RSA Released Into The Public Domain 203
Legolas-Greenleaf writes "According to the this news release on RSA Security's website, the RSA algorithm was released into the public domain today (September 6th, 2000). This is in advance of their US patent expiring on the 20th. There is some more information in their RSA FAQ."
RSA BSAFE software? (Score:1)
Re:big deal (Score:3)
Wow! Two weeks early! (Score:1)
Edward Burr
Re:Ogg Vorbis is not particularly good... (Score:2)
Cos right after the beta announcement, I got sound quality comparable to MP3, at the same encoding rate.
That's across my entire music collection, much of which is the 'nightmare' scenario - acappella, or simple acoustic perfromances.
Yes, it takes a long time. That is true. No one has ever tried to deny that. It takes about 10 times longer than MP3 to encode, and about twice as much porcessor power as MP3 to decode. Or, 6% in my case.
This is totally unoptimised code. The bleeding edge CVS is starting to optimise, so watch the processor use tumble.
This is what's supposed to happen (Score:2)
Second, RSA got their 17 years of exclusivity, and now it's public domain. That's how patents work. It took a long time to build a business on the technology. I visited RSA around ten years ago, when they had a tiny suite of offices in Redwood City, no significant customer base, and a hard-to-use product for DOS.
Third, now that it's finally out there, it's time for the open-source community to get it into standard electronic mail. Now that PGP has been discovered to have a backdoor, that's not the way to go.
Re:That's Probably Why They Did This (Score:1)
But yes, I do expect similar moves from Unisys when their LZW patent(s) come close to expiring time. Maybe they'll force their managerial staff to cut out those ridiculous upward-pointing cones of hair from the side of their heads, too.
Maybe the MPAA can use RSA instead of CSS (Score:2)
Hell, it worked for millions of PGP users, even with the ADK bug.
Re:So how will this affect us? (Score:1)
Re:Symbolism and significance. (Score:1)
Nothing was left out (not that, anyway) (Score:1)
Re:Why should copyrights last longer than patents? (Score:1)
stream for Donald Duck et al, and lobbyed
for an extension
--
Re:If only Fraunhaufer would do the same. (Score:1)
Still can't change details in Winamp but that is a plugin functionality thing rather than an ogg problem.
The only downer, for me, is that playback takes about 10%-15% processor time - my computer: Celeron 300a@450, W2K. OGG bitrate: VBR based around 192kbits. This is just enough of a hit to make Quake3 jerky
<O O>
( \/ )
X X
Um, that is what patent law is FOR (Score:2)
You were allowed to look at it. You were supposed to look at it. But you were not supposed to use it without paying RSA until the patent expires or they say you can.
They just said you can.
Cheers,
Ben
Re:RSA and GPG (Score:1)
What about EL Gamal's problem with choosing the same 'k' twice?
Re:Can't "re-patent" a twist... (Score:2)
"Creative" has a very specific legal/wording meaning to the US Patent Office, which often seems to be much different than what a common, ordinary layperson would consider "creative".
I've been watching some companies get new patents solely by using feedback from the Patent Office about why a particular patent was not "creative" to change the wording of their patent so it became "creative" - all w/o actually attempting to even make a prototype or a design based on the ideas in the patent.
Ah, yes... (Score:1)
IDEA is not free. (Score:2)
Some ciphers are free but weak, some are free, strong, and slow (Triple DES), while IDEA is faster, strong, but covered by it's own patent (Patent 5,214,703), no connection to RSA...
So the answer to your question is, NO, not if you include IDEA. Details (in german) [ascom.ch].
Re:RSA and GPG (Score:1)
PGP key which was generated 5 years ago
with RSA algorithm. I am using it in several
places and do not really want to have new key
generated.
I hope this news will allow me to use my old
PGP key in GPG.
Re:So many questions... (Score:3)
A single RSA key can be used for both signing and encryption (thought he wisdom of this is debatable).
RSA keys are far smaller than DH-EG ones.
RSA signature verification (the most commonly performed operation in the real world) is far faster than DSA.
RSA is far more widely deployed than DSA and especially DH-EG.
Branding (Score:2)
Re:Brilliant news! (Score:1)
That's Probably Why They Did This (Score:2)
Re:How magnanimous. (Score:1)
If he did, he would win that million dollar prize that was posted on
Plus, with quantum computing moving along, all (most) security will be obsolete.
