Steve Langasek <[EMAIL PROTECTED]>: > > > One "solution" to the problem, assuming that most of the violations are > > > in non-us, would be to not generate ISOs with non-us on them. This is > > > practical now that crypto-in-main is done. At least in theory, then, > > > OpenSSL (which is in main) would be "normally distributed" with Debian, > > > and these components would not "accompan[y] the executable". I don't > > > like it much, but it would at least have a veneer of respectability. > > > Well, if the stuff is available off Debian servers, then we are > > basically distributing them. As well, libssl0.9.6 isn't automatically > > installed with the system. It sort of seems like you're using a > > quirk in the wording as opposed to real technical differences. > > In the legal world, wording makes all the difference. The GPL > specifically talks about code that's distributed *with* the GPLed > binary, not about code distributed *by the same people as* the GPLed > binary, and we have no reason to believe that this distinction was > unintentional. Many vendors of proprietary Unices (e.g., Sun) seem to > already be counting on the fact that it is not.
This seems very dodgy. Firstly, you're claiming that main does not accompany non-us, which is very hard to justify as it's all on the same servers and non-us doesn't make much sense without main. Secondly, it doesn't really conform with the DFSG as you are forcing everyone else to maintain this fictional division between main and non-us. On the other hand, if you would move the violating packages into contrib, perhaps it would make more sense. Edmund -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
