[31653] in North American Network Operators' Group
RE: RSA Patent Expired
daemon@ATHENA.MIT.EDU (Richard A. Steenbergen)
Wed Oct 4 19:46:01 2000
Date: Wed, 4 Oct 2000 19:43:55 -0400 (EDT)
From: "Richard A. Steenbergen" <ras@e-gerbil.net>
To: Richard Welty <rwelty@vpnet.com>
Cc: Bill Fumerola <billf@chimesnet.com>,
Hendrik Visage <hvisage@is.co.za>,
Bradly Walters <bwalters@inet-direct.com>, nanog@merit.edu
Message-ID: <Pine.BSF.4.21.0010041939571.373-100000@overlord.e-gerbil.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Errors-To: owner-nanog-outgoing@merit.edu
On Tue, 3 Oct 2000, Richard Welty wrote:
> Bill Fumerola [mailto:billf@chimesnet.com] wrote:
> > OpenSSH uses RSA for ssh1, so it too benefited greatly
> > from RSA's release of the code into the public domain.
>
> except that nobody should be using ssh1 for _anything_ if they can
> possibly avoid it. even the orginal authors of ssh are strongly
> advocating
> consigning ssh1 to the trash heap of computer security.
I think you're confused, ssh1 is still a very valid protocol. It is well
tested and proven, and in many cases better implemented then ssh2 (though
of course that may change eventually). Don't confuse the desire to make
money with insecurity.
As for the release of the RSA patent, its a "nice thing" but it hasn't
changed much other then cleaning up some bad code by removing the need to
use RSAREF (and good riddence), and moving some dollar signs around for
commercial implementors.
"Anyone is now free to rub two primes together for their own gratification"
-- Unknown
--
Richard A Steenbergen <ras@e-gerbil.net> http://www.e-gerbil.net/humble
PGP Key ID: 0x138EA177 (67 29 D7 BC E8 18 3E DA B2 46 B3 D8 14 36 FE B6)
