> From: Stefan Schmidt <[EMAIL PROTECTED]>
> <snip>
> I am looking into using OpenSSL commercially in the US but I can't find
> anything about the legal issues other than that there are some. So I know
> that RSA holds patents on their algorithms in the US until September 2000.
> Can I just not use their algorithms and still use OpenSSL and if so how
> would I do that. Is there any helpful up-to-date source of information
about
> this topic? And what other patent issues have to be taken into account in
> the US in relation with OpenSSL? Thanks.
One approach is to substitute the RSA BSAFE SSL-C
library for the OpenSSL crypto and ssl libraries. This
is the only way I know of licensing the RSA encryption
algorithms at a reasonable cost. This might be
the the sole remaining option, as RSA Security seems to
have stopped issuing commercial licenses for RSAREF.
Depending on which version of OpenSSL you are porting
from, there is not a lot of tweaking necessary. The RSA
libraries provide API's that are almost identical
to those in the OpenSSL code. (It's not surprising, since
Eric Young's code is the basis for both.)
Al
Allan Borr, Scriptics Corp.
Mountain View, California
email: [EMAIL PROTECTED]
______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
