[14813] in cryptography@c2.net mail archive
Re: Open Source Embedded SSL - Export Questions
daemon@ATHENA.MIT.EDU (Rich Salz)
Wed Nov 26 16:39:49 2003
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Tue, 25 Nov 2003 23:44:02 -0500 (EST)
From: Rich Salz <rsalz@datapower.com>
To: J Harper <jsec@peersec.com>
Cc: "cryptography@metzdowd.com" <cryptography@metzdowd.com>
In-Reply-To: <01fc01c3b2f8$c0619500$6a01a8c0@towelie>
> We've implemented a small version of SSL that we plan to release as
> open source by year's end.
Great!
> We're not looking for official legal advice, just some pointers to
> current online resources of how to go about registering our product in
> the US.
http://www.bxa.doc.gov/Encryption; Google for "crypto export"
turned it up as the third item. Yes, open source is pretty easy
to export. (Even for binaries, it's not like the bad old days;
the regulations are pretty realistic now. For example, there's
really no such thing as "export strength" any more.)
> On a different, but similar legal note,
> what current patent/trademark issues have people run across with the
> algorithms mentioned above?
Well, for the ones you mentioned, RSA and 3DES are unencumberd.
RC4 is a trademark owned by RSA Data Security. So don't violate their
trademark.
/r$
--
Rich Salz Chief Security Architect
DataPower Technology http://www.datapower.com
XS40 XML Security Gateway http://www.datapower.com/products/xs40.html
XML Security Overview http://www.datapower.com/xmldev/xmlsecurity.html
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