Ed
The alternative outcome (Score:1)
They hope that with legal backing they can extend the patent on their algorithm indefinitely. Also they have found (looking back at their patent) that they own all public key cryptography patents and anyone infringing on them will be forced to pay up. Anyone refusing will be struck down - i'm told adi shamir is quite hot with a minigun
Re:Oooh i'll finally be able to look at the algori (Score:1)
Uhh, dude, that's what a patent is - when you patent it, you are forced to reveal it to the public.
Patents just make sure that no one else is allowed to make a product based on the idea unless you let them.
--
Re:If only Fraunhaufer would do the same. (Score:1)
Apostrophe shy... (Score:1)
great! but... (Score:1)
Wow, that's so very big of them... (Score:1)
Bah.
Setting aside one's beliefs on the idea behind being able to get a patent on math, there's the underlying assumption from RSA (the company) that we should be grateful because they've deigned to surrender their oh-so-valuable intellectual property after extracting only 99.77% of the life of the patent. Don't do me any favors, guys -- I'll find my own algorithms.
The question still stands... (Score:1)
This is why C2Net was acquired by Red Hat, too. (Score:2)
Re:Ogg Vorbis is not particularly good... (Score:2)
Now, I'll grant you this is a bit unscientific (hell, it's not even in the same ballpark with "scientific"), but it seems to me that the Vorbis guys have done a hell of a job thusfar, even considering the format and tools are still "beta." If there were a little better support for comment tags in the player tools, I would probably be switching everything over from MP3 to OGG format right now...
Eric
--
Re:Brilliant news! (Score:1)
Big Problems Ahead (Score:2)
RSA Security Releases RSA Encryption Algorithm into Public Domain
"c = me mod n" Made Available Two Weeks Early
This basically says "We patented this equation". The whole fiasco surrounding software and business patents is going to get really ugly. At some point the ridiculousness of these kinds of patents will become obvious, even to the many judges in the US that have their heads planted firmly up their rectums. If we could get the politicians to get their hands out of the lobyists' pockets things would move along even faster.
Oh, yeah, I almost forgot:
2 + 2 = 4
patent pending
And boy, are you all gonna pay for using that. Anyone who has ever said that without getting a license from me will be really sorry.
Re: you left something out ... (Score:3)
From http://www.vi s.caltech.edu/~pz/letters-from-the-front/bill-gat
"The obvious mathematical breakthrough would be development of an easy way to factor large prime numbers." (Bill Gates, The Road Ahead, Viking Penguin (1995), p. 265.)
--
Re:Public Domain? What's the angle here? (Score:2)
Well, it certainly made my day.
And your hypothesis about meta moderating seems to work. This post is interesting. ;^)
-legolas
i've looked at love from both sides now. from win and lose, and still somehow...
Re:Stronghold (Score:2)
I guess I can run Apache/SSL on our backup server now; this is excellent news, even though we all knew it was coming.
What happens to the RSA firm? Do they more or less go out of business now that they have nothing to sell?
D
----
RSA vs El Gamal (Score:3)
Insofar as keysize goes, 2048 bits is plenty sufficient for every attack we can foresee. If you want to be truly paranoid, go for 3072 bits; even with quantum computation, it's still as hard as RSA-1536.
Personally, I don't think RSA is ever going to be cracked by brute force--so this trend among the cryptoparanoid towards larger and larger keys is somewhat silly. I think it's far more likely that either (a) a general solution to the factorization problem will be discovered which runs in polynomial time, utterly destroying RSA, or (b) an attack against RSA will be discovered which does not depend on factorization.
Remember that the integer factorization problem has never been proven to be difficult, only conjectured to be so--and as time goes on, it gets less and less difficult. More than that, while RSA is built on the integer factorization problem, nobody has ever proved that you need to factor very large numbers in order to break RSA.
My money is on El Gamal--it seems to be built on stronger mathematical foundations.
Re:Symbolism and significance. (Score:2)
Paging Grammar Nazi, paging Grammar Nazi... (Score:2)
The first "question" is "The patent expiration will allow more developers to create secure applications, making the electronic world a more secure place?"
The only answers you can give are "True" and "False". What I want is a "That's neither a question nor a true/false statement!" link, ala Slashdot polls...
