PATCH: cvswrite.html and (non-free) SSH
Marc Espie
espie@quatramaran.ens.fr
Mon Jun 26 18:24:00 GMT 2000
In article < 200006170726.BAA08786@aztec.santafe.edu > you write:
> I'm aware of http://www.openssh.com/ and, as far as I checked, the RSA
> code is "imported" by use of the OpenSSL library, not OpenSSH itself,
> but still I'm not sure whether it's appropriate to refer to OpenSSH
> directly.
>
>Maybe it would be useful to talk with the OpenSSH developers and the
>OpenSSL developers together, so as to figure out how RSAREF comes in.
>Maybe one of them will be willing to set up a way we can recommend the
>free parts but not recommend RSAREF.
>
The point is going to be moot in a few months in any case, hopefully,
as the patent for RSA expires.
So, I don't think it is necessary to start a wild goose chase on that
one.
As far as RSA goes, I can tell you how this works in OpenBSD:
we ship an ssl library without rsa on the CD (rsa has been stubbed out),
and people can grab an ssl library with RSA later.
Either a free one, with no restrictions, if they happen to live in the
free world (anywhere but in the USA), or the bad one, with the patented
RSA code, and all the restrictions, for the USA.
The RSA code is not a part of openssh development proper.
With the recent OpenSSH code, ssh is still functional--though slower--, if
you happen not to grab the ssl-rsa flavor, as it then uses dsa instead.
I haven't checked which implementation of ssh the gcc server uses, but
it would be wise to switch to a free one, preferably a flavor that does allow
dsa use...
Markus knows more about these than I do (since he's a real openssh developper,
whereas I just happen to be both a gcc and an OpenBSD developper), and I'm
sure he'll be quick to spot and fix inaccuracies...
More information about the Gcc-patches
mailing list