httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Chuck Murcko <>
Subject Re: SSL in US?
Date Mon, 17 Feb 1997 15:17:52 GMT
Jason Clary wrote:
> >
> > What is the current thinking on a SSL version of Apache and US law? I
> > have ported SSLeay, RSAREF 2.0, and Apache-SSL to OS/2, but am
> > concerned about releaseing my code.
> >
> RSA still insists that RC4 and RC2 are trade secrets and are willing
> to sue anyone who uses them...
> Aparently, hooks for cryptographic libraries are OK, so a version of
> apache could be released with generic hooks for any cryptographic
> library.. I'm sure this would make myself and Ben and the  guys at
> Stronghold (C2?) very happy...
> ...
> The best idea, is to just put the hooks into Apache and distribute
> various crypto modules inside and outside the US, to avoid
> import/export difficulties..
Apache and NCSA were already pressured once into removing crypto hooks
from the source; I'm not sure attitudes in the gummint here have changed
much since then.
Chuck Murcko
The Topsail Group, West Chester PA USA

View raw message