on them. This is > > practical now that crypto-in-main is done. At least in theory, then, > > OpenSSL (which is in main) would be "normally distributed" with Debian, > > and these components would not "accompan[y] the executable". I don't > > like it much, but it would at least have a veneer of respectability. > > Well, if the stuff is available off Debian servers, then we are > basically distributing them. As well, libssl0.9.6 isn't automatically > installed with the system. It sort of seems like you're using a > quirk in the wording as opposed to real technical differences. Well, yes. I will note again, for the record, my general distaste for the argument. This whole line of reasoning is a concession to practical considerations, rather than the principled stand Debian is used to taking (and which I prefer). The idea behind it is that non-us is "not a part of Debian". In the past, this wasn't really considered to be true, but we could make it so now without giving up OpenSSL support for other packages, ssh, gnupg, and so on. The key is that we maintain separate infrastructure for non-us and the regular Debian archive (which we do already), and that our CDs not contain non-us, so it becomes plausible that we do not ship them "together". We could even use the situation as an excuse for releasing woody, and then cleaning up the licensing situation in "stable/non-US" post-release. Since non-us isn't really part of woody, it can be updated with less of the rigor we would apply to stable/main. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
