Subject: Re: OpenSSL import
To: None <email@example.com, firstname.lastname@example.org>
From: Michael C. Richardson <email@example.com>
Date: 06/29/1999 22:00:33
>>>>> "Thor" == Thor Lancelot Simon <firstname.lastname@example.org> writes:
Thor> On Tue, Jun 29, 1999 at 08:41:31PM -0400, Michael C. Richardson
>> What else should I remove? From comments on the list, I take it that
>> rc2, rc4, rc5, rsa has to go. Anything else?
Thor> That is certainly not my position.
Thor> I would personally be quite happy if you left the current
Thor> structure, minus code that has patent or other IP issues. I
You mean like RSA.
Thor> personally think that leaving the RSA code in cryptosrc-intl is a
Thor> good idea, so long as building it can be disabled. I see no
But, it has patent issues.
Thor> problem with having an OpenSSL distribution, minus the code that
Thor> has known intellectual property issues, in cryptosrc-intl/dist,
Thor> with reach-across makefiles. Clearly nothing has to reach into the
Thor> MD5 or SHA1 subdirectories and duplicate what's already in libc in
Thor> the built libraries.
Thor> To my knowledge, the code that has intellectual property problems
Thor> * IDEA (Ascom patents) * MD2 (license does not permit use except
Thor> with a certain mail package) * RC4 (fine *if you don't call it
Thor> RC4*; a trademark issue) * RC5 (U.S. patent issued, int'l patents
Thor> pending AFAICT) * RC2 (trademark issue, as with RC4)
And, until 2000, RSA.
:!mcr!: | Cow#1: Are you worried about getting Mad Cow Disease?
Michael Richardson | Cow#2: No. I'm a duck.
Home: email@example.com. PGP key available.