On Fri, 29 Sep 1995, Jonathan Zamick wrote:
Consensus Development and RSA Data Security, have finalized the
contract for Consensus to license and support RSAREF(tm) for
...
Lastly, we would like to hear suggestions and ideas on how to
improve RSAREF. We intend to remain responsive to requests, and
welcome ideas for the evolution of the RSAREF toolkit.
Are you going to change the licencing restrictions on the lower level RSA
function interface? To implement protocols such as SSL, one requires
access to RSAPrivateDecrypt(), RSAPrivateEncrypt(), RSAPublicDecrypt()
and RSAPublicEncrypt().
I have now implemented my own version of RSAref (the same functionality)
as part of an SSL library. To stop people in the USA from violating the
RSA patent I replace my functions to perform the above mentioned
operations with calls the those functions in RSAref; I'm doing a similar
thing to PGP. Currently I belive this is illegal unless I get a
licence. Is this going to change?
I am in the interesting situation of being some-one who will probably
never see or use RSAref (being outside the USA) but for people to use my
code in the USA I have to know the RSAref API. I think things
would be rather wierd if I had to licence the use of the 'non-standard'
RSAref interface but never actually see the code.
eric (living in a land without software patents....)
--
Eric Young
AARNet: eay(_at_)mincom(_dot_)oz(_dot_)au