You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by Michael Douglass <mi...@texas.net> on 1998/01/06 21:39:38 UTC
[sameer@c2.net: Re: ZDNet article]
Being much put off by some of c2.net's stuff, I made apost and a
mention of using apache-ssl; then mr. c2.net tells me that it's
illegal in North America. Since the author of the apache-ssl
patches is a member of this list perhaps he can comment. :)
-----Forwarded message from sameer <sa...@c2.net>-----
>
> www.apache-ssl.org -- IT'S FREE!!!
I hate to rain on your parade, because I certainly don't
*like* software patents and trade secret restrictions on cryptography,
but you should note that in addition to being free its also illegal to
use in north america.
--
Sameer Parekh Voice: 510-986-8770
President FAX: 510-986-8777
C2Net
http://www.c2.net/ sameer@c2.net
-----End of forwarded message-----
--
Michael Douglass
Texas Networking, Inc.
<tnet admin> anyway, I'm off, perl code is making me [a] crosseyed toady
Re: [sameer@c2.net: Re: ZDNet article]
Posted by Ben Laurie <be...@algroup.co.uk>.
Michael Douglass wrote:
>
> Being much put off by some of c2.net's stuff, I made apost and a
> mention of using apache-ssl; then mr. c2.net tells me that it's
> illegal in North America. Since the author of the apache-ssl
> patches is a member of this list perhaps he can comment. :)
Clearly Apache-SSL can't be illegal in the US. Sameer is selling it.
Nice marketing line, though, Sameer.
Cheers,
Ben.
--
Ben Laurie |Phone: +44 (181) 735 0686|Apache Group member
Freelance Consultant |Fax: +44 (181) 735 0689|http://www.apache.org
and Technical Director|Email: ben@algroup.co.uk |Apache-SSL author
A.L. Digital Ltd, |http://www.algroup.co.uk/Apache-SSL
London, England. |"Apache: TDG" http://www.ora.com/catalog/apache
Re: [sameer@c2.net: Re: ZDNet article]
Posted by ap...@web1.valley-internet.com.
There is another solution that may or may not be a real alternative for
you. You can purchase the bsafe library from RSA for under $400 and
compile that into ssleay. The big bucks come if you plan on distributing,
but for in house commercial use it's not a bad alternative if you have
someone in house that can put it all together.
Chris
On Tue, 6 Jan 1998, Michael Douglass wrote:
> On Tue, Jan 06, 1998 at 01:42:53PM -0700, Marc Slemko said:
>
> > What it boils down to is that using a freely available version of Apache
> > with ssl patches in the US for commercial purposes violates RSA's patents
> > (since you obviously don't have a RSA license) and is illegal.
>
> Okay, so we have 2 years to wait and then we can go freely unto the golden
> gate of apache-ssl. The RSA patent expires in the year 2000. :)
>
> --
> Michael Douglass
> Texas Networking, Inc.
>
> <tnet admin> anyway, I'm off, perl code is making me [a] crosseyed toady
>
Re: [sameer@c2.net: Re: ZDNet article]
Posted by Michael Douglass <mi...@texas.net>.
On Tue, Jan 06, 1998 at 01:42:53PM -0700, Marc Slemko said:
> What it boils down to is that using a freely available version of Apache
> with ssl patches in the US for commercial purposes violates RSA's patents
> (since you obviously don't have a RSA license) and is illegal.
Okay, so we have 2 years to wait and then we can go freely unto the golden
gate of apache-ssl. The RSA patent expires in the year 2000. :)
--
Michael Douglass
Texas Networking, Inc.
<tnet admin> anyway, I'm off, perl code is making me [a] crosseyed toady
Re: [sameer@c2.net: Re: ZDNet article]
Posted by Marc Slemko <ma...@worldgate.com>.
On Tue, 6 Jan 1998, Michael Douglass wrote:
>
> Being much put off by some of c2.net's stuff, I made apost and a
> mention of using apache-ssl; then mr. c2.net tells me that it's
> illegal in North America. Since the author of the apache-ssl
> patches is a member of this list perhaps he can comment. :)
There is nothing new there.
The patches aren't illegal to use and are not restricted by license, but
in the US (Canada is less clear) RSA has a patent on an algorithm required
for SSLv2. You either need a license from RSA or you have to use the
rsaref library, which is freely available for non-commercial use; not for
commercial use.
What it boils down to is that using a freely available version of Apache
with ssl patches in the US for commercial purposes violates RSA's patents
(since you obviously don't have a RSA license) and is illegal.
>
> -----Forwarded message from sameer <sa...@c2.net>-----
>
> >
> > www.apache-ssl.org -- IT'S FREE!!!
>
> I hate to rain on your parade, because I certainly don't
> *like* software patents and trade secret restrictions on cryptography,
> but you should note that in addition to being free its also illegal to
> use in north america.
>
> --
> Sameer Parekh Voice: 510-986-8770
> President FAX: 510-986-8777
> C2Net
> http://www.c2.net/ sameer@c2.net
>
> -----End of forwarded message-----
>
> --
> Michael Douglass
> Texas Networking, Inc.
>
> <tnet admin> anyway, I'm off, perl code is making me [a] crosseyed toady
>