I just got off the phone with, among others, John Riley at RSA. He's
claiming things like (paraphrased):
"It's flat out illegal to use OpenSSL for Commercial purposes"
"Even if you use OpenSSL, it still uses RSA technologies that you have to
pay royalties for (regardless whether it uses RSA encryption or not)"
"We own EAY, thus we own SSLeay/OpenSSL"
He's leaning on us to pay $70K up front, plus $636 in royalty fees for every
copy of our product that we sell!!
Can anyone clarify any of this for me?
Is there another group that I should mail to that would be a more
appropriate or authoritative audience for such legal questions?
Thanks again,
Bill Rebey
-----Original Message-----
From: Bill Rebey
Sent: Wednesday, June 28, 2000 4:06 PM
To: [EMAIL PROTECTED]
Subject: Legality
Hi all,
Assuming I ever get OpenSSL figured out and working, I need to know about
the legality of using OpenSSL.
I am using it in a Commercial product.
What can and can't I use? I control both the client and server, so the
brand of encryption that I use is not important. What's far more important
is that I avoid using anything that requires licensing, royalties, fees,
etc.
Is there a definitive source for this information somewhere?
Thanks for any help you can offer,
Bill Rebey
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
