On Mon, 28 Apr 2003 14:16:55 -0400
"Fred A. Miller"
I want to make it clear that DRM is perfectly ok with Linux!
There, I've said it. I'm out of the closet. So bring it on...
Btw, one thing that is clearly _not_ allowed by the GPL is hiding private keys in the binary. You can sign the binary that is a result of the build process, but you can _not_ make a binary that is aware of certain keys without making those keys public - because those keys will obviously have been part of the kernel build itself.
So don't get these two things confused - one is an external key that is applied _to_ the kernel (ok, and outside the license), and the other one is embedding a key _into_ the kernel (still ok, but the GPL requires that such a key has to be made available as "source" to the kernel).
Linus
I don't know if this specifically applies..... a way to pgp sign elf files. http://www.jukie.net/~bart/elfpgp This is a way to actually put your gpg key right inside a binary, and a way to check it. It also kindof shows how trojans could be injected into binaries. There will be alot more development in this area, on both windows and linux. I think the problem comes when the government wants to mandate that all processors are built with circuits built in, that will check these keys. Even that is not so bad, having a real time gpg hardware; but it does get crummy looking when Microsoft wants to run it. It would be a pretty nice system, to have a processor which could load a "bank of keys", (like soundfonts get loaded). Then verify binaries when they are run. This would benefit everyone. I'll start worry when they mandate that you implant "pgp idenfication chips" under everyone's skin, and all monitors won't work unless the "keyserver in command central" says you're "OK". -- use Perl; #powerful programmable prestidigitation