<html>
  <head>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
  </head>
  <body>
    <div class="moz-cite-prefix">On 2023-02-20 1:36 p.m., Brian
      Behlendorf wrote:<br>
    </div>
    <blockquote type="cite"
      cite="mid:c8a22145-3452-48c2-c1d1-e04f36ccf75e@behlendorf.com">On
      Sat, 18 Feb 2023, Thorsten Glaser wrote:
      <br>
      <blockquote type="cite" style="color: #007cff;">What is a CRA?
        Assuming you don’t means clan restoration act here…
        <br>
      </blockquote>
      <br>
      Cyber Resiliency Act, the prompt for this thread:
      <br>
      <br>
      <a class="moz-txt-link-freetext"
href="https://eclipse-foundation.blog/2023/01/15/european-cyber-resiliency-act-potential-impact-on-the-eclipse-foundation/"
        moz-do-not-send="true">https://eclipse-foundation.blog/2023/01/15/european-cyber-resiliency-act-potential-impact-on-the-eclipse-foundation/</a></blockquote>
    <p>For those who are interested in this topic, I've written <a
        moz-do-not-send="true"
href="https://eclipse-foundation.blog/2023/02/23/cyber-resilience-act-good-intentions-and-unintended-consequences/">a
        second blog post</a>[1] on the unintended consequences of the
      Cyber Resilience Act. <br>
    </p>
    <p>I have also recently come to realize that the CRA needs to
      understood as a companion piece to the <a moz-do-not-send="true"
href="https://www.europarl.europa.eu/RegData/etudes/BRIE/2023/739341/EPRS_BRI(2023)739341_EN.pdf">revised</a>
      <a moz-do-not-send="true"
href="https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:52022PC0495&from=EN">Product
        Liability Directive</a>[2][3]. AIUI the CRA is the legislation
      that makes the open source community <i>responsible </i>for the
      CE Mark validation for all of its software, and it is the PLD that
      makes the open source community <i>liable </i>for any defects. <br>
    </p>
    <p>I cannot stress enough how damaging these soon-to-be laws are to
      the future viability of open source as we know it. <br>
    </p>
    <p>[1]
<a class="moz-txt-link-freetext" href="https://eclipse-foundation.blog/2023/02/23/cyber-resilience-act-good-intentions-and-unintended-consequences/">https://eclipse-foundation.blog/2023/02/23/cyber-resilience-act-good-intentions-and-unintended-consequences/</a><br>
      [2]
<a class="moz-txt-link-freetext" href="https://www.europarl.europa.eu/RegData/etudes/BRIE/2023/739341/EPRS_BRI(2023)739341_EN.pdf">https://www.europarl.europa.eu/RegData/etudes/BRIE/2023/739341/EPRS_BRI(2023)739341_EN.pdf</a><br>
      [3]
<a class="moz-txt-link-freetext" href="https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:52022PC0495&from=EN">https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:52022PC0495&from=EN</a><br>
    </p>
    <p><br>
    </p>
  </body>
</html>