A single response from Bodo Moeller on this one would be fine.
I have a proprietary client application and server that I have implemented
OpenSSL for secure comms. My own client app doesn't have to communicate
with anything other than my own application server. My server will be
likely situated outside the US, my client app may be deployed to inside the
US.
Given I am using OpenSSL and developing this outside the US, I am assuming I
don't need to worry about export restrictions.
QUESTIONS:
Which crypto algorithm would you recommend to use to reduce my exposure to
legal issues?
Are there any other legal implications with what I am doing (apart from the
OpenSSL licensing agreement)?
I would certainly seek legal council on this prior to deployment, however I
would like to progress with a reasonable level of confidence that I am going
down the right track.
Thanks,
Ian Pollard
The Partnership Group
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
