[1230] in cryptography@c2.net mail archive
Re: Attorneys: RSA patent invalid
daemon@ATHENA.MIT.EDU (Rich Salz)
Tue Jul 22 13:15:57 1997
Date: Tue, 22 Jul 1997 10:40:00 -0400 (EDT)
From: Rich Salz <rsalz@opengroup.org>
To: vin@shore.net, Cryptography@c2.net
Cc: shamrock@netcom.com, PADGETT@hobbes.orl.mmc.com, stewarts@ix.netcom.com,
pguthrie@visa.com
> No change, except when you factor in inflation. I don't know if
> that was "fair" -- although it certainly didn't seem outrageous (and it
> looks like a deal today.) The fact that RSA wouldn't negotiate the terms of
> their licenses was a source of great resentment among the corporate
> negotiators who were used to bullying small suppliers.
I believe one of the major reasons why people dislike RSADSI is
that they never published a price list. For a long time, before they
would quote a price, they wanted to see pricing models and revenue
projections. Even if it was only used to validate what become their
one-price-for-all, it is a circuitous route to get there, and it cost
them significant goodwill amongst the IETF-type Internet development
community.
> (Licensing the implementation code seemed to require the T&Cs to be
> more rigid, for reasons I don't recall.
For example, you can't sell your product in a way that might invalidate
their patents, as I recall.
> Juggernauts like IBM, Microsoft, Sun, etc. doubtless got special
> deals (some, reportedly, unlimited-use licenses on RSA PKC for a one-time
> fee.) Tellingly, almost all of them started with a license for the RSA...
I know for certain that one company you mentioned was able to pay a buyout.
> then, later, came back to RSADSI to negotiate a license for the RSA
> toolkit. And they kept coming back to purchase access to each successive
> enhancement, or new algorithm, or new protocol.
They're emphasizing brand-name recognition now.
> IMNSHO, much of the net's Scriptural Doctrine on the evolution of
> the PKI market vastly underestimated the importance of the RSA toolkits,
> and the successive additions that RSA -- and Rivest himself -- made to the
> generic cryptographic library. (Indeed, it's hard to consider modern
> cryptography without the creativity of Ron Rivest.)
I think Net.Scripture does recognize the importance of RSADSI, and
certainly Rivest himself. I think they do it grudgingly, because many
of the net's scripture-writers dislike IPR and software patents, etc.
> Few are going to quickly buy a cryptographic solution built
> around an untried and untested implementation of any PKC algorithm --
> however appropriate, sturdy, and understood the fundamental math.
It depends on whom your selling to. Joe Sixpack doesn't know RSA from
SSLeay from a whole in his head. He just wants to find the naked babes
on the 'net.
/r$
