Re: RSAref in the US

Dave Neuer Mon, 12 Apr 1999 14:46:37 -0700
RSARef is legal in the US for non-commercial use only.  As far as RSA Data
Security Inc. and the US government are concerned, there is no way to do
Public Key cryptography in the US for commercial uses without paying RSA a
license fee, either directly or indirectly through Stronghold, Raven, Red
Hat or some other RSA licensed vendor (actually, they seem to have toned
down their expansive patent claims somewhat (they formerly claimed that they
basically owned the patent rights to "the art of Public Key" cryptography)..

This has changed only slightly since the expiration of the patent on
Diffie-Hellman key exchange; however, there is an ongoing lawsuit against
RSA by Roger Schlafly alleging (among other things) patent abuse by RSA and
asking a US Federal court to find most of the relevant patents
invalid/unenforceable.

Until that happens, however, RSA asserts that they own patents which cover
the RSA algorithms and also DSA/DSS.  Of course, the RSA patents expire in
September of 2000.

At least, this is what I have been able to glean.  I welcome correction from
anyone out there who has definitive evidence to the contrary.

Relevant links:
http://bbs.cruzio.com/~schlafly/ -- Schafly's site w/ lots of legal filings,
etc.
http://www.rsa.com/rsalabs/faq/html/6-3-2.html -- RSA's patent claims on DSA

Dave Neuer



-----Original Message-----
From: Ricardo Stella <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED] <[EMAIL PROTECTED]>
Date: Monday, April 12, 1999 3:47 PM
Subject: RSAref in the US


>
>Just to clarify... By what RSA, we can use RSARef in the US.  My main
>question is the method of using RSARef with openssl/ssleay.
>
>Since I was not able to compile openssl nor ssleay with the -rsaref
>(option 1), I decided on trying -RSAglue (option 2).  This DOES compile
>fine, and then I was able to compile sslwrap with RSAglue and rsaref.
>
>My question is, using -RSAglue, and then compiling the application with
>RSAglue and rsaref, LEGAL ?  Am I using RSARef in this mode ?
>
>Thanks in advance...
>______________________________________________________________________
>OpenSSL Project                                 http://www.openssl.org
>User Support Mailing List                    [EMAIL PROTECTED]
>Automated List Manager                           [EMAIL PROTECTED]
>

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]
Re: RSAref in the US

Reply via email to
