Good morning,
I just published an extended, written version of my RIPE talk in the
open-source wg [1] with NLnet Labs' perspective on the European
Commission's proposal for a Cyber Resilience Act vs. Open Source:
https://blog.nlnetlabs.nl/open-source-software-vs-the-cyber-resilience-act/
We feel the current proposal misses a major opportunity. The CRA could
bring support to open-source developers maintaining the critical
foundations of our digital society. But instead of introducing
incentives for integrators or financial support, the current proposal
will overload small developers with compliance work.
At the same time, this is only the Commission's proposal. I hope there
is opportunity to raise awareness and influence the coming positions and
negotations.
I'm very grateful to the many people in the RIPE community that talked
to me after my presentation. I feel my understanding of the issue is
improving. Curious to hear what you think, how you feel this affects the
projects you rely on and what we have yet to learn about the implications.
kind regards, Maarten
[1] https://ripe85.ripe.net/archives/video/911
--
To unsubscribe from this mailing list, get a password reminder, or change your
subscription options, please visit:
https://lists.ripe.net/mailman/listinfo/cooperation-wg
