Feedback from Ben via legal-discuss, since his httpd-dev list seems
to have fallen over and can't get up.
Bill
---BeginMessage---
William A. Rowe, Jr. wrote:
A thread from [EMAIL PROTECTED], we are considering adding a newer algorithm
to a binary 0.9.8 build of openssl. Introduces a patent question, with
what is almost but not quite a complete grant of license. Looking for
any feedback if this would concern us, since Tom raises the point that
it gets interesting with Firefox 3 possibly using this algorithm.
I should point out that just because some loon contributes an algorithm
to OpenSSL doesn't mean you need to implement it.
If there's any encumbrance, then I see even less reason to implement
(less than none, that is).
Bill
Subject:
Re: Thoughts on Camillia in openssl binaries?
From:
Tom Donovan [EMAIL PROTECTED]
Date:
Tue, 18 Sep 2007 16:19:55 -0400
To:
dev@httpd.apache.org
To:
dev@httpd.apache.org
William A. Rowe, Jr. wrote:
Two questions, one technical one legal.
Technically, do we want to enable the Camillia algorithms in our
binary builds of openssl 0.9.8 for win32 and other platforms where
we might build it?
Legally are we satisfied by
http://info.isl.ntt.co.jp/crypt/eng/info/chiteki.html
? There is a small clause about permission needed to export from
JP, which would mean if a JP site redistributed our binary (e.g.
reexported it) it might cause them a hassle.
Bill
Seems reasonable in anticipation of it becoming supported in FireFox 3.
FYI - enabling camellia works well with Apache 2.2.4/mod_ssl on Windows
to the NTT test site - https://info.isl.ntt.co.jp/crypt/eng/camellia.
The selected Cipher Suite is TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA.
On a slightly-related note; it might also be a good change to statically
link zlib into OpenSSL to avoid the need for zlib1.dll. Doing so adds
about 40kb to the size of libeay32.dll vs. shipping the 58kb zlib1.dll.
I think rle compression (which is always available) or no-compression
gets used for SSL in most cases anyway. Many Windows users delete
zlib1.dll and never notice its absence.
PERL Configure VC-WIN32 enable-camellia zlib
--with-zlib-lib=../zlib/zlib.lib --with-zlib-include=../zlib
-tom-
-
DISCLAIMER: Discussions on this list are informational and educational
only. Statements made on this list are not privileged, do not
constitute legal advice, and do not necessarily reflect the opinions
and policies of the ASF. See http://www.apache.org/licenses/ for
official ASF policies and documents.
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
--
http://www.apache-ssl.org/ben.html http://www.links.org/
There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit. - Robert Woodruff
---End Message---