www-legal-discuss mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ben Laurie <...@links.org>
Subject Re: [Fwd: Re: Thoughts on Camillia in openssl binaries?]
Date Thu, 20 Sep 2007 09:28:57 GMT
William A. Rowe, Jr. wrote:
> A thread from dev@httpd, we are considering adding a newer algorithm
> to a binary 0.9.8 build of openssl.  Introduces a patent question, with
> what is almost but not quite a complete grant of license.  Looking for
> any feedback if this would concern us, since Tom raises the point that
> it gets interesting with Firefox 3 possibly using this algorithm.

I should point out that just because some loon contributes an algorithm
to OpenSSL doesn't mean you need to implement it.

If there's any encumbrance, then I see even less reason to implement
(less than "none", that is).

> 
> Bill
> 
> 
> 
> ------------------------------------------------------------------------
> 
> Subject:
> Re: Thoughts on Camillia in openssl binaries?
> From:
> Tom Donovan <donovant@bellatlantic.net>
> Date:
> Tue, 18 Sep 2007 16:19:55 -0400
> To:
> dev@httpd.apache.org
> 
> To:
> dev@httpd.apache.org
> 
> 
> William A. Rowe, Jr. wrote:
>> Two questions, one technical one legal.
>>
>> Technically, do we want to enable the Camillia algorithms in our
>> binary builds of openssl 0.9.8 for win32 and other platforms where
>> we might build it?
>>
>> Legally are we satisfied by
>> http://info.isl.ntt.co.jp/crypt/eng/info/chiteki.html
>> ?  There is a small clause about permission needed to export from
>> JP, which would mean if a JP site redistributed our binary (e.g.
>> reexported it) it might cause them a hassle.
>>
>> Bill
>>
> Seems reasonable in anticipation of it becoming supported in FireFox 3.
> 
> FYI - enabling camellia works well with Apache 2.2.4/mod_ssl on Windows
> to the NTT test site - https://info.isl.ntt.co.jp/crypt/eng/camellia.
> The selected Cipher Suite is TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA.
> 
> On a slightly-related note; it might also be a good change to statically
> link zlib into OpenSSL to avoid the need for zlib1.dll.  Doing so adds
> about 40kb to the size of libeay32.dll vs. shipping the 58kb zlib1.dll.
> 
> I think rle compression (which is always available) or no-compression
> gets used for SSL in most cases anyway.  Many Windows users delete
> zlib1.dll and never notice its absence.
> 
> PERL Configure VC-WIN32 enable-camellia zlib
> --with-zlib-lib=../zlib/zlib.lib --with-zlib-include=../zlib
> 
> -tom-
> 
> 
> 
> 
> ------------------------------------------------------------------------
> 
> ---------------------------------------------------------------------
> DISCLAIMER: Discussions on this list are informational and educational
> only.  Statements made on this list are not privileged, do not
> constitute legal advice, and do not necessarily reflect the opinions
> and policies of the ASF.  See <http://www.apache.org/licenses/> for
> official ASF policies and documents.
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
> For additional commands, e-mail: legal-discuss-help@apache.org


-- 
http://www.apache-ssl.org/ben.html           http://www.links.org/

"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff

---------------------------------------------------------------------
DISCLAIMER: Discussions on this list are informational and educational
only.  Statements made on this list are not privileged, do not
constitute legal advice, and do not necessarily reflect the opinions
and policies of the ASF.  See <http://www.apache.org/licenses/> for
official ASF policies and documents.
---------------------------------------------------------------------
To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
For additional commands, e-mail: legal-discuss-help@apache.org


Mime
View raw message