Date: Sat, 19 Feb 2000 18:31:09 -0800 (PST) From: Kris Kennaway <kris@FreeBSD.org> To: "Jordan K. Hubbard" <jkh@zippy.cdrom.com> Cc: Victor Salaman <salaman@teknos.com>, freebsd-current@FreeBSD.org Subject: Re: openssl in -current Message-ID: <Pine.BSF.4.21.0002191820430.98202-100000@freefall.freebsd.org> In-Reply-To: <41899.951012818@zippy.cdrom.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 19 Feb 2000, Jordan K. Hubbard wrote:
> > Building with rsaref can't be the default case, because it's restrictively
> > licensed and not legal for some people to use.
>
> It's trying to figure out who "some" people are and how to address the
> needs of people who don't fit that category that I'm still having a
> hard time with here. If I have multiple CDROM products available,
> what's to stop me from creating a "complete" solution for each of the
> different groups?
I don't think we're allowed to distribute rsaref on CDROM, period. From
the license file:
1. RSAREF is free for personal or corporate use under the
following conditions:
o RSAREF, RSAREF applications, and services based on
RSAREF applications may not be sold.
o You must give RSA the source code of any free RSAREF
application you plan to distribute or deploy within
your company. RSA will make these applications
available to the public, free of charge.
2. RSAREF applications and services based on RSAREF
applications may be sold under the following conditions:
o You must sign and return the RSAREF Commercial License
Agreement to RSA (call RSA for a copy of this
agreement). Remember, RSAREF is an unsupported toolkit.
If you are building an application to sell, you should
consider using fully supported libraries like RSA's
BSAFE or TIPEM SDK's.
6. You can't send or transmit (or cause to be transmitted)
RSAREF outside the United States or Canada, or give it to
anyone who is not a U.S. or Canadian citizen or doesn't have
a "green card."
I haven't contacted RSA about Option 2, but from all reports they refuse
to provide the license agreement to be signed anyway - it's a clause they
wish they hadn't put in there. I've never heard of RSA fulfilling their
part of option 1, either.
Since we can't ship rsaref on CD, and openssl must be recompiled to build
against rsaref (i.e. one size doesn't fit all) I don't see many options
apart from adding the openssl-rsaref package (which we could distribute on
CD) and downloading rsaref from the net, if the user says they pass the
license agreement.
Kris
> - Jordan
----
"How many roads must a man walk down, before you call him a man?"
"Eight!"
"That was a rhetorical question!"
"Oh..then, seven!" -- Homer Simpson
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0002191820430.98202-100000>