The final legislative phase of the Cyber Resilience Act (CRA) is starting and the drafts still have issues arising from framing by the Commission or Parliament. Read OSI’s recommendations to frame the trialogue.
OSI is a co-signatory of an open letter sent this week to the European Parliament by European Digital Rights (EDRi) expressing concern that the Cyber Resilience Act (CRA) draft currently under consideration still includes mandatory requirements for vulnerability disclosure that violate best practices in Open Source software collaborations and are likely to actually undermine the security…
Europe’s standards bodies have no functional relationships with Open Source charities and do not consult them.
What might happen if the uncertainty persists around who is held responsible under the Cyber Resilience Act (CRA)? The global Open Source community is averse to legal risks and generally lacks access to counsel, so it’s very possible offers of source code will simply be withdrawn rather than seeking to resolve the uncertainty.
This year’s Maintainer Month feels different given what’s happening with the European Cyber Resilience Act. Their role is under more …
The European Commission’s proposed Cyber Resilience Act (CRA) as drafted may harm Open Source, and perhaps all other non-industrial software. A list of most relevant responses.
MOST VIEWED STORIES
RECENT COMMENTS
Bridgy Response
Bridgy Response
Bridgy Response
Bridgy Response
CATEGORIES
Bridgy Response