In France, now, you can use 128 bits encryption...
Franck Chionna
Tim Willis wrote:
> In perusing the documentation of Mod_SSL, I came across these two sections:
>
> ------------
> At least two countries with heavy cryptography restrictions are well known:
> In the United States (USA) first it's not allowed to (re-)export mod_ssl or
> OpenSSL and second it's not allowed to use Apache+mod_ssl+OpenSSL (because
> of patent issues on the RSA and RC4 algorithms) unless OpenSSL is built with
> RSA DSI's RSAref package and used for non-commercial purposes only. And
> inside France it's not allowed to use any cryptography at all when keys with
> more than 40 bits are used.
> ------------
> ------------
> As of this writing (end of the year 1999) the major difference is the RSA
> license which one receives (very cheaply in contrast to a direct licensing
> from RSA DSI) with the commercial Apache SSL products. On the other hand,
> one needs this license only in the US, of course. So for non-US citizens
> this point is useless. And even for US citizens the situations is at least
> solved next year (September 20th, 2000) when the RSA patent expires.
> ------------
>
> What does all this mean? Is it legal for me, in the US, to use
> Apache+mod_ssl+OpenSSL for commercial purposes? Do I read it correctly that
> it isn't legal for me at the moment, but will be after September 20th, 2000?
> Could someone clarify this for me?
>
> Thanks,
>
> Tim Willis
> IS Technician
> Code Rite
> [EMAIL PROTECTED]
>
> ______________________________________________________________________
> Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
