Re: usa encryption

Sat, 16 Jan 1999 06:43:31 -0800 

Cantrell, Mark writes:
> I recently searched the mailing list archive,  so please excuse me if
> this has been asked before...
> 
> I want to use openssl for a comercial application in the USA.
> I don't necessarily have to have strong encrytion at this
> point.
> 
> I ran Configure with the following options.
> no-rc4 no-rc5 no-rsa
> 
> Is that enough to avoid any encryption laws in the USA or patents?
> I'm guessing all I really need are the 40bit ciphers.
> 
> thanks
> --mark

Mark,
  Did you ever get an answer ??? I too am interested in this.

I've called RSA regarding licensing their "stuff" (we are in
process of setting up a real "root" CA), they refuse to honor
their commitment regarding the RSAref library....The distributed
documentation from RSAref-2.0 says:
     2.   RSAREF applications and services based on RSAREF
          applications may be sold under the following conditions:

          o    You must sign and return the RSAREF Commercial License
               Agreement to RSA (call RSA for a copy of this
               agreement). Remember, RSAREF is an unsupported toolkit.
               If you are building an application to sell, you should
               consider using fully supported libraries like RSA's
               BSAFE or TIPEM SDK's.

  However RSA refuses to send the "Commercial License".....
And there is nothing in the License that comes with RSAref that
allows them to VOID the RSAref license.

  Also it goes on to state:
          Nothing in this paragraph prohibits you from using the
          Program or any Application Program solely for internal
          purposes on the premises of a business which is engaged in
          revenue-generating activities.

  So for internal use (IE you don't generate revenue or provide
services outside your company) it's fair game.

Jim
-- 
======================================================================
James B. Huber                                          [EMAIL PROTECTED]
Genesis Controls, Inc.                            (V/O) (407) 671-0820
======================================================================
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to