请问HN:基于声誉的软件许可证
有没有人知道关于一种介于开源和闭源之间的工作,在这种模式下,如果你的声誉良好,可以获得许可证以自由使用某些源代码?
它的工作原理如下:
- 用户以名义费用创建一个最小的加密身份(这与他们的真实身份无关),并在一个声誉追踪组织中注册。
- 用户随后使用该身份向声誉提供者请求特定版本(git sha或版本号)软件的许可证。
- 软件在启动时会检查许可证,确保其加密来源于一组提供者,并在作为客户端或服务器进行身份识别时使用许可证中包含的身份(以便进行进一步的声誉检查)。
这并不能阻止所有的不良行为者,但其理念是,如果使用软件的人声誉足够差,使用该软件将显得明显违法。
我对使用软件生态系统的模拟进行压力测试任何实现感兴趣,并观察获取身份是否应该变得更加困难。
不过,我想看看是否有相关的先前研究。
查看原文
Does anyone know of work on a middle ground between open source and closed source where you can get a license to do what you want with some source if your reputation is okay.<p>How it would work:
- Users create an minimal cryptographic identity for a nominal fee (this is not tied to their real identity), registered with an reputation tracking organisation.<p>- Users then use that identity to request a license for a piece of software of a specific version (git sha or version number) from the reputation provider.<p>- The software checks the license at start up cryptographiucally comes from a set of providers and also uses the identity included with the license when identifying as a client or server (to allow further reputation checks to be made).<p>This won't stop all bad actors but the idea is to make it obviously illegal to use the software if the people using it get a bad enough reputation.<p>I'd be interested in using simulations of software ecosystems to stress test any implementations and see if getting identities should be made harder.<p>But I thought I would see if there was prior art.