Subject: Re: quickly find what applications are affected by RSA
To: Frederick Bruckman <firstname.lastname@example.org>
From: Jun-ichiro itojun Hagino <email@example.com>
Date: 09/08/2000 22:59:25
>> > netbsd have been shipping openssl pkgsrc, which include RSA. why
>> > netbsd pkgsrc is not considered a contributory patent infringement and
>> > openbsd (RSA-only) binary package is?
>> Well, the NetBSD pkgsrc is not providing a binary package, and we require
>> that the sources be fetched from the master site, at least... that's
>> certainly different than shipping a binary package.
>Just to belabour the obvious: No one objects to NetBSD pkgsrc
>mirroring source and providing binaries for openssl henceforth,
>now that the patent has been waived, correct?
the following twist have been removed by the RSA expiration, and
recently deregulated :
- non-commercials in US can use RSAREF
- commercials in US cannot use RSA at all
- non-US people should use non-RSAREF RSA source code
there still are other problems with crypto software:
- export/import regulation in non-US countries
- other patented algorithms, like IDEA/RC4/RC5
if we take the safer side, we should change almost nothing but