Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 2 Nov 1999 10:51:43 -0500 (EST)
From:      Dug Song <dugsong@monkey.org>
To:        Niels Provos <provos@citi.umich.edu>
Cc:        security@FreeBSD.ORG, ports@FreeBSD.ORG, markus@openbsd.org
Subject:   Re: OpenSSH patches 
Message-ID:  <Pine.BSO.4.10.9911021016190.1191-100000@funky.monkey.org>
In-Reply-To: <199911021446.JAA27912@india.citi.umich.edu>

next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 2 Nov 1999, Niels Provos wrote:

> One of them, already convincing enough by itself, is the free
> commercial use.

not within the US, though. :-(

OpenBSD's OpenSSL relies on the system libcrypto, which uses a different
RSA implementation depending on which ssl26 package you've installed.

for US users, this is RSAREF (RSA's reference implementation), which is
only available for NON-commercial use. in order to use RSAREF (or indeed,
any implementation of RSA) commercially, you must buy an RSA license.
there is no way around this.

any other use of the RSA algorithm within the US is in violation of the
RSA patent (though few people seem to care about this in practice - how
many illegal SSH installations are out there?).

all software that uses RSA is subject to this bogosity, including PGP:

	http://bs.mit.edu:8001/pgp-form.html
	http://www.scramdisk.clara.net/pgpfaq.html#SubRSAREF

-d.

---
http://www.monkey.org/~dugsong/




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ports" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSO.4.10.9911021016190.1191-100000>