Professional Documents
Culture Documents
We discuss open source software, the basics behind the Open Source Initiative
(OSI), and Free Software Licensing.
GNOME
Open Source is a certification standard issued by the Open Acronym for GNU
Source Initiative (OSI) that indicates that the source code Network Object
of a computer program is made available free of charge to Model Environment.
(Pronounced guh-
the general public. OSI dictates that in order to be nome.) GNOME is
considered "OSI Certified" a product must meet the part of the GNU
following criteria: project and part of
the free software, or
open source,
• The author or holder of the license of the source movement.
code cannot collect royalties on the distribution of
the program.
• The distributed program must make the source
code accessible to the user.
• The author must allow modifications and
derivations of the work under the program's
original name.
• No person, group or field of endeavor can be
denied access to the program.
• The rights attached to the program must not
depend on the program's being part of a particular
software distribution.
Open source software is normally distributed with the source code under an open
source license. The Open Source Initiative sets the following distribution terms that
open-source software must comply with;
Introduction
Open source doesn't just mean access to the source code. The distribution terms of
open-source software must comply with the following criteria:
1. Free Redistribution
The license shall not restrict any party from selling or giving away the software as a
component of an aggregate software distribution containing programs from several
different sources. The license shall not require a royalty or other fee for such sale.
2. Source Code
The program must include source code, and must allow distribution in source code as
well as compiled form. Where some form of a product is not distributed with source
code, there must be a well-publicized means of obtaining the source code for no more
than a reasonable reproduction cost preferably, downloading via the Internet without
charge. The source code must be the preferred form in which a programmer would
modify the program. Deliberately obfuscated source code is not allowed. Intermediate
forms such as the output of a preprocessor or translator are not allowed.
3. Derived Works
The license must allow modifications and derived works, and must allow them to be
distributed under the same terms as the license of the original software.
7. Distribution of License
The rights attached to the program must apply to all to whom the program is
redistributed without the need for execution of an additional license by those parties.
All open source software is not distributed under the same licensing agreement. Some
may use a free software license, a copyleft, or GPL compatible. The GNU GPL license
is a free software license and a copyleft license, while a "GNU Lesser General Public
License" is a free software license, but not a strong copyleft license. There are many
different types of licenses for free software . some GNU GPL compatible, some not.
The Open Source Initiative approves open source licenses after they have successfully
gone through the approval process and comply with the Open Source Definition
(above). There is currently well over fifty licenses that have been approved by the OSI.
For example, the GNU General Public License (GPL) is one license that accompanies
some open source software that details how the software and its accompany source
code can be freely copied, distributed and modified. The most widespread use of GPL is
in reference to the GNU GPL, which is commonly abbreviated simply as GPL when it is
understood that the term refers to the GNU GPL. One of the basic tenets of the GPL is
that anyone who acquires the material must make it available to anyone else under the
same licensing agreement. The GPL does not cover activities other than the copying,
distributing and modifying of the source code.
What are the advantages and disadvantages of public-key
cryptography over secret-key cryptography?
• Basics of Cryptography
The primary advantage of public-key cryptography is increased security: the private keys do not
always a chance that an enemy could discover the secret key while it is being transmitted.
Another major advantage of public-key systems is that they can provide a method for digital
signatures. Authentication via secret-key systems requires the sharing of some secret and
sometimes requires trust of a third party as well. A sender can then repudiate a previously signed
message by claiming that the shared secret was somehow compromised by one of the parties
sharing the secret. For example, the Kerberos secret-key authentication system involves a central
database that keeps copies of the secret keys of all users; a Kerberos-authenticated message would
most likely not be held legally binding, since an attack on the database would allow widespread
forgery. Public-key authentication, on the other hand, prevents this type of repudiation; each user
has sole responsibility for protecting his or her private key. This property of public-key
Furthermore, digitally signed messages can be proved authentic to a third party, such as a judge,
thus allowing such messages to be legally binding. Secret-key authentication systems such as
Kerberos were designed to authenticate access to network resources, rather than to authenticate
A disadvantage of using public-key cryptography for encryption is speed: there are popular secret-
key encryption methods which are significantly faster than any currently available public-key
encryption method. But public-key cryptography can share the burden with secret-key cryptography
the security advantages of public-key systems and the speed advantages of secret-key systems. The
public-key system can be used to encrypt a secret key which is then used to encrypt the bulk of a
file or message. Public-key cryptography is not meant to replace secret-key cryptography, but rather
to supplement it, to make it more secure. The first use of public-key techniques was for secure key
exchange in an otherwise secret-key system; this is still one of its primary functions.
Secret-key cryptography remains extremely important and is the subject of much ongoing study and
research.