[Asterisk-Users] Re: www.openpbx.org

Paul digium-list at 9ux.com
Sat Oct 8 04:41:48 MST 2005


Mike M wrote:

>On Fri, Oct 07, 2005 at 09:45:53PM -0400, Paul wrote:
>  
>
>>Also consider that there are situations where 100% open source is never 
>>allowed. Check out visa/mastercard processor certification for a good 
>>example. Digium dual licensing availability means I could actually stand 
>>a chance of using asterisk as the basis for systems used by military and 
>>law enforcement in applications that require extremely high security.
>>    
>>
>
>There is a popular vendor of closed source products whose security has been 
>compromised often. The security of OpenSSH is well established. 
>
>Reading this list iwe learn that the open source version of Asterisk is 
>currently being used by military personnel.
>
>Asterisk offers ways for users to implement eavesdropping applications which
>undermines the goal of attaining extremely high security.
>
>Open source is for sharing if that's feasible and closed source is not.
>Dual licensing is for both.
>
>  
>
My point was not to argue that closed source enhances security. I was 
just pointing out that there are situations where the customer will not 
accept open source.

Credit card processing would be a good example. You could design *-based 
systems for both the client(merchant) and server(processor) functions 
but last I knew visa/mc would not certify open source solutions.




More information about the asterisk-users mailing list