2009-03-25 07:47:51

by Luis R. Rodriguez

[permalink] [raw]
Subject: Re: [renamed] Debian crda?

On Wed, Mar 25, 2009 at 12:39 AM, Paul Wise <[email protected]> wrote:
> On Wed, Mar 25, 2009 at 4:09 PM, Luis R. Rodriguez <[email protected]> wrote:
>
>> Last time I poked them it seemed it was not easy to figure out how to
>> deal with, if at all, the optional but recommended RSA signature stuff
>> [1] with the DFSG.
>>
>> [1] http://wireless.kernel.org/en/developers/Regulatory#RSADigitalSignature
>
> What is the percieved DFSG/RSA conflict? I can't detect any based on
> that section of the page.

Thanks Paul, then its just a matter of packaging. There is an
debian-example/ directory with a cdbs example of how to package for
wireless-regdb and crda if anyone is up for it.

Luis


2009-03-25 18:42:40

by Kel Modderman

[permalink] [raw]
Subject: Re: [renamed] Debian crda?

On Thursday 26 March 2009 03:41:30 Luis R. Rodriguez wrote:
> On Wed, Mar 25, 2009 at 10:37 AM, Kel Modderman <[email protected]> wrote:
> > On Wednesday 25 March 2009 17:51:41 Luis R. Rodriguez wrote:
> >> On Wed, Mar 25, 2009 at 12:47 AM, Luis R. Rodriguez <[email protected]> wrote:
> >> > On Wed, Mar 25, 2009 at 12:39 AM, Paul Wise <[email protected]> wrote:
> >> >> On Wed, Mar 25, 2009 at 4:09 PM, Luis R. Rodriguez <[email protected]> wrote:
> >> >>
> >> >>> Last time I poked them it seemed it was not easy to figure out how to
> >> >>> deal with, if at all, the optional but recommended RSA signature stuff
> >> >>> [1] with the DFSG.
> >> >>>
> >> >>> [1] http://wireless.kernel.org/en/developers/Regulatory#RSADigitalSignature
> >> >>
> >> >> What is the percieved DFSG/RSA conflict? I can't detect any based on
> >> >> that section of the page.
> >> >
> >> > Thanks Paul, then its just a matter of packaging. There is an
> >> > debian-example/ directory with a cdbs example of how to package for
> >> > wireless-regdb and crda if anyone is up for it.
> >
> > The example packaging needs some love, I think. I don't see it as a great
> > reference to the eventual packaging material that would enter Debian.
> >
> >>
> >> And as its probably best to coordinate with Ubuntu, they have a
> >> wireless-crda package which combines both into one package. Its
> >> shipping for Jaunty.
> >
> > And that's the only way to sanely package it (by combining the two pieces
> > upstream splits) as show by Fedora also choosing that route.
>
> Well I actually disagree.

The DFSG seems to suggest that the source code to the regulatory database
should be modifiable and the derived work distributed under the same license.

For our possible, and resonsible, modifications to take effect we need to
build the regulatory database from source, not install the prebuilt/presigned
one. The building of Debian packages is mostly done in anonymous build chroot's
without access to personal cryptography information.

How can the CRDA and wireless-regdb binaries both be built from source
separately and share the same cryptographic information with these
restrictions? (only then would debian-volatile be an option for regdb afaiu)

Maybe the debian-kernel team should be contacted more directly, as it is
ultimately them who need to make a decision about
CONFIG_WIRELESS_OLD_REGULATORY ?

Thanks, Kel.

2009-03-25 07:51:58

by Luis R. Rodriguez

[permalink] [raw]
Subject: Re: [renamed] Debian crda?

On Wed, Mar 25, 2009 at 12:47 AM, Luis R. Rodriguez <[email protected]> wrote:
> On Wed, Mar 25, 2009 at 12:39 AM, Paul Wise <[email protected]> wrote:
>> On Wed, Mar 25, 2009 at 4:09 PM, Luis R. Rodriguez <[email protected]> wrote:
>>
>>> Last time I poked them it seemed it was not easy to figure out how to
>>> deal with, if at all, the optional but recommended RSA signature stuff
>>> [1] with the DFSG.
>>>
>>> [1] http://wireless.kernel.org/en/developers/Regulatory#RSADigitalSignature
>>
>> What is the percieved DFSG/RSA conflict? I can't detect any based on
>> that section of the page.
>
> Thanks Paul, then its just a matter of packaging. There is an
> debian-example/ directory with a cdbs example of how to package for
> wireless-regdb and crda if anyone is up for it.

And as its probably best to coordinate with Ubuntu, they have a
wireless-crda package which combines both into one package. Its
shipping for Jaunty.

Luis

2009-03-25 11:35:10

by Evgeni Golov

[permalink] [raw]
Subject: Re: [renamed] Debian crda?



On Wed, 25 Mar 2009 00:51:41 -0700 Luis R. Rodriguez wrote:

> On Wed, Mar 25, 2009 at 12:47 AM, Luis R. Rodriguez <[email protected]> wrote:
> > On Wed, Mar 25, 2009 at 12:39 AM, Paul Wise <[email protected]> wrote:
> >> On Wed, Mar 25, 2009 at 4:09 PM, Luis R. Rodriguez <[email protected]> wrote:
> >>
> >>> Last time I poked them it seemed it was not easy to figure out how to
> >>> deal with, if at all, the optional but recommended RSA signature stuff
> >>> [1] with the DFSG.
> >>>
> >>> [1] http://wireless.kernel.org/en/developers/Regulatory#RSADigitalSignature
> >>
> >> What is the percieved DFSG/RSA conflict? I can't detect any based on
> >> that section of the page.
> >
> > Thanks Paul, then its just a matter of packaging. There is an
> > debian-example/ directory with a cdbs example of how to package for
> > wireless-regdb and crda if anyone is up for it.
>
> And as its probably best to coordinate with Ubuntu, they have a
> wireless-crda package which combines both into one package. Its
> shipping for Jaunty.

