Unfortunately, I’ve been influenced by having seen RMS speak. I thought it would be funny! There were going to be jokes about parrots and crossing the road, but it was actually inspiring. He wanted to buy digital goods anonymously, which would be possible with a physical manifestation and cash exchange (i.e. CardSounds). It could be much larger scale, in fact, but unfortunately this reaches grounds that my previous employer has trodden, so I may be on risky ground legally. Also the required infrastructure is massive, and it didn’t take off at all when they did it.

Mainly I think it would be a good exercise to try to use puppet-controlled files outside of source control to contain the secrets necessary to open source a piece of software that needs any secrecy.

For example, DB connection credentials, encryption keys, etc, could be kept outside of the actual application if there was another mechanism that deployed the application to the server which wasn’t in the VCS, and wasn’t open-sourced. Would that just be abstracting the problem by a layer?

Not really, because it’s similar to abstracting the DB authentication tables from the application DB tables - you don’t store mysql.user in VCS with the schema your app needs.

This would be an interesting thing to do, I think, and would perhaps give me more impetus to work again on CS, converting from Cake to Nothing and putting it in GitHub.

How about that? I haven’t been very good at converting the EpistleRetriver to use Composer and then on to abstracting the security values out of it and thence putting that on GitHub, so re-writing an entire Cake app will take an age. Oh well. Thanks, Stallman.


21 March 2013