From owner-freebsd-security Sun Nov 14 18:30:41 1999 Delivered-To: freebsd-security@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 758) id 5549E14BDA; Sun, 14 Nov 1999 18:30:39 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by hub.freebsd.org (Postfix) with ESMTP id 442481CD431; Sun, 14 Nov 1999 18:30:39 -0800 (PST) (envelope-from kris@hub.freebsd.org) Date: Sun, 14 Nov 1999 18:30:39 -0800 (PST) From: Kris Kennaway To: Garrett Wollman Cc: Mark Murray , "Jordan K. Hubbard" , security@FreeBSD.ORG, ports@FreeBSD.ORG Subject: Re: OpenSSH patches In-Reply-To: <199911150159.UAA03774@khavrinen.lcs.mit.edu> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Sun, 14 Nov 1999, Garrett Wollman wrote: > < said: > > >> No objections from me! We will of course need to import OpenSSL as well, > >> but I can see only good things coming from that. > > > Only the libcrypto part of it, as far as I can see. > > Ummm... guys.... the RSA patent doesn't expire until *next* year. True..we'd have to split it so that US people import a RSA-less openssl (i.e. just openssl with the rsa directory missing), and the international folks can import the RSA parts as well. The former could go into the existing crypto cvsup collection, and an additional crypto-intl cvsup collection could hold the latter. On the other hand, is it illegal to _have_ RSA sources, as long as you don't compile them? i.e. we can just build openssl with NO_RSA conditional on USA_RESIDENT=YES. Kris ---- Cthulhu for President! For when you're tired of choosing the _lesser_ of two evils.. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message