OpenSSL
after all?
Nicolas Roumiantzeff.
-Message d'origine-
De : Claudio M. Horvilleur Mtz. <[EMAIL PROTECTED]>
À : [EMAIL PROTECTED] <[EMAIL PROTECTED]>
Date : vendredi 26 novembre 1999 04:15
Objet : Re: OpenSSL usage liability.
>Not exactly right, the US are changing
Not exactly right, the US are changing the export law, but
we do
need to ask for a permit if the end user is a part of a
goverment
agency.
And as I understand, only 'retail' products can be exported.
That means
no SOURCES and no libraries, only aplications that use
cryptography.
By the new rules
>
>>Date: Thursday, November 18, 1999 1:55 AM
>>Subject: Re: OpenSSL usage liability.
>>
>>
>> >At 05:59 PM 11/17/99 , you wrote:
>>
>> >
>> >Another option - puchase the RedHat secure server for $149, and throw it
>>away (retaining t
, but my suggestion is
that they should be taken seriously; that's all. I think that's reasonable.
Dave Neuer
Software Engineer
Futuristics Labs, Inc.
www.futuristics.net
-----Original Message-
From: Leland V. Lammert <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED] <[EMAIL PROTECTED]>
Dat
lt;[EMAIL PROTECTED]>
>To: [EMAIL PROTECTED] <[EMAIL PROTECTED]>
>Date: Thursday, November 18, 1999 1:55 AM
>Subject: Re: OpenSSL usage liability.
>
>
> >At 05:59 PM 11/17/99 , you wrote:
>
> >
> >Another option - puchase the RedHat secure server for $149
> From: Richard Levitte - VMS Whacker [mailto:[EMAIL PROTECTED]]
> Sent: Friday, November 19, 1999 1:33 AM
> To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
> Subject: RE: OpenSSL usage liability.
>
>
> dimrub> Sorry for being insufficiently explicit. The company in
Swiss
&g
o tools TO the US, just not export to the rest of the world
FROM the US.) ideas? clue?
thanks!
- Original Message -
From: Geoff Thorpe <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, November 17, 1999 5:05 AM
Subject: RE: OpenSSL usage liability.
> Hi there
Hi there,
On Wed, 17 Nov 1999 [EMAIL PROTECTED] wrote:
> > Will the US
> > gov. bust us
> > since encrypted communications will be going across it's
> > borders?
>
> No, as long as you use exportable ciphersuites (see one of the
> apendixes of the SSL spec for a list of those). That is, you lim
Hi!
Here are my 2c, not guaranteed to be 100% true. Just some previous
expirience.
> From: K [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, November 16, 1999 5:28 PM
> To: [EMAIL PROTECTED]
> Subject: OpenSSL usage liability.
>
>
> Greetings,
>
> I am an SSL newbie so please forgive.
>
> We are a s
>
> >US is far away from OpenSSL, and will probably remain that way for
> >some time, unless the US export law changes radically.
>
>
> You mean next month (Dec 15, 1999).
>
U.S. law is not going to change radically on Dec. 15. There will
still be a one time review of exported binaries. Exp
Nicolas Roumiantzeff wrote:
>
> >US is far away from OpenSSL, and will probably remain that way for
> >some time, unless the US export law changes radically.
>
> You mean next month (Dec 15, 1999).
No. The theory is that there will be no change for source export.
Cheers,
Ben.
--
http://www.a
>US is far away from OpenSSL, and will probably remain that way for
>some time, unless the US export law changes radically.
You mean next month (Dec 15, 1999).
Nicolas Roumiantzeff.
__
OpenSSL Project
> > From: Geoff Thorpe [mailto:[EMAIL PROTECTED]]
> > The strength of the cryptography being *used* across the
> > border should not
> > matter. Someone in the US can talk to my webserver at 128-bit
> > crypto (and
> > vice versa) if they want and are not guilty of exporting
> > crypto. If they
>
On Thu, Nov 18, 1999 at 10:39:10AM -0500, Dave Neuer wrote:
> >Another option - puchase the RedHat secure server for $149, and throw it
> away (retaining the license, of course). That way, you WOULD be legal with
> openssl.
> >
>
> [...]
> I feel I must repeat, "I AM NOT A LAWYER." However, I'd
imply avoid RSA.
On Thu, 18 Nov 1999 10:39:10 -0500, Dave Neuer wrote:
>-Original Message-
>From: Leland V. Lammert <[EMAIL PROTECTED]>
>To: [EMAIL PROTECTED] <[EMAIL PROTECTED]>
>Date: Thursday, November 18, 1999 1:55 AM
>Subject: Re: OpenSSL usage liabili
dimrub> Sorry for being insufficiently explicit. The company in Swiss
dimrub> is going to have problems with US gov. not because they use
dimrub> encryption over the border, but because they use in Swiss
dimrub> software that does strong encryption that was developed in
dimrub> US. Namely - OpenSS
> thank you geoff, that was enlightening.
>
> what about the fact that we are a swiss company? we remotely
> admin our boxes
> and so obviously we will send this 'tool' to our server from
> switzerland. is
> that legal? (i think it might be because i thought i heard
> somewhere it was
> ok to send
> From: Geoff Thorpe [mailto:[EMAIL PROTECTED]]
> The strength of the cryptography being *used* across the
> border should not
> matter. Someone in the US can talk to my webserver at 128-bit
> crypto (and
> vice versa) if they want and are not guilty of exporting
> crypto. If they
> try to send me
-Original Message-
From: Leland V. Lammert <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED] <[EMAIL PROTECTED]>
Date: Thursday, November 18, 1999 1:55 AM
Subject: Re: OpenSSL usage liability.
>At 05:59 PM 11/17/99 , you wrote:
>
>Another option - puchase the RedHat secure
Steve Freitas writes:
> >Another option - puchase the RedHat secure server for $149, and throw it
> >away (retaining the license, of course). That way, you WOULD be legal with
> >openssl.
>
> I'd like to do that, but I've never seen an authoritative statement which
> would legally qualify this
7, 1999 10:53 PM
To: [EMAIL PROTECTED]
Subject: Re: OpenSSL usage liability.
are your sure the license that comes with the red hat secure server applies
to any rsa technology in use (ie software other than red hats). there is the
possibility rsa would give the license under the terms that it only
Hi,
On Wed, 17 Nov 1999, K wrote:
> thank you geoff, that was enlightening.
really?? oh ... :-)
> what about the fact that we are a swiss company? we remotely admin our boxes
> and so obviously we will send this 'tool' to our server from switzerland. is
> that legal? (i think it might be becau
22 matches
Mail list logo