[prev in list] [next in list] [prev in thread] [next in thread] 

List:       mozilla-crypto
Subject:    Re: Crypto
From:       Frank Hecker <frank () collab ! net>
Date:       2000-08-07 14:29:53
[Download RAW message or body]

Frank Hecker wrote:
> The remaining issues with the Mozilla cryptographic work are unrelated
> to U.S. export regulations. First, the code contributed to the Mozilla
> project originally used a proprietary cryptographic library (BSAFE-C
> from RSA Data Security), and needs to be modified to support the use of
> an open source library instead.

Just to clarify (and in case anyone is interested for historical
reasons):

The original Netscape-developed version of NSS (e.g., as incorporated in
Netscape Communicator 4.x) didn't actually use the commercial version of
RSA Security's BSAFE Crypto-C library. Instead the original NSS code
used libraries which were BSAFE-based, derived from the source code to
BSAFE Crypto-C 3.0 with lots of Netscape optimizations added. That's why
to get NSS 3.0 to work with vanilla BSAFE libraries (e.g. the binaries
that RSA Security licenses to non-source customers) required additional
work.

> The iPlanet developers are currently working to extend their open source
> code to include all the additional cryptographic code functionality
> needed, including RSA support once the patent expires.

Some of this work has already been done or is currently in progress
(e.g., adding code for the MPI bignum library and the FIPS 186 PRNG).
Work relating to implementation of the RSA public key algorithm won't
start until after the RSA patent expires in late September. For more
information see the NSS 3.1 product plan:

http://www.mozilla.org/projects/security/pki/nss/plan_3_1.html

Frank
-- 
Frank Hecker            work: http://www.collab.net/
frank@collab.net        home: http://www.hecker.org/

[prev in list] [next in list] [prev in thread] [next in thread]