>As far as I know, its only against the law if you *export* the technology.
>Is this right? If not, what am I missing?
The US patent protections.
To answer the original question: nothing has changed between OpenSSL and
SSLeay
that really changes the "can I use this within the US" question(s).
> anyone has used the ssleay/openssl certificates with >smartcards
>(tokens)
> 1024bits key enabled, inside the browsers like >Netscape or IE/Outlook ?
We're using SSLeay0.9.1 with Chrysalis LunaCA-2 cards
and 1024 keys. Chrsyalis provides a PKCS11 interface,
upon which we built our own library.
UTCTime's are two-digit years.
GENERALIZED time's are four-digit years.
The X509 data structures are generally a Time, which
is a CHOICE of either two; the IETF PKIX profile
specifies that 50-99 are 1900, 00-49 are 2000.
Stephen is adding support for all this to the
code base (and is basically don
