What about freeware ssl applications like mod_ssl:
(http://www.engelschall.com/sw/mod_ssl/)
Do you need to "register" a licence with RSA to use that code in the US for
comercial use or just apply RSARef?
Bryan
[EMAIL PROTECTED]
On Mon, 12 Apr 1999, Dave Neuer wrote:
> RSARef is legal in the US for non-commercial use only. As far as RSA Data
> Security Inc. and the US government are concerned, there is no way to do
> Public Key cryptography in the US for commercial uses without paying RSA a
> license fee, either directly or indirectly through Stronghold, Raven, Red
> Hat or some other RSA licensed vendor (actually, they seem to have toned
> down their expansive patent claims somewhat (they formerly claimed that they
> basically owned the patent rights to "the art of Public Key" cryptography)..
>
> This has changed only slightly since the expiration of the patent on
> Diffie-Hellman key exchange; however, there is an ongoing lawsuit against
> RSA by Roger Schlafly alleging (among other things) patent abuse by RSA and
> asking a US Federal court to find most of the relevant patents
> invalid/unenforceable.
>
> Until that happens, however, RSA asserts that they own patents which cover
> the RSA algorithms and also DSA/DSS. Of course, the RSA patents expire in
> September of 2000.
>
> At least, this is what I have been able to glean. I welcome correction from
> anyone out there who has definitive evidence to the contrary.
>
> Relevant links:
> http://bbs.cruzio.com/~schlafly/ -- Schafly's site w/ lots of legal filings,
> etc.
> http://www.rsa.com/rsalabs/faq/html/6-3-2.html -- RSA's patent claims on DSA
>
> Dave Neuer
>
>
>
> -----Original Message-----
> From: Ricardo Stella <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED] <[EMAIL PROTECTED]>
> Date: Monday, April 12, 1999 3:47 PM
> Subject: RSAref in the US
>
>
> >
> >Just to clarify... By what RSA, we can use RSARef in the US. My main
> >question is the method of using RSARef with openssl/ssleay.
> >
> >Since I was not able to compile openssl nor ssleay with the -rsaref
> >(option 1), I decided on trying -RSAglue (option 2). This DOES compile
> >fine, and then I was able to compile sslwrap with RSAglue and rsaref.
> >
> >My question is, using -RSAglue, and then compiling the application with
> >RSAglue and rsaref, LEGAL ? Am I using RSARef in this mode ?
> >
> >Thanks in advance...
> >______________________________________________________________________
> >OpenSSL Project http://www.openssl.org
> >User Support Mailing List [EMAIL PROTECTED]
> >Automated List Manager [EMAIL PROTECTED]
> >
>
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
