Liability wrt making pgp available to the campus

[Matthew J Ghio]

Andy Thomas <aethomas at uci.edu> wrote:

> >> Funny thing; last year the computer administrators wouldn't even allow a 
> >> copy of PGP to reside on their systems -- now it is part of their public 
> >> account (student-run officially University unsupported software, usable 
> >> by all). 
> 
> About six months ago I was going to to compile and install pgp in the
> campus software library which is made available to hundreds of systems
> distributed accross the campus.  I decided against it at the time
> becuase I was unsure if anyone (namely the University) would be liable
> for providing the pgp executable to the public without having a
> liscence for the RSA algorithm.  I had pretty much abandoned the idea
> until I saw this post.  If i'm correct, it's the resposibility of the
> user to obtain a liscence which is why pgp is freely available at ftp
> sites without putting the owner of the site at risk.  In this case
> would the University be resposible for aquiring a liscence?  This also
> brings up another question: is there anyone out there using freeware
> pgp who has obtained a RSA licsence so they can use it legally?  Also
> I'm curious if there are there any sysadmins out there that have made
> pgp available to their users?

Well, I went through a similiar situation with CMU, they told someone
(not me) that they wouldn't allow PGP to be in the campus software
library, so I put it in my personal directory and told everyone where to
get it, and they didn't complain.  It's in
/afs/andrew.cmu.edu/usr12/mg5n/pgp/pgp23A.tar.Z