[1951] in Kerberos
RSA source availability (was: kerberos & novell)
daemon@ATHENA.MIT.EDU (Nelson Bolyard)
Thu May 28 16:24:20 1992
Date: 28 May 92 19:30:50 GMT
From: nelson@bolyard.wpd.sgi.com (Nelson Bolyard)
To: kerberos@shelby.Stanford.EDU
In article <9205272236.AA14649@tsx-11.MIT.EDU> tytso@athena.mit.edu writes:
[...]
>Two points here. First of all, I assume what you're talking about is
>the fact that unless you pay $$$$$$ to RSA DSI, you *don't* get sources
>to their RSA encryption package. You just get binaries to whatever
>platforms you wish. Again, this means you have to trust RSA DSI that
>they haven't done anything funny with that package.
USA citizens can get sources for RSA encryption from RSADSI without
paying any $$$$. RSA Laboratories, a division of RSADSI, distributes the
_sources_ to RSAREF, a reference implementation of RSA and DES encryption
written in C as a library, at no charge.
Although no money is involved, the source is distributed under the terms
of a license, to which you must agree before receiving the sources. The
license agreement contains several restrictions (of course). It prevents
you from redistributing the sources outside the US, and prohibits
"commercial" use (I can't use it here at work). I suspect it's possible
to negotiate a commercial use license for the code (;-).
To get a copy of the license agreement (pre-requisite to getting the
sources), email a request for it to rsaref-administrator@rsa.com.
I got this information from a posting to sci.crypt last March. I have no
affiliation with RSA Labs or RSADSI, I'm just passing this on for the
interested readers of this newsgroup.
--
Nelson Bolyard nelson@sgi.COM {decwrl,sun}!sgi!whizzer!nelson
Disclaimer: Views expressed herein do not represent the views of my employer.
--
