OpenWrt One vs. EU Cyber Resilience Act
Hauke Mehrtens
hauke at hauke-m.de
Fri Jan 19 12:18:02 PST 2024
The EU is working on a EU Cyber Resilience Act to improve the software
security of (consumer) software and (consumer) hardware which contains
software. This should be similar to the CE sign, but for software.
https://en.wikipedia.org/wiki/Cyber_Resilience_Act
After the successful lobbying of multiple open source organizations non
commercial open source software developer would be exempt from this
regulation. As far as I understood the OpenWrt project would not be
affected by this regulation, but if a vendor uses OpenWrt on a router,
this vendor has to make sure that his product including OpenWrt is
compliant when selling onto the EU market. With the OpenWrt One we or
Banana Pi could also get required to take care of this regulation.
Did someone look into the requirements needed to make OpenWrt compliant
to the EU Cyber Resilience Act for a commercial entity?
Did someone look into this regulation with the OpenWrt One project in mind?
I support the general idea of the EU to improve the security of
software. I think the current draft is much better regarding open source
than the first versions.
Hauke
More information about the openwrt-devel
mailing list