Using DRM to eliminate coding new programs is bad, it's true. I'm still mulling the DRM requirements; making the keys available on request eliminates ANY functions of DRM, though. (I know that's the purpose - but that's Linus' problem with GPL3, and the reason the kernel will probably NOT go GPL3). This is not a bad thing, IMO.
No, really it does not eliminate the functions of DRM, (though Private Keys being published would). Think of it this way:
E-Mail server, I run one. I have setup my server to completely trust any mail I have signed. I also have my server verify any "signing keys" through public sources. If the key is not valid (being checked through pgp.mit.edu or somesuch) or being in the "allowed" manual approval file, it will not process the mail.Tivo could very well do something similar, an "authorized_keys" file sort of like for ssh does for key based login. It isn't a very hard thing to do, yet Linus seems to think it is.
I think if verbiage is modified to make that clear... I believe it would be much, much better. IOW, If I add the public part of my sigining key to the "authorized keys" and the program is then allowed to run... it is effectively doing the same thing. Giving YOU the one who compiles the customized binaries signed with your key, the same function as *IF* the private key was available for the "server stuff". This would be the equivalent.
Allowing custom/modified binaries to be run right along side the "official" stuff would be just fine. Even if your key you used to sign the binary was a sub-key of the "official" one, asking for a sub-key would not be getting the "Private Key" of Tivo.
But, I await your response.
My only need for clarification was about 'personal modifications' - and the term's relation to modifying a program and running it on a server (the running a server = distribution argument).It depends on too many things to work out right now.
I actually think setting up a way to deal with personal DRM (or signed etc..) would be a good thing. If commercial interests would allow us to get those sub-keys or even run "manually authorized" keys (as in a file with it in it), could be the workaround you are looking for Skip.