It can still require signed code. I just want to swap Apple's key for mine. As the owner of the device, by definition, I am the sole arbiter on what is considered trustworthy. Executing only programs that I have personally approved (and thus carry my signature) is the perfect implementation of that policy.
Now, I might be lazy or busy and delegate that responsibility to Apple or some other third party. There may be mismatches between my preferred policy and what is enforced by my proxy, but it might still work reasonably well overall. We humans do it all the time. No reason the CEO has to make every single decision themselves.
When the stakes are high and I don't want to risk that nuances of my set policy get lost in translation or when it's about things that are totally outside my proxy's area of expertise, I'd prefer to make the decision myself.
With iDevices, I can't. There's only the delegate model and the only available proxy to choose from is Apple.
PS: Releasing secret signing keys to the whole world is an obviously bogus suggestion. Please stop beating up this strawman.
It's not a strawman. It's what would have to happen according to the GPLv3. The fact that you could design a system that allows for user-replaceable keys doesn't change the fact that iOS is not that system, and that if GPLv3 code gets into iOS then, according to the terms of that license, owners of existing devices would need to be allowed to replace the code. And the only way to do that is to release the root signing keys. You can't say "well they could design a future device to allow this", because that hypothetical future device isn't what we have today.
Now, I might be lazy or busy and delegate that responsibility to Apple or some other third party. There may be mismatches between my preferred policy and what is enforced by my proxy, but it might still work reasonably well overall. We humans do it all the time. No reason the CEO has to make every single decision themselves.
When the stakes are high and I don't want to risk that nuances of my set policy get lost in translation or when it's about things that are totally outside my proxy's area of expertise, I'd prefer to make the decision myself.
With iDevices, I can't. There's only the delegate model and the only available proxy to choose from is Apple.
PS: Releasing secret signing keys to the whole world is an obviously bogus suggestion. Please stop beating up this strawman.