Re: No More Passwords In The Clear in HTTP!

John Franks (john@math.nwu.edu)
Tue, 10 Jan 1995 05:48:47 +0100

In article <199501100038.QAA02915@neon.mcom.com> you write:
>
>This proposal utilizes RSA MD5 encryption. If you have this
>capability, why not go all the way to SSL (or SHTTP)? It would
>make much more sense.
>

I would very much like to put SSL in the WN server unfortunately it
requires a license from RSA. There is no way to pay them money
and still make a free server.

This problem does not occur with MD5. Here is an excerpt from the
copyright notice:

License to copy and use this software is granted provided that it
is identified as the "RSA Data Security, Inc. MD5 Message-Digest
Algorithm" in all material mentioning or referencing this software
or this function.

License is also granted to make and use derivative works provided
that such works are identified as "derived from the RSA Data
Security, Inc. MD5 Message-Digest Algorithm" in all material
mentioning or referencing the derived work.

-- 

John Franks Dept of Math. Northwestern University john@math.nwu.edu