[ssl-users] Re: Sammers eers Theft of Ben lauriesIntellectual

Paul Sutton paul at c2.net
Mon Dec 28 12:45:52 PST 1998



A highly amusing ranting. I'm glad the poster chose to remain anonymous:
they would surely be ashamed to attach their name to such a poorly written
and grossly inaccurate message.

Anonymous writes:
>C2 gots its start by purloining without compensation
>Ben Lauries Apache-SSL patches.... Sameer used these and then

I think one of the greatest acheivements of open source projects in the
last few years has been the acceptance of licensed in the BSD style. These
allow for commercial use of the open source projects with minimal
advertising clauses. This has lead to the acceptance of open source
software as a valid model to create software that both benefits the
community through free availability _and_ generals commercial spinoffs
which themselves lead to a greater acceptance of the underlying free code.

If a particular contributor to a BSD style project has a problem with this
then they are free (in all senses) to start a project using a more
restrictive license, such as the GPL.

>From this comment (and others) it looks like the poster has a
philosophical objection to commercial software. That is fine, and I'm sure
that the poster will have a lot of fun attacking other software vendors.

>had the fucking gall to remove source from apache-ssl

At the time, Verisign would not issue certificates for code available in
source form (this is also why certificates from Verisign were not
available for Apache-SSL). They now issue certificates for programs which
are available in source form (subject to some restrictions, of course).

>for the mod_ssl.c... all was rosy until Ralf releases
>a mod_ssl.c of his design... result??
>C2's business worlwide took a nose dive...(layoffs etc)

I'm not sure that you understand the relationship between the development
of Stronghold, the availablility of mod_ssl, and the employee losses in
the Oakland (US) office. You should also remember that Stronghold is
developed entirely outside the US in the UK office which has been
consistently increasing it size over the same period: it is quite
appropriate for an international cryptography company to arrange its
staffing such that it is not affected by the US export restrictions.

mod_ssl really hasn't been around long enough to have a serious affect on
Stronghold sales. It is also very simplistic to assume that the
availability of the free Apache SSL implementation would cause the
majority of Stronghold customers to switch over: if that were the case,
surely they would now be using Apache-SSL and would not have waited until
mod_ssl was available? There is plenty of room for both free and
commercial SSL servers.

>so now Sameer is trying to coopt Ralf's mod_ssl.c project
>(mark my words if Sameer gets his way the source for future
>verions will NOT be available no matter what he says now...)

This does not make sense. mod_ssl is an independent project: whether or
not Stronghold includes mod_ssl as source or binary would have no effect
on the continuation of the mod_ssl project (in the same way that it makes
no difference to Apache if Stronghold comes with Apache source, or to php
if it comes with PHP source).  things, so it

>I seen it happen once so now when the litte sob trys it
>again I am blowing the whistle...(and retelling history openly)

If you had any validity I don't think you would post anonymously, and you
would explain why your arguments should make sense, since to me they are
highly simplistic and rather lacking in truth.

Paul
--
Paul Sutton, C2Net Europe                    http://www.eu.c2.net/~paul/
Editor, Apache Week .. the latest Apache news http://www.apacheweek.com/






More information about the cypherpunks-legacy mailing list