Re: Intend to split: zmailer and zmailer-ssl
Jason Gunthorpe wrote:
> > It does not link against libssl09 or something like that, but it uses
> > routines found in the OpenSSL software as skeletons for its own
> > implementations.
>
> Several other packages are in a similar boat, CVS calls Kerberous Crypto
> functions, the new OpenLDAP packages call OpenSSL functions, there are
> probably many more.
There is, I think, a difference between calling functions that are
implemented in an external, in this cryptographic, libary, and actually
'simulating' the library's behaviour by implementing the functions yourself
(while using skeletons from the external library). The latter one is what is
done in the new ZMailer sources.
For example, the smtpserver program within ZMailer implements RFC 2487,
"SMTP Service Extension for Secure SMTP over TLS". The abstract of this RFC:
This document describes an extension to the SMTP service that allows an
SMTP server and client to use transport-layer security to provide
private, authenticated communication over the Internet. This gives SMTP
agents the ability to protect some or all of their communications from
eavesdroppers and attackers.
Thus, basically it sets up an encrypted channel for data transport. I don't
think the US govt. does like that, do you?
> Apparently the OpenLDAP people consulted a lawyer and determined they
> could do that, but I've heard that 3rd hand :>
Maybe you could get some clarification on this issue? What exactly did the
lawyer think was legal to do? Calling functions that are implemented in
another (cryptographic) library? I can imagine that.
Again, I'm not sure whether we're allowed to redistribute it from within the
USA. But from what I've read about this stuff, I'm afraid we are not.
Regards,
-Remco
Reply to: