On Thu, Oct 28, 1999, Yan Zhang Chen wrote:
[...]
My first question is about the patents to be involved in our
case where we only use modssl (with openssl) for web site:
I know we need RSA license; do we also need license for
IDEA? From what I can see in browsers like Netscape, only
RC4 and DES ciphers are supported, so I assume we wouldn't
need IDEA license?
IDEA is supported by Netscape AFAIK but you can live without it, because there
are other non-IDEA ciphers in Netscape which are enough for a successful
connection. Additionally AFAIK the IDEA patent is only registered in Europe
(Ascom Tech in Switzerland holds it), but I'm not sure.
Assuming we only need RSA license. Since RSA site license is
expensive, is it possible to buy SSL-enabled server product like
Stronghold (and therefore the RSA license), and then instead of
deploying Stronghold we actually run modssl/apache? Would this
be legal?
50% of the people say this is not legal and the other 50% say it's in the gray
area. So you've to decide yourself what to do ;) At least you cannot expect an
official OK for this approach from RSA DSI
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
__
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]