From owner-freebsd-current Sat Feb 19 18:31:12 2000 Delivered-To: freebsd-current@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21]) by hub.freebsd.org (Postfix) with ESMTP id C257F37BDE6; Sat, 19 Feb 2000 18:31:09 -0800 (PST) (envelope-from kris@FreeBSD.org) Received: from localhost (kris@localhost) by freefall.freebsd.org (8.9.3/8.9.2) with ESMTP id SAA98762; Sat, 19 Feb 2000 18:31:09 -0800 (PST) (envelope-from kris@FreeBSD.org) X-Authentication-Warning: freefall.freebsd.org: kris owned process doing -bs Date: Sat, 19 Feb 2000 18:31:09 -0800 (PST) From: Kris Kennaway To: "Jordan K. Hubbard" Cc: Victor Salaman , freebsd-current@FreeBSD.org Subject: Re: openssl in -current In-Reply-To: <41899.951012818@zippy.cdrom.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sat, 19 Feb 2000, Jordan K. Hubbard wrote: > > Building with rsaref can't be the default case, because it's restrictively > > licensed and not legal for some people to use. > > It's trying to figure out who "some" people are and how to address the > needs of people who don't fit that category that I'm still having a > hard time with here. If I have multiple CDROM products available, > what's to stop me from creating a "complete" solution for each of the > different groups? I don't think we're allowed to distribute rsaref on CDROM, period. From the license file: 1. RSAREF is free for personal or corporate use under the following conditions: o RSAREF, RSAREF applications, and services based on RSAREF applications may not be sold. o You must give RSA the source code of any free RSAREF application you plan to distribute or deploy within your company. RSA will make these applications available to the public, free of charge. 2. RSAREF applications and services based on RSAREF applications may be sold under the following conditions: o You must sign and return the RSAREF Commercial License Agreement to RSA (call RSA for a copy of this agreement). Remember, RSAREF is an unsupported toolkit. If you are building an application to sell, you should consider using fully supported libraries like RSA's BSAFE or TIPEM SDK's. 6. You can't send or transmit (or cause to be transmitted) RSAREF outside the United States or Canada, or give it to anyone who is not a U.S. or Canadian citizen or doesn't have a "green card." I haven't contacted RSA about Option 2, but from all reports they refuse to provide the license agreement to be signed anyway - it's a clause they wish they hadn't put in there. I've never heard of RSA fulfilling their part of option 1, either. Since we can't ship rsaref on CD, and openssl must be recompiled to build against rsaref (i.e. one size doesn't fit all) I don't see many options apart from adding the openssl-rsaref package (which we could distribute on CD) and downloading rsaref from the net, if the user says they pass the license agreement. Kris > - Jordan ---- "How many roads must a man walk down, before you call him a man?" "Eight!" "That was a rhetorical question!" "Oh..then, seven!" -- Homer Simpson To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message