On Thu, 29 Oct 1998, Ralf S. Engelschall wrote:
> On Thu, Oct 29, 1998, a wrote:
>
> > So what is the deal with using mod_ssl and SSLeay for a site that is making
> > some money? Does everyone actually buy a RSA license? Is it possible to? It
> > all seems confusing.
>
> We already discussed this stuff recently (look inside the sw-mod-ssl archives
> for the details please). So it would be nice when one of the US citizens on
> this list who know the current state of their law better than me can write
> a short and compact entry for the mod_ssl FAQ.
>
> Perhaps someone of us finishes this possible skeleton:
>
> | Q: Can I use mod_ssl inside the United States?
> |
> | A: Yes, but you have to buy BSAFE from RSA DSI for $3000...bla bla
> |
This is correct. BSAFE is a pain the the ass to work with and VERY
spendy. The contracts on its use are also very restrictive.
> | Q: Ok, but can I use mod_ssl inside the United States without charge?
> |
> | A: In general no, because of RSA, RC4, etc. patents but there are some
> | exceptions (RSAref+private-site, goverment organisations, etc.)
> | Bla bla..
>
RSAREF can't be used for much of anything anymore unfortunately. They
change the rules on it more often than pigs roll in the mud.
Mark
______________________________________________________________________
Apache Interface to SSLeay (mod_ssl) www.engelschall.com/sw/mod_ssl/
Official Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]