[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[registrars] Fw: [NSIRegistrars] use of RSA int the USA

this is something i request that should be considered as an agenda item for
santiago. it is a material concern  to many of the registrar constituancy.

i would like to make a proposal for this item to be included on the agenda.

ken stubbs

----- Original Message -----
From: Hollenbeck, Scott <shollenb@netsol.com>
To: 'NSI Registrars List' <registrars@nsiregistry.com>
Sent: Tuesday, August 17, 1999 7:06 AM
Subject: RE: [NSIRegistrars] use of RSA int the USA

> RSA Data Security doesn't have set license fees; they base their fee on
> own analysis of your intended use of their algorithms.  Thus I can't make
> statements about what others may have paid, but our license fee was an
order of
> magnitude less than the $100,000 US figure suggested by Rick.
> Remember, too, that at least one SSL toolkit (TLSGold, sold by SPYRUS)
> a runtime use license for RSA crypto.
> FWIW, if anyone knows of a commercial Certification Authority that issues
> certificates signed using DSA we could provide an alternative to the RSA
> cryptographic algorithm suite.  We did quite a bit of looking and came up
> The technology exists, but the companies we contacted, including Thawte,
> Entrust, and others couldn't make a business case for offering the
> Scott Hollenbeck (mailto:shollenb@netsol.com)
> Network Solutions, Inc.
> -----Original Message-----
> From: owner-registrars@nsiregistry.com
> [mailto:owner-registrars@nsiregistry.com]On Behalf Of Rick H. Wesson
> Sent: Monday, August 16, 1999 8:37 PM
> To: NSI Registrar List
> Subject: [NSIRegistrars] use of RSA int the USA
> The following is *not* legal advice, it my opinion on the use of RSA
> technology in North America and is provided as a public intrest to
> ICANN approved Registrars in North America.
> RSA technology is patented in the USA and the patent is only recognised in
> North America. The patent on RSA requires any company using its technology
> within the North America for commercial purposes to pay RSA a royalty on
> the use of the technology.
> RSA also requires that you purchase their toolkit and you can't use other
> implelemtation of RSA Algorithms not authored by RSA. This means that you
> can't use OpenSSL in the USA, unless you purchase SSL-C from RSA which is
> their licensed version of OpenSSL.
> NSI Requires all registrars to use a RSA based certificate from either
> Thawte or VeriSign. Just because you accuire a Server Certificate from
> either Thawte or VeriSign does not mean that you have the right to use
> the RSA Encription Technology for commercial purposes.
> If you are connectiong to NSI using a Certificate from either Thawte or
> VeriSign and are located in North America and *HAVE NOT* accquired a
> License Agreement from RSA you are probably viloating their patent rights.
> If you are wondering how much a License from RSA costs, I can not get an
> exact figure but, it is probably going to cost your company more than
> $100,000 US.
> If anyone has information contradicting the above please let me know.
> thanks,
> -rick
> ---------
> Participants on the NSI registrars list are requested to not cross-post