[riot-users] LGPL Requirements

Craig Younkins craig at freshtemp.com
Sun Mar 22 23:42:00 CET 2015


Hello there,

Not sure which list this should go in, devel or users.

A few questions about the LGPL requirements. We may not do some of these,
and many OSS advocates would not like it if we did, but I need to
understand our legal obligations.

1. Am I legally obligated to provide a software upgrade mechanism on the
device? Do I need to publish the documentation on how to upgrade it?

2. Am I permitted to only allow signed software upgrades?

3. Many micros have lock bits that prevent further programming without
erasure. Are there any restrictions on setting those?

4. Can I store secrets like private or symmetric keys in flash memory
alongside but that is not part of the flashed binary? This would be similar
to storing those secrets in external EEPROM, which is almost certainly
permitted. This has interesting effects in combination with 3, including
potentially bricking a device if firmware upgrade was attempted due to
erasure of keys.

Thank you!

Best,
Craig Younkins
FreshTemp <https://freshtemp.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riot-os.org/pipermail/users/attachments/20150322/f46d3bac/attachment.html>


More information about the users mailing list