On Thu, Oct 27, 2011 at 11:22 AM, Bruce Dubbs <[email protected]> wrote: > Jonathan Oksman wrote: >> In openssl, the book suggests in the Command Explanations to use >> 'no-rc5 no-idea' config options to avoid possible patent issues. It >> appears that no-rc5 has been the default for a while though. > > That statement is probably out of date in 2011. I think both patents > are expired, but I'd like confirmation. >
I don't know a lot about patents beyond a little bit of reading. From what I understand the rules depend on the country, but generally they last 20 years from the filing date (in the US and a few other countries). I hope I've found the correct ones (linked below). rc5 appears to still has a few years of life left in it. It looks like the IDEA patent expired mid 2010 in the US. rc5 patent: http://www.google.com/patents?vid=5724428 idea patent: http://www.google.com/patents?vid=5214703 So yeah, the statement is a little out of date. But back on about openssl, no-rc5 is a default, while no-idea is not. If what I'm reading about IDEA is true, then it's safe to leave it enabled nowadays. A nice writeup about IDEA on wikipedia: http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm Jonathan -- http://linuxfromscratch.org/mailman/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
