[Asterisk-Users] Re: www.openpbx.org
Paul
digium-list at 9ux.com
Sat Oct 8 04:41:48 MST 2005
Mike M wrote:
>On Fri, Oct 07, 2005 at 09:45:53PM -0400, Paul wrote:
>
>
>>Also consider that there are situations where 100% open source is never
>>allowed. Check out visa/mastercard processor certification for a good
>>example. Digium dual licensing availability means I could actually stand
>>a chance of using asterisk as the basis for systems used by military and
>>law enforcement in applications that require extremely high security.
>>
>>
>
>There is a popular vendor of closed source products whose security has been
>compromised often. The security of OpenSSH is well established.
>
>Reading this list iwe learn that the open source version of Asterisk is
>currently being used by military personnel.
>
>Asterisk offers ways for users to implement eavesdropping applications which
>undermines the goal of attaining extremely high security.
>
>Open source is for sharing if that's feasible and closed source is not.
>Dual licensing is for both.
>
>
>
My point was not to argue that closed source enhances security. I was
just pointing out that there are situations where the customer will not
accept open source.
Credit card processing would be a good example. You could design *-based
systems for both the client(merchant) and server(processor) functions
but last I knew visa/mc would not certify open source solutions.
More information about the asterisk-users
mailing list