Symposium briefing includes details on BSAFE-C ordering
continues to expand the range of Internet software available to its
e3000 development community. A middleware briefing at this
years 3000 Solutions Symposium showed how new security options
have been added to the platforms toolbelt.
Alvina Nishimoto, the R&D manager for the Internet and
Interoperability team in the HP e3000 division (CSY), told attendees
they can order the BSAFE-C SSL software kit from RSA a
purchase that will come from Australia to comply with US export
was the first vendor to make use of the RSA software for the 3000.
The forthcoming Secure Apache Web Server, shipping in May, makes use
of the BSAFE-C kit.
It gives you the full crypto-C library and PKI
service, Nishimoto said. Its actually an Australian
product, and to get this product you call Australia to get around the
[US] export restrictions. Since its created in Australia, that
makes it an Australian product. The Australian government gave
HP permission to have the US version of the product ported to the HP
3000, but still classified as an Australian product.
RSA sells the BSAFE-C kit for the e3000, not HP, Nishimoto
explained. The software can be used to do tasks such as secure file
transfers over the Internet using FTP or secure log-ons, employing
128-bit encryption. Its a library that lets you get to
the crypto and PKI capabilities, Nishimoto said.
She also added that HP has worked out a discount on the
software for the Independent Software Vendors registered in its
Solution Provider Program. The special pricing ends in September.
The pricing on this can be fairly expensive for security
products that [ISVs] may want to build around it, Nishimoto
said. If you are a regular customer, its not as
export laws will remain in force for any applications created with
the RSA kit, Nishimoto explained. Once you take this software
and create something with it, you have created something that is a US
product if your company is based in the US, she said.
Even though you can get it very easily, it still requires you
to get clearance from the US government [to deploy software outside
the US]. Thats much easier than it used to be, but as soon as
you touch it for commercial use and youre a US company, it
becomes subject to US laws.Ann Livermore.