-----BEGIN PGP SIGNED MESSAGE----- The Social Contract demands that we support users of non-free software. Debian has always been grounded in realism and we have always understood that some organizations may need to use systems on Debian that are not going to be Free.
At the same time it has been clearly identified that non-free files are not part of Debian. The people that created them refused to license them to the community and the community has no obligation to do the work of spreading their non-free software. We have always provided developers and distributors who had an interest in non-free a way of getting to it but we have always excluded it from distribution. Since the time of the Social Contract's inception the growth of broadband and the Internet has been astonishing. Today we see that the Debian servers are a major form of distribution for non-free software. Clearly, that is not acceptable. Therefore, I propose the following: Non-free and contrib should stay exactly where they are. They should be in the current bug system and in every way, from a development point of view, they should be dealt with in the way that we currently deal with them. The change I suggest is that the non-free and contrib sections be protected by certificate authentication. Certificates will be distributed to 3rd parties who sign up as an official 3rd party distributor of the non-free and contrib sections. All developers will also be issued a certificate for development purposes. Beyond these groups no end user will be able to download non-free or contrib software from a Debian controlled server. All 3rd party distributors will execute an agreement with Debian indemnifying Debian against damages that result from their distribution of software retrieved from Debian servers. It will be up to these organizations to establish a valid business model for their distributions and to take responsibility for any legal mishaps that occur because of their actions. This plan is precisely in line with current 3rd party CD distribution policies. It simply reorganizes network distribution to follow a structure similar to the well established physical distribution. Most importantly it ends Debian's distribution of non-free without adversely impacting current development procedure. In the sense that these packages will no longer be available by direct download I suggest that they be considered to "no longer be in the archive" and in compliance with Proposal-0008. I also suggest that the legal agreement drafted for network distribution deal with physical distribution and require existing 3rd party physical distributors to execute the agreement. I would like to hear opinions on whether this plan requires a further General Resolution or whether it could be adopted as a methodology of fulfilling Proposal-0008 and put into action by the DPL if the DPL is so inclined. - -- Ean Schuessler, President Software in the Public Interest, Inc. http://www.spi-inc.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) iQCVAwUBQFIou1p7Rmblcu9ZAQGLPgQAveJuiaMMG2TSPsDpZtI1KAChwEwsUZS+ YhoHal2i+K5cyEosuyQeS5LWi2BbiI7v3S5wlMlCgTRDW16LWz5/d4PoNji7DH2u ftZpArXM/ECgjVtxod2WraJ1W2x19PTHuCkRoBeYs13XDchGLSaRBmwqgrid0xut VjxBEh6m+V0= =pYEO -----END PGP SIGNATURE-----