Below is a couple of messages posted to the OpenSSL users mailing list.
Seems someone down at RSADSI has lost it. I found the part about them
*owning* EAY quite amusing. I wounder if anyone bothered telling him that
he is considered owned property of RSADSI.
-------------------------------------------------------------------------
The following message is forwarded to you by "William H. Geiger III"
<[EMAIL PROTECTED]> (listed as the From user of this message). The
original sender (see the header, below) was [EMAIL PROTECTED] and
has been set as the "Reply-To" field of this message.
-------------------------------------------------------------------------
>Return-Path: <[EMAIL PROTECTED]>
>Received: from ossp.org (ossp1.ossp.org [62.208.181.50])
> by domains.invweb.net (8.9.3/8.9.3) with ESMTP id QAA12892
> for <[EMAIL PROTECTED]>; Wed, 28 Jun 2000 16:38:05 -0400
>Received: by mail.ossp.org (Sendmail 8.10.2+/smtpfeed 1.07) for openssl-users-L2
> id e5SKaOM89942; Wed, 28 Jun 2000 22:36:24 +0200 (CEST)
>Received: by mail.ossp.org (Sendmail 8.10.2+) via ESMTP for <[EMAIL PROTECTED]>
> from opensource.ee.ethz.ch id e5SKaNV89938; Wed, 28 Jun 2000 22:36:23 +0200
>(CEST)
>Received: by en5.engelschall.com (Sendmail 8.9.2/smtpfeed 1.06) for openssl-users-L
> id WAA24723; Wed, 28 Jun 2000 22:36:19 +0200 (MET DST)
>Received: by en5.engelschall.com (Sendmail 8.9.2) via ESMTP for
><[EMAIL PROTECTED]>
> from gateway.hie.com id WAA24709; Wed, 28 Jun 2000 22:36:15 +0200 (MET DST)
>Received: by gateway.hublink.com with Internet Mail Service (5.5.2650.21)
> id <N2DACG2H>; Wed, 28 Jun 2000 16:30:38 -0400
>Message-ID: <[EMAIL PROTECTED]>
>From: Bill Rebey <[EMAIL PROTECTED]>
>To: [EMAIL PROTECTED]
>Subject: Legality - just heated up
>Date: Wed, 28 Jun 2000 14:30:38 -0600
>X-Old_TimeStamp: Wed, 28 Jun 2000 16:30:38 -0400
>MIME-Version: 1.0
>X-Mailer: Internet Mail Service (5.5.2650.21)
>Content-Type: text/plain;
> charset="iso-8859-1"
>Sender: [EMAIL PROTECTED]
>Precedence: bulk
>Reply-To: [EMAIL PROTECTED]
>X-Sender: Bill Rebey <[EMAIL PROTECTED]>
>X-List-Manager: OpenSSL Majordomo [version 1.94.4]
>X-List-Name: openssl-users
>Status:
I just got off the phone with, among others, John Riley at RSA. He's
claiming things like (paraphrased):
"It's flat out illegal to use OpenSSL for Commercial purposes" "Even if
you use OpenSSL, it still uses RSA technologies that you have to pay
royalties for (regardless whether it uses RSA encryption or not)" "We own
EAY, thus we own SSLeay/OpenSSL"
He's leaning on us to pay $70K up front, plus $636 in royalty fees for
every copy of our product that we sell!!
Can anyone clarify any of this for me?
Is there another group that I should mail to that would be a more
appropriate or authoritative audience for such legal questions?
Thanks again,
Bill Rebey
-----Original Message-----
X-Loop: openpgp.net
From: Bill Rebey
Sent: Wednesday, June 28, 2000 4:06 PM
To: [EMAIL PROTECTED]
Subject: Legality
Hi all,
Assuming I ever get OpenSSL figured out and working, I need to know about
the legality of using OpenSSL.
I am using it in a Commercial product.
What can and can't I use? I control both the client and server, so the
brand of encryption that I use is not important. What's far more
important is that I avoid using anything that requires licensing,
royalties, fees, etc.
Is there a definitive source for this information somewhere?
Thanks for any help you can offer,
Bill Rebey
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
-----------------------------------------------------
-- End of forwarded message
-----------------------------------------------------
--
---------------------------------------------------------------
William H. Geiger III http://www.openpgp.net
Geiger Consulting
Data Security & Cryptology Consulting
Programming, Networking, Analysis
PGP for OS/2: http://www.openpgp.net/pgp.html
E-Secure: http://www.openpgp.net/esecure.html
---------------------------------------------------------------
