-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> Jared,
>
> Apache-SSL may be free, but then you don''t have a license to
> legally use RSA encryption in the US or Canada where the algorithm
> is patented. RSA doesn''t sell licenses to individuals, just
> companies like redhat who hope to make enough in sales to cover the
> cost of the license. If you''re outside north america you may not
> have to worry about it, but if you''re not though, you do.
The RSA licenses are... expensive. And there is a lot of legal
paperwork/etc since this is classified as a munition, which implies
federal "pound me in the ass" prison (sorry, just saw office space)
if you screw up and sell it to some nasty non-North American.
> And in response to Kurt - what do you think RH Secure Server uses?
> Apache-SSL! In fact, from what I remember Preston saying, the new
> version will allow you to drop in an updated apache-ssl module
> unlike the older version (correct me if I''m wrong on this please
> Preston).
Yes but it comes in a nice bowtied package and you type in ./install
and you don''t fight with it at all. Strangely enough this is why I
purchased it instead of using one of the free ones (free is nice, but
5 hours of my time is not free to me). But we are getting way way off
topic here.
> In fact, stronghold is even based on Apache-SSL (at least the first
> versions were).
A whole lot of SSL based server are based off of apache/etc, since it
is perfectly legal to do this in the free world (well all of it but
the USA ;).
Back onto topic I''ll be upgrading to RedHat Secure Server 3.0 soon,
and I''ll write an article on it providing solutions to any
pitfalls/etc I find (heck, I get paid to do stuff like this).
FWIW the RSA patents expire on September 20, 2000, I expect to see a
LOT of software suddenly using RSA a few minutes after midnight. Out
of curiosity does this mean Red Hat will not have to pay licensing
fees for the RSA in Secure Server? And or can I then use my one copy
multiple places? It''ll be interesting to see what happens.
> Hallow
> hallow@webmages.com
- -Kurt Seifried, MCSE
https://www.seifried.org/lasg/ - Linux Administrator''s Security Guide
https://www.seifried.org/keys/ - My Digital keys
http://securityportal.com/closet/ - My weekly column
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.1 for non-commercial use <http://www.pgp.com>
iQA/AwUBN9aSaIb9cm7tpZo3EQI+tgCgnheC4PuuyXEclaYOo0M18D2lYkQAn0Cm
XcCW/Er4MDGk05LTi4q+LFGe
=VrnP
-----END PGP SIGNATURE-----