Date: Fri, 26 Mar 1999 08:20:33 -0800 (PST) From: Matthew Dillon <dillon@apollo.backplane.com> To: Linus Nordberg <linus.nordberg@canit.se> Cc: Mike Thompson <miket@dnai.com>, freebsd-security@FreeBSD.ORG Subject: Re: Kerberos vs SSH Message-ID: <199903261620.IAA05283@apollo.backplane.com> References: <Your message of "Wed, 24 Mar 1999 23:41:01 PST." <4.1.19990324233231.00a02e40@mail.dnai.com> <4.1.19990325103002.00abc6e0@mail.dnai.com> <xrlyakksfzl.fsf@uno.canit.se>
next in thread | previous in thread | raw e-mail | index | archive | help
:Mike Thompson <miket@dnai.com> writes: : : As a new software/internet company we want to be responsible for : paying for the licensed software from both a moral and legal : perspective. : :speaking of morality/legality and ssh i'd like to point out that the :legal aspects of the bignum code in ssh2 is in strong doubt. : :according to <http://www.dejanews.com/getdoc.xp?AN=385027617>, they :have simply stolen the gmp code and now claim that they wrote it. : :--linus That's a pretty old message. If you look at the followups to it you will find the counterargument from the ssh 2 people, and a third example from even older bignum source code that is very similar to the ssh 2 and gmp code. There are only so many ways a bignum library can be written. Still, I think the GMP author was right in regards to the SSH 2 people using his code verbatim. On the otherhand, bignum is something that a good programmer could write from scratch in a week. The last two postings in the thread note that the bignum code can be derived from Knuth's Seminumerical Alg. book fairly easily... in a few hours. I'd agree with that comment too. -Matt Matthew Dillon <dillon@backplane.com> To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199903261620.IAA05283>