rodney> As far as I can tell ("I'm not a lawyer and I don't play one on
rodney> the Internet..."), if you buy OpenSSL and you buy some variant
rodney> of RSA license and you then link the two pieces of code together,
rodney> there's no problem.
So, you're telling us that the RSAref library now handles
RSA_NO_PADDING in some way (perhaps the option has another name or
value?).
rodney> Also, of course, you don't NEED RSA, you can use DSA...
If the protocoll you implement uses DSA as alternate authentication
algorithm, yes. This is not true for SSH 1.5 protocoll version, not
program version). Of course, things are better with SSH protocoll
version 2, since it supports DSA and DH key exchange.
BTW, if you go into http://www.ssh.fi/tech/crypto/, there should be
info reachable from there that talks about possible legal issues adn
such in correlation with cryptography...
(Something that psises me off right now is that the protocol standard
for SSH version 2 was available easily from http://www.ssh.org/, but
now I can't find it. Someone with better luck?)
--
Richard Levitte \ Spannv�gen 38, II \ [EMAIL PROTECTED]
Vice Chairman and \ S-161 43 BROMMA \ T: +46-8-26 52 47
Redakteur @ Stacken \ SWEDEN \ or +46-708-26 53 44
Procurator Odiosus Ex Infernis -- [EMAIL PROTECTED]
Unsolicited commercial email is subject to an archival fee of $400.
See <http://www.stacken.kth.se/~levitte/mail/> for more info.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