I'd be interested in CRDA, but:
- I don't like CDBS ;)
- I'm not a DD (yet, *waiting*), so I'd need a sponsor
- Prolly this should be done under the pkg-wpa umbrella

--
Bruce Schneier Fact Number 731:
Bruce Schneier knows at least 0x09f911029d74e35bd84156c5635688c0 other
ways to crack HD-DVD encryption.


2009-03-25 17:41:18

by Johannes Berg

[permalink] [raw]
Subject: Re: [renamed] Debian crda?

On Thu, 2009-03-26 at 03:37 +1000, Kel Modderman wrote:

> > And as its probably best to coordinate with Ubuntu, they have a
> > wireless-crda package which combines both into one package. Its
> > shipping for Jaunty.
>
> And that's the only way to sanely package it (by combining the two pieces
> upstream splits) as show by Fedora also choosing that route.
>
> Luis why can't CRDA and regd simply be released in same tarball considering
> they have such a strong relationship with eachother due to the openssl stuff?

I thought regdb was supposed to be a candidate for volatile.

johannes


Attachments:
signature.asc (836.00 B)
This is a digitally signed message part

2009-03-25 17:37:47

by Kel Modderman

[permalink] [raw]
Subject: Re: [renamed] Debian crda?

On Wednesday 25 March 2009 17:51:41 Luis R. Rodriguez wrote:
> On Wed, Mar 25, 2009 at 12:47 AM, Luis R. Rodriguez <[email protected]> wrote:
> > On Wed, Mar 25, 2009 at 12:39 AM, Paul Wise <[email protected]> wrote:
> >> On Wed, Mar 25, 2009 at 4:09 PM, Luis R. Rodriguez <[email protected]> wrote:
> >>
> >>> Last time I poked them it seemed it was not easy to figure out how to
> >>> deal with, if at all, the optional but recommended RSA signature stuff
> >>> [1] with the DFSG.
> >>>
> >>> [1] http://wireless.kernel.org/en/developers/Regulatory#RSADigitalSignature
> >>
> >> What is the percieved DFSG/RSA conflict? I can't detect any based on
> >> that section of the page.
> >
> > Thanks Paul, then its just a matter of packaging. There is an
> > debian-example/ directory with a cdbs example of how to package for
> > wireless-regdb and crda if anyone is up for it.

The example packaging needs some love, I think. I don't see it as a great
reference to the eventual packaging material that would enter Debian.

>
> And as its probably best to coordinate with Ubuntu, they have a
> wireless-crda package which combines both into one package. Its
> shipping for Jaunty.

And that's the only way to sanely package it (by combining the two pieces
upstream splits) as show by Fedora also choosing that route.

Luis why can't CRDA and regd simply be released in same tarball considering
they have such a strong relationship with eachother due to the openssl stuff?

Thanks, Kel.

2009-03-25 17:41:48

by Luis R. Rodriguez

[permalink] [raw]
Subject: Re: [renamed] Debian crda?

On Wed, Mar 25, 2009 at 10:37 AM, Kel Modderman <[email protected]> wrote:
> On Wednesday 25 March 2009 17:51:41 Luis R. Rodriguez wrote:
>> On Wed, Mar 25, 2009 at 12:47 AM, Luis R. Rodriguez <[email protected]> wrote:
>> > On Wed, Mar 25, 2009 at 12:39 AM, Paul Wise <[email protected]> wrote:
>> >> On Wed, Mar 25, 2009 at 4:09 PM, Luis R. Rodriguez <[email protected]> wrote:
>> >>
>> >>> Last time I poked them it seemed it was not easy to figure out how to
>> >>> deal with, if at all, the optional but recommended RSA signature stuff
>> >>> [1] with the DFSG.
>> >>>
>> >>> [1] http://wireless.kernel.org/en/developers/Regulatory#RSADigitalSignature
>> >>
>> >> What is the percieved DFSG/RSA conflict? I can't detect any based on
>> >> that section of the page.
>> >
>> > Thanks Paul, then its just a matter of packaging. There is an
>> > debian-example/ directory with a cdbs example of how to package for
>> > wireless-regdb and crda if anyone is up for it.
>
> The example packaging needs some love, I think. I don't see it as a great
> reference to the eventual packaging material that would enter Debian.
>
>>
>> And as its probably best to coordinate with Ubuntu, they have a
>> wireless-crda package which combines both into one package. Its
>> shipping for Jaunty.
>
> And that's the only way to sanely package it (by combining the two pieces
> upstream splits) as show by Fedora also choosing that route.

Well I actually disagree.

> Luis why can't CRDA and regd simply be released in same tarball considering
> they have such a strong relationship with eachother due to the openssl stuff?

Openssl stuff is optional and in fact not the lib chosen by default,
libgcrypt is the default though.

The point is that crda won't be updated regularly but the
wireless-regdb will be. No point in updating a binary when only the
file it reads is the one that changes.

Luis