From: Bastien <bzg@gnu.org>
To: Richard Stallman <rms@gnu.org>
Cc: kfogel@red-bean.com, mccracken.joel@gmail.com,
monnier@iro.umontreal.ca, vibhavp@gmail.com, emacs-devel@gnu.org
Subject: Re: twitter.el, anyone?
Date: Mon, 20 Jan 2014 21:40:34 +0100 [thread overview]
Message-ID: <87y52agzel.fsf@bzg.ath.cx> (raw)
In-Reply-To: <E1W5KQD-0007jQ-Ox@fencepost.gnu.org> (Richard Stallman's message of "Mon, 20 Jan 2014 14:22:09 -0500")
Richard Stallman <rms@gnu.org> writes:
> [[[ To any NSA and FBI agents reading my email: please consider ]]]
> [[[ whether defending the US Constitution against all enemies, ]]]
> [[[ foreign or domestic, requires you to follow Snowden's example. ]]]
>
> - twittering-mode uses CA certificates provided by Symantec here
> https://www.symantec.com/page.jsp?id=roots
>
> Could you explain how twittering-mode relates to those certificates?
I'm quoting Tadashi:
According to https://dev.twitter.com/discussions/24239 , connections
to api.twitter.com are now restricted to TLS/SSL connections only.
CA certificates are required for verifying the server certificates
and establishing SSL connection. Since SSL connection is established
by an external program such as curl, wget, gnutls-cli or openssl,
such a program refers to certificates.
Therefore, an external program must be able to refer to valid
certificates that can verify the Twitter server certificates. Of
course, if a system has such certificates and an external program
can refer to it, twittering-mode do not have to include
certificates.
I have embedded them for convenience of various platforms.
> The first blocker is strong: using these certificates requires
> the authors to sign Symantec Root Certificate license agreement,
> which is not compatible with GPL:
>
> I don't follow this statement. Who exactly has to agree to that license?
The developer who uses the certificates and redistribute them.
> What effect does this have on users of twittering mode?
None.
> What effect does this have on redistributors of twittering mode?
Developers have to agree with these restrictions:
3. RESTRICTIONS.
You may not: (a) modify or create any derivative works of Root
Certificates; (b) assign, sublicense, sell, rent, or lease
Symantec's root keys or Root Certificates; (c) use such Root
Certificates except as expressly permitted under this Agreement; (d)
remove or alter any trademark, logo, copyright, or other proprietary
notices, legends, symbols, or labels provided in the Root
Certificates; or (e) certify, or cause a third party to certify, the
public key contained in the Root Certificates by issuing or creating
a Certificate containing such public key.
The full license is here:
https://www.symantec.com/content/en/us/about/media/repository/root-certificate-license-agreement.pdf
> As for incompatibility with the GPL, is that issue relevant? The
> certificate need not be covered by the GPL, and it is not software,
> is it? Isn't it data?
Yes, certificates are data.
I've not read the Symantec license in its entirety, I just focused
on some part and they read as not being free software friendly in
general. I cannot judge in details.
There is the possibility to use certificates from Mozilla :
http://curl.haxx.se/ca/
I suggested the author to give it a try and see if it works.
> Anyway, without understanding how the certificate relates to
> the software, I can't tell what the issue is.
I hope it's clearer now.
--
Bastien
next prev parent reply other threads:[~2014-01-20 20:40 UTC|newest]
Thread overview: 49+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-01-15 4:04 twitter.el, anyone? Richard Stallman
2014-01-15 4:24 ` Joel Mccracken
2014-01-15 7:08 ` Karl Fogel
2014-01-15 14:53 ` Stefan Monnier
2014-01-15 16:31 ` Bastien
2014-01-16 17:56 ` Richard Stallman
2014-01-16 18:13 ` Vibhav Pant
2014-01-16 21:16 ` Joel Mccracken
2014-01-17 1:39 ` Stephen J. Turnbull
2014-01-17 5:48 ` chad
2014-01-17 14:10 ` Richard Stallman
2014-01-17 14:34 ` Bastien
2014-01-18 12:33 ` Richard Stallman
2014-01-18 13:17 ` Vibhav Pant
2014-01-18 13:22 ` Vibhav Pant
2014-01-19 12:12 ` Richard Stallman
2014-01-19 13:25 ` Vibhav Pant
2014-01-20 9:14 ` Richard Stallman
2014-01-19 15:26 ` Bastien
2014-01-19 17:54 ` Achim Gratz
2014-01-20 9:32 ` Bastien
2014-01-19 20:29 ` Stefan Monnier
2014-01-20 9:46 ` Bastien
2014-01-20 19:22 ` Richard Stallman
2014-01-20 20:40 ` Bastien
2014-01-21 14:42 ` Richard Stallman
2014-01-21 15:10 ` Bastien
2014-01-22 15:31 ` Richard Stallman
2014-01-23 8:20 ` Bastien
2014-01-23 17:18 ` Richard Stallman
2014-01-20 19:20 ` Richard Stallman
2014-01-20 19:22 ` Richard Stallman
2014-01-20 20:40 ` Bastien [this message]
2014-01-21 14:42 ` Richard Stallman
2014-01-21 15:26 ` Bastien
2014-01-23 10:55 ` Richard Stallman
2014-01-23 11:46 ` Bastien
2014-01-15 7:08 ` David Kastrup
2014-01-15 7:42 ` Vibhav Pant
2014-01-15 8:53 ` chad
2014-01-16 17:53 ` Richard Stallman
2014-01-16 18:59 ` David Kastrup
2014-01-16 21:38 ` Sebastien Vauban
2014-01-17 1:14 ` Vibhav Pant
2014-03-07 10:59 ` Steinar Bang
2014-03-07 12:11 ` Matt Ford
2014-03-07 13:35 ` Tassilo Horn
2014-03-08 9:45 ` Grim Schjetne
2014-03-08 15:11 ` Lars Ingebrigtsen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://www.gnu.org/software/emacs/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87y52agzel.fsf@bzg.ath.cx \
--to=bzg@gnu.org \
--cc=emacs-devel@gnu.org \
--cc=kfogel@red-bean.com \
--cc=mccracken.joel@gmail.com \
--cc=monnier@iro.umontreal.ca \
--cc=rms@gnu.org \
--cc=vibhavp@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).