Change party dates (Score:2)
But this is good news that RSA isn't going to try any kind of tricks to extend their patent or somehow deny us this very valuable algorithm. Expect to see some good implementations of RSA being released into the wild in the next few hours/days.
the AC
Re:We need key escrow (Score:2)
Now I'm all in favour of the 'contempt of court' laws, but hang on a minute here...
Further, and more in-depth commentary can be found at Stand.org.uk [stand.org.uk] for those who are interested.
Craig.
WoooHoooo! (Score:2)
You know what this means don't you? I can compile in SSL support for commerical use into Apache and not have to pay C2 (the makers of stronghold) $1000 a license key!
$45 (or is it 90?) for the Server cert and you have a commerical proffesinal SSL server. If you want to use buzzwords "Ecommerce solution for $45 a year"!
RSA and GPG (Score:2)
My question is, how long before this is incorporated into GPG? Of course, the obvious answer is 'as quickly as you can write it yourself' :-).
As far as I know, RSA is more secure than both El Gamal, and DSA, the algorithms currently used for encryption and signing in GPG. In fact, I believe El Gamal becomes horribly insecure if the same random number is used twice when running the algorithm. Also, RSA supports longer key lengths than DSA.
I want to create myself a big, 4-8k bit RSA root signing key scheduled to expire in 10 years, and then at 2 year intervals replace my main signing and encryption keys with new ones signed by the big RSA root key.
I know how RSA works, but not how to generate the large random primes that are required for a big key.
Re:Brilliant news! (Score:2)
At least they didn't try to extend the patent by tricking the patent office. For instance, "c = me mod n" is the formula for RSA. So they patented that formula back in 1983, then in 1985 they could have patented the formula "me = c mod n". Mathematically the same formula of course, but that's ok. The patent office will let you patent a formula or algorithm that has already been patented, as long as patent is worded differently enough that the monkey who rubber-stamps patents doesn't notice. The comp.compression FAQ has a section on patents [faqs.org], which has several patents for identical compression algorithms that the patent office rubber-stamp monkey didn't notice.
They could just make up a new patent every year. Like "Using RSA to exchange DES keys", then "Using RSA to exchange IDEA keys", "Using RSA to exchange keys over computers connected by telecommunication lines", "Using RSA to exchange keys over the internet", "Using RSA to exchange keys between web browsers". They could probably keep this up for as long as they wanted.
Factoring n into p and q (Score:2)
http://www.rsasecurity.com/rsalab s/faq/2-3-4.html [rsasecurity.com]
Also, http://www.rsasecurity.com/rsalab s/faq/2-3-5.html [rsasecurity.com] has some good info about what the future holds for factoring.
----
Re:Ogg Vorbis is not particularly good... (Score:2)
I will make the point that I'm listening with Sony MDR-V6 studio headphones, not tinny little speakers.
Perhaps it was just the implementation, like I said. But I want something good today, not in 3 years.
WMA takes about twice as long to encode as MP3 does, but one receives a benefit... it sounds much much better at lower bit rate. i.e. in my experience WMA at 160kbps is equivalant to MP3 at around 256kbps.
The inconvenience of spending $30 on a MP3 encoder is far less of a cost than spending 10 times the computing cycles trying to encode your CD's on a format which is free. I'd rather spend the money and get something that's quality and easy to use than frustrate myself with a freebie.
The inconvenience of a license is far less painful than poor quality software.
Re:Change party dates (Score:2)
Re:Symbolism and significance. (Score:2)
This is what patents are for! (Score:3)
There has been so much discussion against the issuing and abuse of patent and trademark law; occasionally we should applaud those who do it right. The RSA has handled their patent beautifully while making good business decisions.
My hat is off to them.
Coincidence is the Superstition of Science
Re:RSA BSAFE software? (Score:2)
Well, OpenSSL [openssl.org] and ModSSL are both based on SSLeay & both contain RSA algorithms. That's why it's recommended that if you're in the US and using OpenSSL, you disable RSA (and IDEA) ciphers during config. It's in the FAQ. [openssl.org]
.ogg won't let me put my band's music on Napster. (Score:2)
Why not ignore .mp3 and use .ogg for your encoding?
Even though there is a common Winamp plugin (from vorbis.com) to play .ogg files of my band's music, the Napster client does not recognize .ogg. But there's a workaround [tripod.com], right?
