Re[2]: POSTing to a secure server ...
This WebDNA talk-list message is from 2000
It keeps the original formatting.
numero = 27619
interpreted = N
texte = Although the RSA algorithms are indeed patented (through Sept 2000), there areother algorithms that are now public domain like DES. All SSL implementationsunderstand multiple encryption schemes. The OpenSSL library explicitly includesoptions to exclude specific cyphers (like RSA and DSA) and would then be legalto use without a license.Even though DES is considered less secure than RC5 et al, for SSL it isperfectly acceptable, since the transaction is so brief compared to how long itwould take to decrypt it. Yes, someone could use a sniffer to capture thetransactions and decrypt them off line; but if some is using a sniffer in thefirst place, they probably have resources that would allow them to break intothe host machine itself.John Peacock____________________Reply Separator____________________Subject: Re: POSTing to a secure server ... Author:
(WebCatalog Talk)Date: 2/15/00 8:53 PMThe availability of the modules does not obviate the need for licensing. Some RSA licenses are free for non-commercial use, but I doubt that any commercial use is free. The code alone is not the issue, it's the patent and their licensing practices.David-------------------------------------------------------------Brought to you by CommuniGate Pro - The Buzz Word Compliant Messaging Server.To end your Mail problems go to .This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to
Associated Messages, from the most recent to the oldest:
|
- Re[2]: POSTing to a secure server ... (jpeacock@univpress.com 2000)
|
Although the RSA algorithms are indeed patented (through Sept 2000), there areother algorithms that are now public domain like DES. All SSL implementationsunderstand multiple encryption schemes. The OpenSSL library explicitly includesoptions to exclude specific cyphers (like RSA and DSA) and would then be legalto use without a license.Even though DES is considered less secure than RC5 et al, for SSL it isperfectly acceptable, since the transaction is so brief compared to how long itwould take to decrypt it. Yes, someone could use a sniffer to capture thetransactions and decrypt them off line; but if some is using a sniffer in thefirst place, they probably have resources that would allow them to break intothe host machine itself.John Peacock____________________Reply Separator____________________Subject: Re: POSTing to a secure server ... Author: (WebCatalog Talk)Date: 2/15/00 8:53 PMThe availability of the modules does not obviate the need for licensing. Some RSA licenses are free for non-commercial use, but I doubt that any commercial use is free. The code alone is not the issue, it's the patent and their licensing practices.David-------------------------------------------------------------Brought to you by CommuniGate Pro - The Buzz Word Compliant Messaging Server.To end your Mail problems go to .This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to
jpeacock@univpress.com
DOWNLOAD WEBDNA NOW!
Top Articles:
Talk List
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...
Related Readings:
WebCatalog2 Feature Feedback (1996)
Show if time tags (1997)
Sort Order on a page search (1997)
WebCatalog sales (1997)
[WebDNA] [WSC] WebDNA Development Summit (2014)
FYI: virus alert (1996)
Cross-platform file locations? (2000)
Case statement (2003)
[protect admin] (1997)
Web Catalog vs. ICAT (1997)
[referrer] tag (1997)
Sort order (1998)
More on the email templates (1997)
WC Database Format (1997)
Problem with 2.1b3 (1997)
Help name our technology! (1997)
Question re: FlushDatabases (1997)
[append] vs. [appendfile] delta + question? (1997)
[WebDNA] Integrating a HTML Parser (2013)
where to put code (1998)