[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: lynx-dev SSL and Lynx
|
From: |
Duncan Simpson |
|
Subject: |
Re: lynx-dev SSL and Lynx |
|
Date: |
Mon, 28 Feb 2000 23:54:26 +0000 |
I beleive you can compile with RSAREF and the bugtraq archives include a fix
you can apply and still be licenced to the fixed code (RSAREF 2 had a buffer
overrun bug, although lynx has enough of it's own to make that of less
concern). Or just wait until September the 20th when the RSA patent expires
anyway. [RSA never was patent in europe because of pulbictaion before anyone
applied for a patent, for example Knuth vol 2.]
The US crypto export control mystify me, as they have absolutlety no effect
anyway---just put it on paper and OCR it outside the US and you have legally
exported crypto from he US. PGP 5 was exported compltely legally this way and
it is not rocket science.
Exactly who are the US government hurting except less clueful consumers
outside the US, because 40 bits is not enough for serious security, and some
less cluefull US companies, for example M$? Sun and many others do crypto
coding outside the US and import it, bypassing the US export restrictions
completely. I have PGPi (full strength), OpenSSL (also full strength) and
could get a lot more from outside the US.
--
Duncan (-:
"software industry, the: unique industry where selling substandard goods is
legal and you can charge extra for fixing the problems."