[1485] in cryptography@c2.net mail archive
Re: Netscape SSL Patent
daemon@ATHENA.MIT.EDU (Steven Bellovin)
Mon Sep 15 14:19:52 1997
To: Adam Shostack <adam@homeport.org>
cc: 3umoelle@informatik.uni-hamburg.de (Ulf =?iso-8859-1?Q?M=F6ller?=),
cryptography@c2.net
Date: Sat, 13 Sep 1997 19:47:06 -0400
From: Steven Bellovin <smb@research.att.com>
Since this was Hickman & ElGamal's work, does the fact that flaws in
the system required a protocol rewrite mean anything?
Probably not, though that might depend on what's in the text of the
patent.
Also, what does this do to the IETF TLS work, and was the IETF
notified of this by Netscape?
The IAB and IESG are aware of the patent the same way everyone else is --
by all this email that's floating around... There was no official
notification that I know of, but the question is going to be discussed.
The relevant policy on patented ideas is specified in RFC 2026.
Briefly, contributors to the IETF standards process -- including,
I should think, TLS -- are obligated to disclose any patents they're
aware of that bear on the material:
6. The contributor represents that he has disclosed the existence of
any proprietary or intellectual property rights in the
contribution that are reasonably and personally known to the
contributor. The contributor does not represent that he
personally knows of all potentially pertinent proprietary and
intellectual property rights owned or claimed by the organization
he represents (if any) or third parties.
What happens here is not clear; it may depend on what Netscape plans on
doing with the patent. We'll have to talk to them.
Speaking for myself and not for the IAB,
--Steve Bellovin
