On Fri, 7 Jul 2000, Benjamin Scott wrote:
> On Fri, 7 Jul 2000, Jeffry Smith wrote:
> >> I thought that, at this point, all of the issues with the RSA pattents had
> >> been resolved by introduction of SSH V2 support?
> >
> > While V2 supports more protocals, RSA claims patent protection over
> > all public-private key algorithms.
>
> Hmmm. According to http://www.openssh.com/goals.html:
>
> > [SSH] Protocol 2 was invented to avoid the patent issues regarding RSA,
> > and to fix the CRC data integrity problem that SSH1 has. By using the
> > asymmetric DSA and DH algorithms, protocol 2 avoids all patents.
>
> Not that I really care much about RSA's patent, but this made me feel better
> when I upgraded to OpenSSH V2. Now I'm feeling confused.
>
Quick check of RSA's web site led me to:
http://www.rsasecurity.com/rsalabs/faq/6-3-5.html
The patent on all public key encryption has expired, so we're safe
from that. The RSA implementation patent is still around for a few
months. Even worse, they may be moving into the up and coming field
of elliptical cryptography:
http://www.rsasecurity.com/news/pr/990407.html
Don't know what the effect of conversion between systems is, but given
their past record, we'll see. The good news is that NIST is requiring
that AES (when chosen) be openly available:
NIST reminds all interested parties that the adoption of AES is being
conducted as an open standards-setting activity. Specifically, NIST
has requested that all interested parties identify to NIST any patents
or inventions that may be required for the use of AES. NIST hereby
gives public notice that it may seek redress under the antitrust laws
of the United States against any party in the future who might seek to
exercise patent rights against any user of AES that have not been
disclosed to NIST in response to this request for information
(from http://csrc.nist.gov/encryption/aes/)
And from RSA's page on their submission
(http://www.rsasecurity.com/rsalabs/aes/rc6_patent.html):
RSA will not require licensing or royalty payments for the
manufacture, use, or sale of products utilizing the algorithm
selected as the AES, which conform with the AES, on the
basis of any patents that RSA may hold that could be deemed
to cover the selected algorithm. However, RSA may require
appropriate notices acknowledging RSA's ownership of such patents.
jeff
------------------------------------------------------------------------
Jeffry Smith Technical Sales Consultant Mission Critical Linux
[EMAIL PROTECTED] phone:603.930.9379 fax:978.446.9470
------------------------------------------------------------------------
Thought for today: "Here at the Phone Company, we serve all kinds of people; from
Presidents and Kings to the scum of the earth ..."
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
