Copyright (C) <years>, RSA Data Security, Inc. Created <year>. All rights reserved. License to copy and use this software is granted provided that it is identified as the "RSA Data Security, Inc. MD<id> Message-Digest Algorithm" in all material mentioning or referencing this software or this function. License is also granted to make and use derivative works provided that such works are identified as "derived from the RSA Data Security, Inc. MD<id> Message-Digest Algorithm" in all material mentioning or referencing the derived work. RSA Data Security, Inc. makes no representations concerning either the merchantability of this software or the suitability of this software for any particular purpose. It is provided "as is" without express or implied warranty of any kind. These notices must be retained in any copies of any part of this documentation and/or software. ---------------------------------------------------------------------- http://www.ietf.org/ietf-ftp/IPR/RSA-MD-all The following was recevied Fenbruary 23,2000 From: "Linn, John" <jlinn@rsasecurity.com> February 19, 2000 The purpose of this memo is to clarify the status of intellectual property rights asserted by RSA Security Inc. ("RSA") in the MD2, MD4 and MD5 message-digest algorithms, which are documented in RFC-1319, RFC-1320, and RFC-1321 respectively. Implementations of these message-digest algorithms, including implementations derived from the reference C code in RFC-1319, RFC-1320, and RFC-1321, may be made, used, and sold without license from RSA for any purpose. No rights other than the ones explicitly set forth above are granted. Further, although RSA grants rights to implement certain algorithms as defined by identified RFCs, including implementations derived from the reference C code in those RFCs, no right to use, copy, sell, or distribute any other implementations of the MD2, MD4, or MD5 message-digest algorithms created, implemented, or distributed by RSA is hereby granted by implication, estoppel, or otherwise. Parties interested in licensing security components and toolkits written by RSA should contact the company to discuss receiving a license. All other questions should be directed to Margaret K. Seif, General Counsel, RSA Security Inc., 36 Crosby Drive, Bedford, Massachusetts 01730. Implementations of the MD2, MD4, or MD5 algorithms may be subject to United States laws and regulations controlling the export of technical data, computer software, laboratory prototypes and other commodities (including the Arms Export Control Act, as amended, and the Export Administration Act of 1970). The transfer of certain technical data and commodities may require a license from the cognizant agency of the United States Government. RSA neither represents that a license shall not be required for a particular implementation nor that, if required, one shall be issued. DISCLAIMER: RSA MAKES NO REPRESENTATIONS AND EXTENDS NO WARRANTIES OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, VALIDITY OF INTELLECTUAL PROPERTY RIGHTS, ISSUED OR PENDING, OR THE ABSENCE OF LATENT OR OTHER DEFECTS, WHETHER OR NOT DISCOVERABLE, IN CONNECTION WITH THE MD2, MD4, OR MD5 ALGORITHMS. NOTHING IN THIS GRANT OF RIGHTS SHALL BE CONSTRUED AS A REPRESENTATION OR WARRANTY GIVEN BY RSA THAT THE IMPLEMENTATION OF THE ALGORITHM WILL NOT INFRINGE THE INTELLECTUAL PROPERTY RIGHTS OF ANY THIRD PARTY. IN NO EVENT SHALL RSA, ITS TRUSTEES, DIRECTORS, OFFICERS, EMPLOYEES, PARENTS AND AFFILIATES BE LIABLE FOR INCIDENTAL OR CONSEQUENTIAL DAMAGES OF ANY KIND RESULTING FROM IMPLEMENTATION OF THIS ALGORITHM, INCLUDING ECONOMIC DAMAGE OR INJURY TO PROPERTY AND LOST PROFITS, REGARDLESS OF WHETHER RSA SHALL BE ADVISED, SHALL HAVE OTHER REASON TO KNOW, OR IN FACT SHALL KNOW OF THE POSSIBILITY OF SUCH INJURY OR DAMAGE.