Date: Tue, 14 Mar 2000 13:18:46 +0800 From: Peter Wemm <peter@netplex.com.au> To: obrien@FreeBSD.ORG Cc: Nate Williams <nate@yogotech.com>, cvs-committers@FreeBSD.ORG, cvs-all@FreeBSD.ORG Subject: Re: cvs commit: src/crypto/openssl/apps speed.c src/crypto/openssl/crypto/err err_all.c src/crypto/openssl/crypto/rsa rsa_stubs.c rsa.h rsa_eay.c rsa_lib.c src/crypto/openssl/rsaref rsar_err.c rsaref.c rsaref.h src/secure/lib Makefile src/secure/lib/libcrypto Makefile ... Message-ID: <20000314051846.5F9E31CC9@overcee.netplex.com.au> In-Reply-To: Message from "David O'Brien" <obrien@FreeBSD.ORG> of "Mon, 28 Feb 2000 18:06:55 PST." <20000228180655.B56171@dragon.nuxi.com>
next in thread | previous in thread | raw e-mail | index | archive | help
"David O'Brien" wrote: > On Mon, Feb 28, 2000 at 04:40:09PM -0700, Nate Williams wrote: > > > Since it is not illegal for me (a USA-citizen in the USA) to have the > > > "international" RSA code, why is it we don't have the full OpenSSL code > > > in the Freefall repository? That way things are kept more in sync and > > > on 21-Sept-2000 all I change is a symbol and I have the superior code. > > > > Because it's illegal for you, a USA-citizen, to use the international > > RSA code due to licensing (not export) laws. > > Nate, I REALIZE THAT. Where above did I even mention *USE*? I have > written "HAVE" above. > > Again, what is on the table is not about useing, but why the "good" RSA > code is not in the Freefall repository. Because distributing it from freefall or on CDROM *for sale* exposes us to patent lawsuits from RSA. Think of it this way.. Take rsa_eay.c etc, and put it on a CD with other crypto code. Then advertise it for sale for $39.95 saying it's got RSA and other crypto toolkits on the cover and on the web but put a footnote on it that you're not supposed to use it in the US. Maybe even mention that the RSA code is better than the RSA version. Just wait and see how long before RSA sues you to oblivion for patent violation (making money off "their" invention or aiding others to violate their patent). This is pretty much the situation we have with FreeBSD, but to a lesser degree. You can't be "a little bit pregnant" - we're either aiding people to violate the patent or we are not. We are either including unlicensed material in a commercial product or we are not. There are no grey areas (luckily - if we stepped into one then a good litigation lawyer could make a real mess of you). Anyway, The term that I think is used is 'contributory infringement'. If you want to use the international crypto code, get it from the international servers. Cheers, -Peter To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000314051846.5F9E31CC9>