[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: IPsec near term work
-----BEGIN PRIVACY-ENHANCED MESSAGE-----
Proc-Type: 4,MIC-CLEAR
Content-Domain: RFC822
Originator-ID-Asymmetric: MFMxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJNRDE
kMCIGA1UEChMbVHJ1c3RlZCBJbmZvcm1hdGlvbiBTeXN0ZW1zMREwDwYDVQQLEwh
HbGVud29vZA==,03
MIC-Info: RSA-MD5,RSA,Kigr9NdAehfRZQUzKRPCB+aFbtF7tmXMYPJ1Ra7kxP2
lYZl308slFdYZyF1fIqVMVgF8bGExMah7Sar9SD2AeCfmfXY0OgcNJrLP/wtUC2Q
jlMT1DHmhEml3XIUotpQc
> The second group could use a shareware, licenced north american
> rsaref work alike if only it existed. RSADSI has blocked this
> approach by not selling a "comercial version" of the software they
> already give away.
>
> They see rsaref as a purly experimental library which has no place
> in the "real world". IMHO they are throwing away free money by
> not selling "comersial use licences" for rsaref to companies who
> want to use software built with it.
I don't believe this description of the situation is completely
accurate. I'm not sure what "shareware, licensed..." means precisely.
However, I believe that if someone developed an application which
uses RSAREF and then sought a commercial license for the application,
a fairly strightforward business discussion would ensue. I don't
speak for RSADSI, but I expect they would provide suitable commercial
licenses whenever the situation arises. One can cast this as a pair
of questions focused on test cases:
- - Are there any known examples in which someone has built an
application based on RSAREF, decided to commercialize it,
approached RSADSI, and not been able to come to reasonable terms?
I know of none, but perhaps others do.
+ Conversely, are there any known examples in which someone has
built an application based on RSAREF, decided to commercialize it,
approached RSADSI, and successfully obtained a license? I believe
the answer is yes.
All representations and disclaimers in my last note apply here too.
Steve
> From: Brad Huntting <huntting@glarp.com>
> To: Phil Karn <karn@qualcomm.com>
> cc: atkinson@itd.nrl.navy.mil, ipsec@ans.net
> Date: Wed, 02 Feb 1994 13:29:31 -0700
> Subject: Re: IPsec near term work
>
>
> > Will we have to wait until 1997 (when Diffie Hellman expires) or 2000
> > (when RSA expires) to do anything with IP security beyond manual
> > single-key cryptography? Is anyone willing to tackle this issue?
>
> If your implementation uses rsaref then there's a good chance it
> could be used by most north american companies.
>
> Unfortunately, this leaves out two very large sectors of the
> Internet. Namely (1) those outside north america, and (2) commercial
> interests.
>
> The first group could use an rsaref work alike as long as it was
> developed and maintained outside the US.
>
> The second group could use a shareware, licenced north american
> rsaref work alike if only it existed. RSADSI has blocked this
> approach by not selling a "comercial version" of the software they
> already give away.
>
> They see rsaref as a purly experimental library which has no place
> in the "real world". IMHO they are throwing away free money by
> not selling "comersial use licences" for rsaref to companies who
> want to use software built with it.
>
>
> brad
-----END PRIVACY-ENHANCED MESSAGE-----
References: