From owner-freebsd-questions  Wed Nov 19 19:48:37 1997
Return-Path: <owner-freebsd-questions>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.7/8.8.7) id TAA03070
          for questions-outgoing; Wed, 19 Nov 1997 19:48:37 -0800 (PST)
          (envelope-from owner-freebsd-questions)
Received: from ns1.hiper.net (ns1.hiper.net [207.137.172.11])
          by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id TAA03064
          for <questions@freebsd.org>; Wed, 19 Nov 1997 19:48:32 -0800 (PST)
          (envelope-from randyk@ccsales.com)
Received: from ntrkcasa (pool35.hiper.net [207.137.172.35])
	by ns1.hiper.net (8.8.5/8.8.5) with SMTP id UAA19321;
	Wed, 19 Nov 1997 20:10:42 GMT
Message-Id: <3.0.5.32.19971119194741.03203100@ccsales.com>
X-Sender: randyk@ccsales.com
X-Mailer: QUALCOMM Windows Eudora Pro Version 3.0.5 (32)
Date: Wed, 19 Nov 1997 19:47:41 -0800
To: Shawn Ramsey <shawn@luke.cpl.net>, questions@freebsd.org
From: "Randy A. Katz" <randyk@ccsales.com>
Subject: Re: Apache-SSL
In-Reply-To: <Pine.BSF.3.95.971119184821.3283A-100000@luke.cpl.net>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Sender: owner-freebsd-questions@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

When I asked the Stronghold people they said that it was not legal to use
it. When I questioned further they said that is because RSA has the
authority and Stronghold has an exclusivity agreement with them...I called
RSA and they told me yes. Stronghold has an agreement with them but they
allow others to use RSA encryption behind web site...and one of the ones
they said was OK was Apache SSL...no problem.

Went back to Stronghold, asked why they lied...they denied it and told me
RSA might come after me and that I would have to pay $30,000 to get an
arrangement with RSA like they do...RSA said they didn't understand and
Apache SSL is fine and so forth...

I WILL NEVER DO BUSINESS WITH STRONGHOLD EVEN IF THEY HAVE A GREAT PRODUCT.
I hear they have more implementation problems then Apache SSL anyway and
you pay for it (but they give you support and it's hard to figure out how
to implement Apache SSL).

If you go to http://www.thawte.com and look under order a server
certificate you will see the procedure (sketchy). You must have ssleay and
a patched version of Apache 1.2 already compiled and installed.

Take care.
Randy Katz

At 06:49 PM 11/19/97 -0800, Shawn Ramsey wrote:
>Does anyone know what the licesning issues are for Apache-SSL in the US?
>Is it even possible to legally use it in the US? Just curious if it would
>be worth it to use this, over say Stronghold. 
>
>
>
>