Subject: | |
From: | |
Reply To: | |
Date: | Wed, 16 Jul 1997 10:44:27 -0700 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
Jon Diercks writes:
>
> > Adding SSL support to Apache/iX looks promising.
>
> That's encouraging. Can you (or anyone else) explain to us exactly what the
> licensing issues are surronding SSL technology? My vague understanding is
> that because of certain patents held by RSA, you can't get a truly free
> implementation of SSL on a web server. Is that true, and if so, how do we go
> about determining what SSL will really cost us (assuming it does become
> available in some form).
The whole SSL crypto/license/export issue is really ugly. For details, see:
http://www.apacheweek.com/features/ssl
If I can get it all working under MPE, I will submit the MPE diffs back to the
original non-US authors to make available on their non-US ftp/http sites. I
will not be providing any SSL source from my own site.
Furthermore, I won't be able to provide any SSL binaries either, due to fear
of US export restrictions. However, I would be willing to assist some non-US
volunteer if they wanted to obtain the vanilla Apache source, the Apache-SSL
source patches from their non-US home, and the SSLeay distribution from its
non-US home, put it all together, and build a binary distribution that would
be hosted on a non-US site.
The RSA encryption stuff can be used for free in the US for non-commercial
purposes. For the license agreement for the RSAref source code, see:
http://www.cccd.edu/~markb/rsaref.txt
The above license is embedded in the actual source tar. I couldn't find a
separate link on the RSA web site, so I'm providing this temporarily on my
own server.
--
Mark Bixby E-mail: [log in to unmask]
Coast Community College Dist. Web: http://www.cccd.edu/~markb/
District Information Services 1370 Adams Ave, Costa Mesa, CA, USA 92626-5429
Technical Support +1 714 438-4647
"You can tune a file system, but you can't tune a fish." - tunefs(1M)
|
|
|