This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/cooperation-wg@ripe.net/
[cooperation-wg] Cyber Resilience Act effects on OSS on agenda of open source-wg
- Previous message (by thread): [cooperation-wg] Minutes of RIPE85 Cooperation WG session
- Next message (by thread): [cooperation-wg] Cyber Resilience Act effects on OSS on agenda of open source-wg
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Niall O'Reilly
niall.oreilly at ucd.ie
Thu Nov 10 19:41:21 CET 2022
[no hat] On 31 Oct 2022, at 10:14, Alessandro Vesely wrote: > What software would you use, a fully certified, professional OS, or a run-at-your-risk > product by hobbyists who are exempted from security regulations by a compassionate > exception to the Cyber Resilience Act? I don't understand what the point of this (perhaps rhetorical) question is. In a former day-job, I've had to deal with a "professional" Linux distro, whose provider was so risk-averse, and who operated such an ossified acceptance process for integrating upstream FOSS packages, that the distro was operationally unfit for purpose unless I chose to do without the "protection" supposedly provided by the "professional" packaging. I also know some hobbyists whom I would trust with my personal physical safety, or even my life. The only thing one can be sure of with certification is that the holder of a certificate managed to pass the test. https://dilbert.com/strip/2000-08-31 Best regards, Niall
- Previous message (by thread): [cooperation-wg] Minutes of RIPE85 Cooperation WG session
- Next message (by thread): [cooperation-wg] Cyber Resilience Act effects on OSS on agenda of open source-wg
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]