Yea, we figure this has a lot do do with it. Actually the $70K is down from
$100K after much whining.
The real concern isn't the price, though - it's "Do we have to pay him
anything at all?"
I thought we just owed RSA if we wanted to use RSA encryption, and that
OpenSSL was Free and Clear if we didn't use RSA encryption.
Does anyone know if that's "true" or not? By "true", I don't mean "the way
it should be"; I mean "will it stand up in court?"
I certainly don't want to get in trouble for using OpenSSL without paying
someone if they have a right to be paid, but I thought the whole point of
the "Open" in "OpenSSL" was that it was free. RSA seems to think otherwise.
How can I find out, from a legally sound source, what the truth is?
Thanks again,
Rebey
-----Original Message-----
From: Harry W. Waddell [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, June 28, 2000 4:56 PM
To: Bill Rebey
Subject: Re: Legality - just heated up
I would expect that 70K was just an opening bid. I don't know if you've
shipped products already, but if you haven't, maybe you could negotate a
better deal by threatening to hold off on shipping products until after
their
patent expires this fall? As the expiration grows closer, I think that they
will find it a lot harder to extort full price for a license.
HW
On Wed, 28 Jun 2000, Bill Rebey wrote:
> I just got off the phone with, among others, John Riley at RSA. He's
> claiming things like (paraphrased):
>
> "It's flat out illegal to use OpenSSL for Commercial purposes"
> "Even if you use OpenSSL, it still uses RSA technologies that you have to
> pay royalties for (regardless whether it uses RSA encryption or not)"
> "We own EAY, thus we own SSLeay/OpenSSL"
>
> He's leaning on us to pay $70K up front, plus $636 in royalty fees for
every
> copy of our product that we sell!!
>
> Can anyone clarify any of this for me?
>
> Is there another group that I should mail to that would be a more
> appropriate or authoritative audience for such legal questions?
>
> Thanks again,
>
> Bill Rebey
>
>
>
> -----Original Message-----
> From: Bill Rebey
> Sent: Wednesday, June 28, 2000 4:06 PM
> To: [EMAIL PROTECTED]
> Subject: Legality
>
> Hi all,
>
> Assuming I ever get OpenSSL figured out and working, I need to know about
> the legality of using OpenSSL.
>
> I am using it in a Commercial product.
>
> What can and can't I use? I control both the client and server, so the
> brand of encryption that I use is not important. What's far more
important
> is that I avoid using anything that requires licensing, royalties, fees,
> etc.
>
> Is there a definitive source for this information somewhere?
>
> Thanks for any help you can offer,
>
> Bill Rebey
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
>
>
Harry Waddell
Caravan Electronic Publishing
//////////////////////////////////////////////////
Old software never dies, it just goes open source.
\
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
