Personal tools

Part of a trusted network

From GPLv3 Wiki

This is about some fears people have, and about checking, if they are real:


first way of doing a trusted network

Imagine a situation, where I give a piece of GPL-Software to friends of mine and we form a truted network. I don't want other nodes to be able to listen in on our discussions, so I give each of my friends a private key, without which it isn't possible to enter the network.

Do I have to include this key in the sources, or would it suffice to give users a way to create their own key with which they can create their own trusted network?

Second way: A key created at runtime

Now a different situation:

Here, every user creates his own private key on first run and it is archived by the program.

Now the user contacts my trusted server and registers with its public key (sending it to me in a safe manner). Before the server accepts, it performs an identity check (or the operator does), then the user can enter the trusted network.

Can I better do it this way?

If yes, I can restrict access to my server to registered users and make people pay fees for using my GPLv3-Software.

If not, I can't create a serverside security model (as far as I know).

Third way: Seperate key

Now I send a piece of software to a user, which only allows him to use it, after he contacts my server and inserts a key I sent to him with the program.

Do I have to give people a way to create these keys?

If not, I can restrict access to my server to sold copies.

If yes, I can't put out software which enters the network dirctly after installation. In the very least, the user has to creat a key himself and register it with the server.

Fourth way: Signed trust

Now I think about users taking security into their own hands.

I form a group of five people, who want to be secure, and of whom everyone signes three other keys.

Now they form a web of trust, and noone else can enter this network without being authorized by one of them.

The key of at least one member is now necessary to use the GPLv3 software, which is specifically designed to enter this network (because it has the IPs of the 5 others hardcoded, or by similar means, so that it is quite some work to modify it for your own network).

Can I give the software to someone else, without conveying at least one signed key?

If yes, what happenes, if all keys are signed by only one person whoose key is in return trusted by all members?

What if the program connects to that person on first run and automatically trusts that key, but only knows the location where to get that key.

Does that person have to sign every key, to fullfill the GPLv3?

Or does it suffice, that anyone can change the location to somewhere else and start his/her own trusted network?

I know, that this last part was somewhat fuzzy, but I try to find weaknesses, so they can be fixed.

other ways

If you know of some other ways, please write them here!

Finishing this

I don't know, if the GPLv3 even hampers this in any way, but I read that people have fears of that, so I want to present these testcases to the public.

A possible solution for the GPLv3

GPLv3 and mobile phones (originally posted at flackern )

gpl3.sourcecode.p3.s3: If the work communicates with an online service, it must be possible for modified versions to communicate with the same online service in the same way such that the service cannot distinguish.

I gave quite a lot of thought to this, but in the current form, this seems to make using the GPLv3 for a mobile-phone impossible (I could barter, cheat and lie ;)).

But I found a way how it should be possible:

The product must be useable for any purpose. In a network of mobile phones, this means that the mobile phone must be able to connect to its server.

If the mobile phone can only access the server when the software on it matches certain versions verified on the server (the only way I'd allow this), then both client and server must be treated as *one* product, and the server must also be a GPLv3 program.

That way the user retains full useability of the product: The client-server system, but it is still possible to create a trusted network of any kind.

This may sound strange at first, but I think it is the logical followup on the growing networking we experience in software.

The user must have the right to restrict him/herself with his/her own software, so restrictions on the use of the software may only be placed by the software itself and must be modifyable in the product, but not necessarily in only a part of the product.

The network could still interface with other proprietary mobile phones, but as soon as one mobile is put under the GPLv3 and the software is being restricted to certain versions by certain means involving a server (i.e. by sending the binary checksum to the server), then the server must be under the GPLv3, too.

This way, I could easily set up my own network of mobile phones, where my modified versions are used, so I could still use it any way I want, as long as I get at fitting hardware (which is a problem which always existed and will always to some degree continue to exist, I think).

I don't yet know the best possible wording for this, but I'd like to hear comments on both wording and the idea.

What do you think of it?