Jared, Apache-SSL may be free, but then you don''t have a license to legally use RSA encryption in the US or Canada where the algorithm is patented. RSA doesn''t sell licenses to individuals, just companies like redhat who hope to make enough in sales to cover the cost of the license. If you''re outside north america you may not have to worry about it, but if you''re not though, you do. And in response to Kurt - what do you think RH Secure Server uses? Apache-SSL! In fact, from what I remember Preston saying, the new version will allow you to drop in an updated apache-ssl module unlike the older version (correct me if I''m wrong on this please Preston). In fact, stronghold is even based on Apache-SSL (at least the first versions were). Hallow hallow@webmages.com Jared Mahoney wrote:> > Apache-SSL is free for commercial and noncommerical use as it states near > the top of their website at www.apache-ssl.org. Perhaps RH should > consider bundling it with their North American distributions. Does anyone > know if RH has considered that? Why reinvent the wheel? > > Jared=
Thank you for the clarification, now what I am interested in is the time after the RSA patents are set to expire and what that means for the Apache-SSL people and RH Secure Web Server/E-Commerce Server product line. Jared On Wed, 8 Sep 1999, Hallow wrote:> Jared, > > Apache-SSL may be free, but then you don''t have a license to legally use > RSA encryption in the US or Canada where the algorithm is patented. RSA > doesn''t sell licenses to individuals, just companies like redhat who hope > to make enough in sales to cover the cost of the license. If you''re outside > north america you may not have to worry about it, but if you''re not though, > you do. > > And in response to Kurt - what do you think RH Secure Server uses? > Apache-SSL! In fact, from what I remember Preston saying, the new version > will allow you to drop in an updated apache-ssl module unlike the older > version (correct me if I''m wrong on this please Preston). > > In fact, stronghold is even based on Apache-SSL (at least the first > versions were). > > Hallow > hallow@webmages.com > > > > Jared Mahoney wrote: > > > > Apache-SSL is free for commercial and noncommerical use as it states near > > the top of their website at www.apache-ssl.org. Perhaps RH should > > consider bundling it with their North American distributions. Does anyone > > know if RH has considered that? Why reinvent the wheel? > > > > Jared > > > > > -- > PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES! > http://www.redhat.com http://archive.redhat.com > To unsubscribe: mail redhat-secure-server-request@redhat.com with > "unsubscribe" as the Subject. >
On Wed, 8 Sep 1999, Hallow wrote:> And in response to Kurt - what do you think RH Secure Server uses? > Apache-SSL! In fact, from what I remember Preston saying, the new version > will allow you to drop in an updated apache-ssl module unlike the older > version (correct me if I''m wrong on this please Preston).This is slightly incorrect. The latest secure web server packages use mod_ssl, which itself evolved from Apache-SSL. You cannot "drop in" another mod_ssl module because it will not include the licensed RSA routines. --- Preston Brown Systems Engineer pbrown@redhat.com Red Hat, Inc.