Subject: Re: quickly find what applications are affected by RSA
To: Frederick Bruckman <>
From: Jun-ichiro itojun Hagino <>
List: current-users
Date: 09/08/2000 22:59:25
>>  > 	netbsd have been shipping openssl pkgsrc, which include RSA.  why
>>  > 	netbsd pkgsrc is not considered a contributory patent infringement and
>>  > 	openbsd (RSA-only) binary package is?
>> Well, the NetBSD pkgsrc is not providing a binary package, and we require
>> that the sources be fetched from the master site, at least...  that's
>> certainly different than shipping a binary package.
>Just to belabour the obvious: No one objects to NetBSD pkgsrc
>mirroring source and providing binaries for openssl henceforth,
>now that the patent has been waived, correct?

	the following twist have been removed by the RSA expiration, and
	recently deregulated :
	- non-commercials in US can use RSAREF
	- commercials in US cannot use RSA at all
	- non-US people should use non-RSAREF RSA source code

	there still are other problems with crypto software:
	- export/import regulation in non-US countries
	- other patented algorithms, like IDEA/RC4/RC5
	if we take the safer side, we should change almost nothing but
	RSAREF/non-RSAREF issue.