[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: still offtopic Re[6]: Secure Web Server Transactions

To: nick.maniscalco@alfalaval.com, stuart@internationalschool.co.uk
Subject: Re: still offtopic Re[6]: Secure Web Server Transactions
From: "Richard Johnson" <rdump@river.com>
Date: Wed, 1 Jul 1998 10:22:14 -0600
Cc: misc@openbsd.org
Delivery-Date: Wed Jul 1 09:25:29 1998

At 05:19 -0600 on 6/30/98, nick.maniscalco@alfalaval.com wrote:
>               Inside the US and Canada
>                    Either
>                      1.Buy a Verisign-accredited, RSA licensed
>                         server (currently only Stronghold) and buy a
>                         certificate from Verisign, or
>                      2.Download Apache and Apache-SSL patches,
>                         compile, pay RSA license for RSA-patented
>                         technology, and sign own certificate
>                         (however RSA may not license RSA to
>                         individuals)

I run both Stronghold and Apache-SSL secure servers on various OpenBSD
machines in the USA.  (The Apache-SSL(RSAREF) server is used in a research
project at a college.)  However, it should indeed be possible to run a
licensed commercial Apache-SSL server in the USA, with a Verisign cert.

As the dust settled after the PKP dissolution, RSA ceased providing commercial
licenses for RSAREF, preferring to sell BSAFE.  However, Cylink reportedly
sub-licenses RSAREF for commercial use (though they probably prefer to sell
their own crypto toolkit as well).  You may be able to pay them for an
individual license to use SSLeay built with RSAREF.  See
http://www.cylink.com for contact info.

Also, as others have noted, Verisign now signs host keys for use with
"Freeware Apache".

Richard

Prev by Date: Re: virtual terminals in Mac68k?
Next by Date: Re: Keyboard Problems
Prev by thread: Re: virtual terminals in Mac68k?
Next by thread: Help with Smail3 please
Index(es):
- Date
- Thread