Date: Tue, 2 Nov 1999 10:51:43 -0500 (EST) From: Dug Song <dugsong@monkey.org> To: Niels Provos <provos@citi.umich.edu> Cc: security@FreeBSD.ORG, ports@FreeBSD.ORG, markus@openbsd.org Subject: Re: OpenSSH patches Message-ID: <Pine.BSO.4.10.9911021016190.1191-100000@funky.monkey.org> In-Reply-To: <199911021446.JAA27912@india.citi.umich.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 2 Nov 1999, Niels Provos wrote: > One of them, already convincing enough by itself, is the free > commercial use. not within the US, though. :-( OpenBSD's OpenSSL relies on the system libcrypto, which uses a different RSA implementation depending on which ssl26 package you've installed. for US users, this is RSAREF (RSA's reference implementation), which is only available for NON-commercial use. in order to use RSAREF (or indeed, any implementation of RSA) commercially, you must buy an RSA license. there is no way around this. any other use of the RSA algorithm within the US is in violation of the RSA patent (though few people seem to care about this in practice - how many illegal SSH installations are out there?). all software that uses RSA is subject to this bogosity, including PGP: http://bs.mit.edu:8001/pgp-form.html http://www.scramdisk.clara.net/pgpfaq.html#SubRSAREF -d. --- http://www.monkey.org/~dugsong/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSO.4.10.9911021016190.1191-100000>