oss-sec mailing list archives
Re: European Union Cyber Resilience Act (CRA)
From: Solar Designer <solar () openwall com>
Date: Sun, 8 Oct 2023 23:47:34 +0200
On Sun, Oct 08, 2023 at 01:56:15PM -0700, Jean Luc Picard wrote:
These people are not developers live & govern a part of earth ripe with anti-communist/socialist sentiment.
Let's avoid non-essential references to political sentiments here.
If you were to explain to them that their cellphones security is protected by things like 'community' & 'sharing', they'd likely blow a gasket.
Oh, they're well aware of that. From the Apache Foundation blog post: https://news.apache.org/foundation/entry/save-open-source-the-impending-tragedy-of-the-cyber-resilience-act "The current definitions3 are such that the CRA applies to the ASF, all of its (volunteer) developers, and all our output. And, as the ASF understands from its meeting with policy makers, this was intentional." "As the regulation of open source is intentional, and there is also a lot of common sense, good (open source) practices, in the CRA: the expectation is that we are past the point where asking for a blanket exception is productive."
It appears it's too late to bring in the real industry experts into the committee meetings but not too late to make a meaningful difference. That said, the community at large needs to prepare for a lull in rights & freedoms. Perhaps if it got to a point to where, like the cookie law, some vital repositories start geoip blocking in protest, things might move along. One thing for sure, things are about to get weird.
I advise against premature protests by people who haven't even bothered to read the available material on the topic. Alexander
Current thread:
- European Union Cyber Resilience Act (CRA) David A. Wheeler (Oct 05)
- Re: European Union Cyber Resilience Act (CRA) Katherine Mcmillan (Oct 05)
- Re: European Union Cyber Resilience Act (CRA) Fabian Keil (Oct 08)
- Re: European Union Cyber Resilience Act (CRA) Jean Luc Picard (Oct 08)
- Re: European Union Cyber Resilience Act (CRA) Solar Designer (Oct 08)
- Re: European Union Cyber Resilience Act (CRA) Dirk-Willem van Gulik (Oct 09)
- Re: European Union Cyber Resilience Act (CRA) Jean Luc Picard (Oct 08)