问 HN:基于声誉的软件许可证
1 分•作者: rando77•7 个月前
有人知道有没有介于开源和闭源之间的方案,允许在声誉良好的情况下,获得对部分源代码的授权,从而可以自由使用吗?
设想方案如下:
* 用户以象征性的费用创建一个最小化的加密身份(不与真实身份关联),并向声誉追踪机构注册。
* 用户使用该身份,从声誉提供商处请求特定版本(git sha 或版本号)软件的许可证。
* 软件在启动时,会通过加密方式检查许可证是否来自一组提供商,并在客户端或服务器端进行身份验证时使用许可证中包含的身份(以便进行进一步的声誉检查)。
这并不能阻止所有恶意行为者,但其目的是,如果使用软件的人声誉足够差,使用该软件的行为将明显违法。
我对使用软件生态系统的模拟来压力测试任何实现方案,以及是否应该提高获取身份的难度很感兴趣。
但我首先想看看是否有相关的先例。
查看原文
Does anyone know of work on a middle ground between open source and closed source where you can get a license to do what you want with some source if your reputation is okay.<p>How it would work:
- Users create an minimal cryptographic identity for a nominal fee (this is not tied to their real identity), registered with an reputation tracking organisation.<p>- Users then use that identity to request a license for a piece of software of a specific version (git sha or version number) from the reputation provider.<p>- The software checks the license at start up cryptographiucally comes from a set of providers and also uses the identity included with the license when identifying as a client or server (to allow further reputation checks to be made).<p>This won't stop all bad actors but the idea is to make it obviously illegal to use the software if the people using it get a bad enough reputation.<p>I'd be interested in using simulations of software ecosystems to stress test any implementations and see if getting identities should be made harder.<p>But I thought I would see if there was prior art.