Linux VPN

Bennett Todd bet at RAHUL.NET
Mon Jan 24 13:34:07 EST 2000 

2000-01-24-05:18:23 matthew patton:
> > That problem goes away after September 29th.
>
> Maybe. that is if the Senators haven't been convinced otherwise by
> large injections of cash into their re-election campaign funds.

If the law gets rewritten to allow this monopoly to stretch longer,
that'll just jack up the incentive to finish the job of rewriting
all crypto-using apps to avoid RSA.

SSL already has support for D-H in the protocol. I don't know if all
implementations support it yet, but if RSA gets outlawed for any
longer I'm sure they will.

Likewise, if this monopoly gets stretched any more I'm sure we'll
hack ssh to do D-H.

> Nope, you can't. What is available for USA people is
> libcryp/libssl based on RSAREF. This is legel within the US for
> ONLY NON-COMMERCIAL use. So if you're a company, you can't use
> it. Therefore, we're in a bind. Technically, Nobody (in the US)
> unless they are private citizens can use OpenBSD's crypto.

That's only if you use the RSA. So avoid RSA until Sep. 29th, and if
the law gets changed help purge RSA out of all the tools you need.

> The problem is, most people don't know about the restrictions, or
> they are hoping that RSA doesn't come after them. The cost for
> a RSA license starts at 50,000 US. If that were to be CD-ROM's,
> that's 1000 CD's at $50 a pop.  Which is IMO a reasonable sum
> and fits within their minimal pricing structure. Only then could
> commercial entities be properly licensed.
>
> I think it would make sense for a company like ourselves to be the
> distribution point (if you will) of the reworked libcrypt/libssl
> libraries and to sell a US Corporate distribution of OpenBSD for
> that very purpose.
>
> The problem is trying to justify the high initial cash outlay.
>
> What do you guys think?

I think if you can come up with a model that recovers the high
intial cost in the next nine months, go for it.

-Bennett
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: not available
Url : http://lists.shmoo.com/pipermail/vpn/attachments/20000124/b3e22ad8/attachment.pgp

More information about the VPN mailing list