<O
( \
XGNOME vs. KDE: the game! [8m.com]
Wanted: Free RSAREF-compatible software (Score:2)
Now that the RSA algorithm is no longer patented, anybody can write a compatible implementation that doesn't have the license restrictions (no export to foreigners, limited access to functions without special permission etc.)
I'd like to see a free software version - either public domain, Library GPL, BSD, Artistic license, whatever. Who's first?
factoring n into p and q (Score:3)
For more info on what easy and difficult really mean, read up on Big-O notation (i.e. O(n) is linear running time, O(2^n) is exponential growth) and NP completeness.
Factoring:
Well, of course, you can brute force p and check to see whether you get an integer q. If you're using large primes (300 digits or so) for p and q, prepare to be long dead before you get q with our current computing.
I won't go into detail, but here are some popular factoring methods for you to look for, and a link:
Pollard Rho method
Pollard P-1 method
ECM (Elliptic Curve method)
Multiple Polynomial Quadratic Sieve (MPQS)
According to the link below, "The best general-purpose factoring algorithm today is the Number Field Sieve"(NFS)
For more info including Big-O notation (i.e. an idea of how fast the algorithms work as the size of n increases), check out:
http://www.rsasecurity.com/rsalab s/faq/2-3-4.html [rsasecurity.com]
Re:Can't "re-patent" a twist... (Score:2)
The patent is not on the manifestation of the idea. The patent is on the idea itself.
-----------
"You can't shake the Devil's hand and say you're only kidding."
According to this - it did (Score:2)
"The Regulation of Investigatory Powers (RIP) Bill was introduced in the House of Commons on 9th February 2000 and completed its Parliamentary passage on 26 July. The Bill received Royal Assent on 28 July. "
Re:how RSA works (Score:2)
Re:RSA and GPG (Score:2)
If you're paranoid about it then keep a list of used Ks and don't reuse them. Really, it's not a problem though, you're far far more likely to pick a poor IDEA or 3DES key if you're using something like GPG or PGP.
Re:RSA and GPG (Score:2)
It misses Carmicheal numbers. It does work correctly for Mersenne numbers, you should avoid those for other obvious reasons though.
Re:No more problems with SSL security in US :-)))) (Score:2)
Re:If only Fraunhaufer would do the same. (Score:2)
It's better (arguably) than mp3 anyway.
http://vorbis.com
Took me a second (Score:2)
And the sad thing was that it made sense, too.
Re:RSA and GPG (Score:2)
See this comment [slashdot.org].
Re:Can't "re-patent" a twist... (Score:2)
Said companies in my example isn't being REALLY creative - they're just juggling words in their patent until they meet the Patent Office's definition of "creative" (which has more to do with semantic minutea & overloaded claims inspectors than real creativity).
Re:Public Domain? What's the angle here? (Score:2)
Re:Hmm... (Score:2)
Their encryption is so strong that typing "Digital:Convergence" into your browser's Address/Location field will fail to search for them.
Re:So how will this affect us? (Score:2)
IIRC, they also applied for patents in Great Britain, Germany, France and maybe another. Other countries were "off the hook", but products using the algorithm could not be exported to countries where the patent was in effect.
eh? (Score:2)
The details of RSA was published before it was patented, and it was not funded by RSA in the first place.
Also, it seems to me that it's a discovery and not an invention.
Sounds more like a classic abuse of the whole concept of patents to me.
To add insult to injury, they didn't even write a decent implementation of it.
how RSA works (Score:5)
Note: I took this from a document that I wrote for my students, so this is how I personally had them implement RSA, NOT how RSA is really done in real life. But the basic premise of key generation is the same.
Background math: gcd is greatest common divisor. mod means modular arithmetic.
To generate your personal key:
1. Generate two prime numbers, p and q.
2. Calculate n = p*q.
2. Calculate phi(n) = (p-1)(q-1).
3. Pick a public key b where 0<b<phi(n) and gcd(b,phi(n))=1.
4. Calculate the private key a such that a=b^-1 mod phi(n) (multiplicative inverse). Make sure pub is less than phi(n), gcd(phi(n),b)=1, and a>0.
5. n and the public key can be published in a directory. Keep the private key secret.
