Joe Francis wrote:
>
> Given this:
>
> " ``Open cryptographic interface''. A mechanism which is designed to
> allow a customer or other party to insert cryptographic functionality
> without the intervention, help or assistance of the manufacturer or its
> agents, e.g., manufacturer's signing of cryptographic code or
> proprietary interfaces. If the cryptographic interface implements a
> fixed set of cryptographic algorithms, key lengths or key exchange
> management systems, that cannot be changed, it will not be considered
> an ``open'' cryptographic interface. All general application
> programming interfaces (e.g., those that accept either a cryptographic
> or non-cryptographic interface but do not themselves maintain any
> cryptographic functionality) will not be considered ``open''
> cryptographic interfaces."
>
> Does that render moot the Apache problems with having crypto hooks? I'm
> wondering if the hooks for that would qualify as a general programming
> interface.
Apache 2.0 has general programming hooks that are sufficient for adding
crypto.
Cheers,
Ben.
--
SECURE HOSTING AT THE BUNKER! http://www.thebunker.net/hosting.htm
http://www.apache-ssl.org/ben.html
"My grandfather once told me that there are two kinds of people: those
who work and those who take the credit. He told me to try to be in the
first group; there was less competition there."
- Indira Gandhi
