The RSA algorithm is public domain since early september as per an
announcement from RSA Security, Inc, and the patent expired September
20. Still, there's is code to glue RSAref with OpenSSL in the OpenSSL
source. And to boot, RSAref is not officially supported anywhere, or
even archived. There are a number of unofficial archives still
holding it. ("Official" refers to the status from the point of view
of RSA Security)
Both these facts basically make RSAref as valuable as a removed appendix.
So, the logical thing would be to remove anything related to RSAref
from the OpenSSL source code, perhaps with the exception of
RSA_PKCS1_RSAref() which could return NULL or the same as
RSA_PKCS1_SSLeay().
However, before we (the OpenSSL dev team) do this, we'd like to know
what the opinion is out there. Shall we remove the RSAref glue code,
or does it need to be kept for a little while yet?
--
Richard Levitte \ Spannv�gen 38, II \ [EMAIL PROTECTED]
Chairman@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47
Redakteur@Stacken \ SWEDEN \ or +46-709-50 36 10
Procurator Odiosus Ex Infernis -- [EMAIL PROTECTED]
Member of the OpenSSL development team: http://www.openssl.org/
Software Engineer, Celo Communications: http://www.celocom.com/
Unsolicited commercial email is subject to an archival fee of $400.
See <http://www.stacken.kth.se/~levitte/mail/> for more info.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