To crack a key given n and the public key b:
1. Factor n into p and q.
2. Calculate phi(n) = (p-1)(q-1).
3. Calculate the private key; it's a=b^-1 mod phi(n).
To encrypt code, translate from an array of characters to numbers.
let a=0
abc = 0*26*26 + 1*26 + 2 = 28
dog = 3*26*26 + 14*26 + 6 = 2398
cat = 2*26*26 + 0*26 + 19 = 1371
zzz = 25*26*26 + 25*26 + 25 = 17575
Call chunks of text converted to numbers m (for message). Compute m^b mod n. Each of these numbers go on separate lines in the file.
To decrypt code, do the process in reverse. Call the encrypted message m. Compute m^a mod n. Then you can convert from unencrypted numbers back into plaintext.
You can also do a double encryption (digital signature) by taking already encrypted code and encrypting those numbers. Suppose Alice wants to send a message to Bob which only Bob can decrypt and Bob knows can only have come from Alice. Alice uses her own private key to encrypt the message. Then she applies Bob's public key and gives the file to Bob. Bob takes the file and applies his private key to it, and then Alice's public key, leaving him with the plaintext. This ensures that Alice sent the message and only Bob can decode it.
Oh man, this screws up all my party plans! (Score:2)
Well, it's nice to know they didn't fight it (they'll probably go down in the history books as having voluntarily released it!) with other patents and nonsense like that.
But now what am I going to be partying for on the 20th? The two-week anniversary?
How magnanimous. (Score:2)
I still view it as mathematics, however, and thus not "a device" for anything.
Or...
Does this mean that "A" has finally found a NP-space P-time inverse, and the whole algorithm becomes no more than a toy!
FatPhil
Re:So many questions... (Score:2)
(Btw, moderators, as of while I'm writing this, it's not redundant AFAIK).
Smart Move (Score:2)
Re:Symbolism and significance. (Score:2)
Ogg Vorbis is not particularly good... (Score:2)
I tried to encode something using the
What I found was:
- It took an incredibly long time.
- It sounded incredibly bad, even worse than MP3
Granted, it'll probably improve. But I'm a big fan of using stuff that works well today. The inconvenience to me of using a licensed format like MP3 or WMA is incredibly small. When compared to the inconvenience of using a pre-alpha poorly implemented format like OGG, what's the point?
Re:Public Domain? What's the angle here? (Score:3)
So much misinformation has been spread recently regarding the expiration of the RSA algorithm patent that the company wanted to create an opportunity to state the facts. RSA Security's commercialization of the RSA patent helped create an entire industry of highly secure, interoperable products that are the foundation of the worldwide online economy. Releasing the RSA algorithm into the public domain now is a symbolic next step in the evolution of this market, as it will help cement the position of RSA encryption as the standard in all categories of wired and wireless applications and devices. RSA Security intends to continue to offer the world's premier implementation of the RSA algorithm and all other relevant encryption technologies in our RSA BSAFE software solutions and remains confident in our leadership in the encryption market.
That's why they made an FAQ. For Frequently Asked Questions.
-legolas
i've looked at love from both sides now. from win and lose, and still somehow...
Finally! (Score:2)
Re:Can't "re-patent" a twist... (Score:2)
-----------
"You can't shake the Devil's hand and say you're only kidding."
Decimal points in patent law? No. (Score:2)
I would love it if a new legal finding was made that US Patent Law had to be reinterpreted because the original specification had a faded decimal point - that the intent was to provide patents for 1.7 years instead of 17 years.
Not likely. Back when the original patent law was passed setting the "limited times," decimal for years was not common. The patent law drafters would have written "one (1) year and 255 days" were that their intent.
"limited times" in the Constitutional clause authorizing patents and copyrights has a huge loophole [8m.com].<O
( \
XGNOME vs. KDE: the game! [8m.com]
Just an excuse (Score:2)
Re:RSA and GPG (Score:2)
http://www.utm.edu/research/primes/
has loads of info on primes and pseudo-primes.
I recommend "primeform" and its successor "pfgw" as a generator of strong pseudo-primes (SPRPs) as you can chose what form they have:
e.g. if I wawnted a 4000 bit key I could ask
For n=1 to 1000
For k=1 to 2^16-1 step 2
Is 2^4000 + 5614*n*n + k prime?
And just wait a few seconds.
You have pretty much absolute freedom over the expression you try, so you can even feed it a 1000bit random number and ask it top find the next SPRP after that number.
Primeform has its own forum on egroups:
http://www.egroups.com/group/primeform
FatPhil
(a top 20 producer of titanic primes)
Re:So many questions... (Score:2)
GPG supports plugins and there has been one available for RSA for quite some time now. You can get it from here [ftp.guug.de] for example. Compilation instructions are included. Just ignore the legal shit at the beginning.
