You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@httpd.apache.org by Rasmus Lerdorf <ra...@raleigh.ibm.com> on 2000/01/13 16:24:46 UTC

Time to add SSL support?

This clause from the new crypto export regulations seems to open the door
wide open for adding at least the SSL hooks to Apache.  SSL itself should
be doable as well:

  Global Exports of Unrestricted Encryption Source Code

     Encryption source code which is available to the public
     and which is not subject to an express agreement for
     the payment of a licensing fee or royalty for
     commercial production or sale of any product developed
     with the source code may be exported under a license
     exception without a technical review. The exporter must
     submit to the Bureau of Export Administration a copy of
     the source code, or a written notification of its
     Internet location, by the time of export. Foreign
     products made with the unrestricted source code do not
     require review and classification by the
     U.S. Government for reexport. This license exception
     should apply to exports of most "open source" software.


-Rasmus

Re: Time to add SSL support?

Posted by Ben Laurie <be...@algroup.co.uk>.

Rasmus Lerdorf wrote:
> 
> This clause from the new crypto export regulations seems to open the door
> wide open for adding at least the SSL hooks to Apache. 

Apache 2.0 already has sufficient hooks to add SSL as a module, and they
aren't crypto hooks.

> SSL itself should be doable as well:

This would appear to be true. I'm still waiting for expert opinion to
say it _is_ true, though.

Cheers,

Ben.

--
SECURE HOSTING AT THE BUNKER! http://www.thebunker.net/hosting.htm

http://www.apache-ssl.org/ben.html

"My grandfather once told me that there are two kinds of people: those
who work and those who take the credit. He told me to try to be in the
first group; there was less competition there."
     - Indira Gandhi

Re: Time to add SSL support?

Posted by Ben Laurie <be...@algroup.co.uk>.

Mark J Cox wrote:
> 
> > This clause from the new crypto export regulations seems to open the door
> > wide open for adding at least the SSL hooks to Apache.
> 
> ....or just add EAPI to the 1.3 tree.

If you are going to add hooks, you should retrofit Apache 2.0 hooks.
However, I think that's more work than should be spent on 1.3.

Like Dean, though, I'm -1 on hooks that aren't compatible with 2.0 -
that's more wasted effort than its worth.

Cheers,

Ben.

--
SECURE HOSTING AT THE BUNKER! http://www.thebunker.net/hosting.htm

http://www.apache-ssl.org/ben.html

"My grandfather once told me that there are two kinds of people: those
who work and those who take the credit. He told me to try to be in the
first group; there was less competition there."
     - Indira Gandhi

Re: Time to add SSL support?

Posted by Ryan Bloom <rb...@raleigh.ibm.com>.

On Thu, 13 Jan 2000, Mark J Cox wrote:

> > This clause from the new crypto export regulations seems to open the door
> > wide open for adding at least the SSL hooks to Apache.  
> 
> ....or just add EAPI to the 1.3 tree.

Huh?  The arguments against EAPI have nothing to do with export controls,
they are all technical in nature, not legal.  And we really don't need to
open this can or worms again today do we?  :-)

Ryan

_______________________________________________________________________
Ryan Bloom		rbb@raleigh.ibm.com
4205 S Miami Blvd	
RTP, NC 27709		

Come to the first official Apache Software Foundation
Conference!  <http://ApacheCon.Com/>

Re: Time to add SSL support?

Posted by Mark J Cox <ma...@awe.com>.

> This clause from the new crypto export regulations seems to open the door
> wide open for adding at least the SSL hooks to Apache.  

....or just add EAPI to the 1.3 tree.

Mark

Re: Time to add SSL support?

Posted by Ryan Bloom <rb...@raleigh.ibm.com>.

I say +1, and this also means we could add a DES crypt function for the
Windows side of things.  :-)

Ryan

On Thu, 13 Jan 2000, Rasmus Lerdorf wrote:

> This clause from the new crypto export regulations seems to open the door
> wide open for adding at least the SSL hooks to Apache.  SSL itself should
> be doable as well:
> 
>   Global Exports of Unrestricted Encryption Source Code
> 
>      Encryption source code which is available to the public
>      and which is not subject to an express agreement for
>      the payment of a licensing fee or royalty for
>      commercial production or sale of any product developed
>      with the source code may be exported under a license
>      exception without a technical review. The exporter must
>      submit to the Bureau of Export Administration a copy of
>      the source code, or a written notification of its
>      Internet location, by the time of export. Foreign
>      products made with the unrestricted source code do not
>      require review and classification by the
>      U.S. Government for reexport. This license exception
>      should apply to exports of most "open source" software.
> 
> 
> -Rasmus
> 

_______________________________________________________________________
Ryan Bloom		rbb@raleigh.ibm.com
4205 S Miami Blvd	
RTP, NC 27709		

Come to the first official Apache Software Foundation
Conference!  <http://ApacheCon.Com/>