Michael C Taylor <mctaylor@nb.sympatico.ca> wrote:

At 05:29 PM 23/07/97 -0700, you wrote:

...

$25K upfront is prohibitively expensive for freeware and for garage-shop programmers. It's a drop in the bucket for a large project such as Netscape that wants to add some security, but in a 3-person-month email widget it's excessive.

On the other hand, it's now possible to license RSAREF for a much more reasonable fee from Concentric; I think it's just per-copy rather than a big up-front hit.

As of March, 1997 Consensus Development (www.consensus.com) stopped licensing RSAREF for a very reasonable amount (~$200 US + 2-3% range I think it was??)

Consensus' "SSL Plus" toolkit requires licensee to also license BSAFE from RSADSI.

Maybe too many people were using commerical RSAREF licenses rather than the BSAFE toolkit.

In truth, issues surrounding the functionality and licensing requirements of RSAREF meant that it wasn't a sustainable business for us, so we decided to return the rights to RSA. The license fee was no upfront + 5%. While the upfront was cheap, the percentage was significantly higher than what can be negotiated for BSAFE from RSA. This, plus the limited functionality of the RSAREF toolkit (both technically and due to license restrictions), meant that most customers preferred to just get BSAFE. This limited commercial demand is the same reason why we currently don't support RSAREF in SSL Plus. Please cc me on any responses, as I don't read Cypherpunks any more. (I found this posting on Bob Hettinga's e$pam). - Tim Tim Dierks - timd@consensus.com - www.consensus.com Software Haruspex - Consensus Development Developer of SSL Plus: SSL 3.0 Integration Suite