> To build a legally royalty free SSL implementation
> what RSA algorithms do I need to abstain from using?
> When does the RSA patent expire?
*ALL* RSA algorithms are covered by patent until Sept 20.
If you need to work with current browsers, pragmatically speaking you
must have RSA.
> 1. The apps/req.exe utility generates this key that I use
> to for the certificate authority in apps/CA.exe.
Was there a question there? :) It's an RSA key, hence patented for a few
more months.
> 2. CA.exe issues certificates. The certificates
> are created using [Signature Algorithm: md5WithRSAEncryption].
> Is this legitimate?
Yes. It's also patented.
> 3. In my SSL Server I have the following:
> SSL_CTX_set_cipher_list(ctx,"DES-CBC3-SHA")
> Does this select the SSL encryption algorithm?
Yes.
> If so, how do I guarantee that my client application
> supports this?
Did you write the client? If not, and if you don't support RC4, then
expect that attempts to connect will fail with "no common mechanisms"
found. Again, this is pragmatic.
/r$
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
