Mailinglist Archive: opensuse-security (601 mails)

< Previous Next >
Re: [suse-security] How do Europeans build against BSAFE?
  • From: "Steven T. Hatton" <hattons@xxxxxxxxxxxxxxxx>
  • Date: Sun, 06 Aug 2000 08:31:50 -0400
  • Message-id: <398D5AB6.1C808CDE@xxxxxxxxxxxxxxxx>
Kurt Seifried wrote:

> > I'm not sure what Sep 20 brings. One person told me he didn't believe all
> of
>
> On september 20th the RSA patent should expire (assuming RSA does not try to
> renew it, hopefully not). You americans can then use a proper RSA
> implementation (like the rest of the world uses right now =).

For private "client-side" use we are pretty much free to use what we will. I'm
quite impressed with SSLeay/OpenSSL. I don't know how the code stacke up
against BSAFE as far as speed goes, but the free stuff seems quite stable as
far as I can tell. I haven't put much of a load on it yet though. RSA strikes
me as a quality oriented company, and they seem to produce good products. Even
if the algorithms are public domain, (I wonder if I could get a patten on the
pythagorean theorem? ...hmmmmm?) they may still have a market for BSAFE.

As far as the specifics of the pattem go, I'm not sure what it actually
covers. Steve Henson suggests a leagal build would result from ./config no-rc5
no-idea no-rsa. rc5 and idea are both symmetric algorithms. RSA is the one
that works the magic for PKI. It is a descendent of Diffi-Hellman, which may
rightfully be called 'Williamson'. It's the only one I use in my work.

>
> > BSAFE will be freed up then. Im also don't know if Mozilla will build to
> > anything other than BSAFE. One person told me he has built using
> BSAFEeay, but
> > that looks pretty shaky at this point. Even the libs I have for the older
> > NSS don't look like they will seamlessly fit into the current code base.
> I
> > can't go into details, but there is no one-to-one matching.
>
> As far as RSA software packages/etc go you'll still need to buy those, but
> at least you can choose to go with the free implementations of RSA.
>

I'm not convinced that there won't be a bsafe.h and so forth in the opensource
community soon. I'm just not sure it will hit the net at 0:01 on the 23rd.

>
> -Kurt

Steve


< Previous Next >