On Tue, Dec 14, 1999 at 02:19:35PM +0000, David Wright wrote: > Quoting Colin Watson (cjw44@cam.ac.uk): > > glen@gomotech.com (Glen S Mehn) wrote: > If ssh were non-free, and I were to download it from a site in the US, > then I would've broken the law, wouldn't I? Whereas, because it's non-US, > I can't find it on any US site, so I can't accidently break the law. > Right? Not quite. The non-free section is non-free as in speech, not beer, so you don't have to buy a license for it. However, you are breaking the law if you attempt to: 1. Sell it (ssh1) 2. Make money with it in any way, no matter how indirectly (like remote-admining a system) (ssh2) 3. Export it _from_ the US to a country other than Canada or export it _from_ Canada to a country other than the US if the original source was inside the US. > Does OpenSSH not suffer from this problem as well? Does it contain > strong encryption or not? OpenSSH contains all the strong encryption of nonfree-ssh except IDEA. IDEA is a patented algorythm (Really quite an amazing algorythm actually) but developed outside the US (International Data Encryption Algorythm) and is in my opinion more interesting than anything developed in the US. IDEA (and actually no algorythm) was removed from OpenSSH due to export restrictions. There are known ways around that problem. IDEA was removed because it is non-free. But OpenSSH still supports 3DES, Blowfish, RSA (with add-on) and few people have been stung by the removal of IDEA. Please see http://www.openssh.com/ for more information. -Dan -- "Beware he who would deny you access to information, for in his heart he dreams himself your master."
Attachment:
pgpQB6AYanU7v.pgp
Description: PGP signature