I've been using it already. I don't care about the patent: algorithms are not patentable in Europe, and RSA Security hasn't even tried to apply for it here.
Re:Great! (Score:2)
Wait! (Score:4)
Symbolism and significance. (Score:5)
This means that I can now legally use a little SSH program I found for Windows, and I needn't have any qualms about infringement. While I may not have been too concerned for myself at home, I haven't used the program at work (a public school system), since companies love finding licensing problems in public institutions.
Anyway, to me, releasing RSA early is like getting one of those little gold stars on the poster in grade school. It may not have any significant impact on anything at all, but it does make you feel like there's just a little good in there.
Oooh i'll finally be able to look at the algorithm (Score:2)
Second year univeristy maths touched on it and it came into my computing course as well.
It's not like they are releasing the worlds best kept secret.
On the other hand they should be applauded for not behaving like complete twats with their algorithm, ala MPAA
Re:We need key escrow (Score:2)
Trolls eat shit
You are feeding a troll
errr ..... you said it, brother, not me.
Re:So many questions... (Score:2)
But suppose you have an evil adversary who can screw with your RNG, perhaps for only a limited time. If he compromises it for a few messages that encrypt a random session key with RSA, he's only cracked those few messages. If he compromises it for a couple of messages encrypted with ElGamal, he's got your private key for every message until you retire it.
A very remote possibility for most people, of course. But it makes me uneasy.
Re:Wait! (Score:3)
You can feed the fish to the crackers, and then tell them:
"Dudes, sorry about this, now go home and crack the NASA site or something".
Oh, you meant crackers as in cookies! Silly me...
Re:RSA and GPG (Score:2)
if p is prime them for some a You can prove that the reverse is usually true, if a**(p-1) mod p = 1 then p is prime "most, but not all of the time"
So you pick out 100 or 200 values for a. And if the second part is only 50% true (ie: if it equals one then there is a 50% chance the p is prime) then after doing this 100 or 200 times for a bunch of different values of a you end up with a pretty good odds that p is prime. 50% ** 100 (or 200) is your error and that's pretty small.
As for RSA being more secure than El Gamal, I believe is has been shown that ElGamal is at least as secure as RSA and a lot of people believe it to be more secure. DSA on the other hand is really just a way of applying ElGamal and so it has some key size restraints to comply with a standard. Don't use DSA if you're not happy with the key length, sign with ElGamal and pick as big a modulus as you want.
Re:Public domain for algorithm, no code (Score:2)
Just shouting 'open source this' at everything won't necessarily get you moderated up...
the d00d
you left something out ... (Score:3)
Refresh my memory, how do you factor n into p and q again?
:)
Public domain is better than expired (Score:4)
In any case, my guess is that RSA has patented *around* the original patent, covering such twists as public key encryption over e-mail, etc. and those patents will most likely extend for the next couple of years.
Karen
Re:Brilliant news! (Score:2)
How?
So many questions... (Score:2)
The central advantage of GnuPG and SSH protocol version 2 (as far as I can tell) is simply that they don't use patent-encumbered algorithms, and RSA is "the big one" in that category. Of necessity, the free world has moved on to DSA and ElGamal, but do they have any technical (non-political) advantage?
I'm particularly intrigued by the fact that if you're using ElGamal and for whatever dumb reason (bad RNG or just wild luck) you choose the same k twice, you give away your private key. Do any of the popular cryptosystems keep track of used ks to make sure they don't repeat, or do they just rely on probability? Does RSA have any comparable weakness?
Wrong, yourself (Score:2)
However, while the initial act of making might have infringed, acts occurring subequent to the date of expiration of the patent (or, as in this case, the date of dedication) making, using or selling is not actionable. The devil is in the details of course, but users subsequent to the term of the patent are not likely to be liable for infringement.
So how will this affect us? (Score:4)
Re:Actually (Score:2)
Stronghold (Score:2)
The real Threed's
--Threed
Public relations (Score:2)
What they hope to do is further establish their namebrand as the standard in encryption technology.
Of course, now openssh/openssl will get wrapped in so many open source projects it will get silly fast. For example, I bet it takes about 1 day for Mozilla to incorporate openssl in its default build.
This move marks a large step forward for open source secure products.