Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

[News] FSFE on GPL Licensing and Copyright

Hash: SHA1

On Copyright Assignment

,----[ Quote ]
| One or two points of fact, though: the FSF 
| does not require assignment â not for all GNU 
| projects, at least. For some, yes. I made 
| this exact same mistake at the GNU hackerâs 
| meeting in Gothenburg last month. After all, 
| itâs easy to find articles stating that the 
| FSF requires assignment â even on the FSF 
| site â and not so easy to find ones that do 
| not. After all, itâs hard to search for the 
| absence of a document. Andy Wingo can 
| probably point out some.



Fellowship interview with Simon Josefsson

,----[ Quote ]
| SRE: Your Masterâs Thesis dealt with the
| concept of storing personal encryption
| certificates in DNS. While still not a
| common practice, you wrote in a recent
| blogpost that some work has begun to
| happen in the area. How do you currently
| regard the promise of this way of
| distributing keys? Have keyservers in
| general improved since your thesis was
| written?
| SJ: The problem is not so much about
| technology here, but social matters. The
| person responsible for managing DNS for an
| organization is typically not the same
| person responsible for managing user
| certificates for an organization, and
| people have been reluctant to change their
| habits here. After all, DNS is a pretty
| critical piece of any companyâs
| infrastructure. So I havenât seen much
| uptake in this, even if it continues to be
| a interesting possibility, especially for
| the OpenPGP world. One part of my thesis
| was about the privacy issues around the
| then-current DNSSEC standard, the so
| called NXT record. I identified and
| explained that it will lead to problems
| when people can enumerate entire DNS
| zones, and even wrote a IETF draft on how
| to solve the problem using hashing of the
| names instead of storing the names
| directly. People in the IETF felt that the
| threat didnât exist, and thought they were
| ready to roll out DNSSEC quite soon anyway
| (this was in 2001/2002!) so they didnât
| want to change DNSSEC. I gave up on the
| draft, but years later people who were
| actually deploying this identified the
| same problem, and ended up re-inventing my
| solution, which is now standardized (the
| NSEC3 record). So at least some of it
| ended up being used, although not in the
| form or way I anticipated.

Version: GnuPG v1.4.9 (GNU/Linux)


[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index