Date: Thu, 16 Dec 1999 15:44:00 -0500 (EST) From: Matt Behrens <matt@zigg.com> To: Peter Wemm <peter@netplex.com.au> Cc: Brian Fundakowski Feldman <green@FreeBSD.ORG>, Mark Murray <mark@grondar.za>, Kris Kennaway <kris@hub.freebsd.org>, security@FreeBSD.ORG Subject: Re: OpenSSH in the base (was Re: OpenSSL update) Message-ID: <Pine.BSF.4.21.9912161540050.45027-100000@megaweapon.zigg.com> In-Reply-To: <19991216202404.92CBA1CC6@overcee.netplex.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, 17 Dec 1999, Peter Wemm wrote: > It's not a crypto export problem, it's the RSA patent that's the problem. > Any code that isn't RSAREF based for RSA support is unusable in the US. I > don't think OpenSSL linked against RSAREF is useable for OpenSSH. Sure it is. My OpenSSH is linked to OpenSSL is linked to RSAREF (on both my FreeBSD box and my OpenBSD box). Of course, the real ugly problem happens when you want to use RSA commercially in the US -- you can't. Noncommercially you can use RSAREF. Commercially you must get a license from RSA, which I hear is next to impossible. OpenBSD's solution to this is to have two packages that you can choose from at install time -- one without RSAREF or one with. It explains that if you are outside the US, use the one without. Inside and non-commercial, use the one with. Inside and commercial -- bzzt! out of luck. :-( September 20, 2000 is when the RSA patent expires. Matt Behrens <matt@zigg.com> Owner/Administrator, zigg.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.0 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE4WU8V+xq4JbgNGlMRAnj7AJ9obT77H5JAUUD2R/aXDfh/167CoACgllWo 78GJriOjBuLcRQ0Ibp9yoVc= =/D6+ -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.9912161540050.45027-100000>