[1489] in cryptography@c2.net mail archive
Re: Netscape SSL Patent
daemon@ATHENA.MIT.EDU (Tatu Ylonen)
Mon Sep 15 14:28:50 1997
Date: Sun, 14 Sep 1997 23:56:22 +0300 (EET DST)
From: Tatu Ylonen <ylo@ssh.fi>
To: David Jablon <dpj@world.std.com>
Cc: 3umoelle@informatik.uni-hamburg.de (Ulf Möller ), cryptography@c2.net
In-Reply-To: <3.0.1.16.19970912101144.09e7984a@world.std.com>
> 5657390: Secure socket layer application program
> apparatus and method
> INVENTORS: Elgamal; Taher, Palo Alto, CA
> Hickman; Kipp E. B., Los Altos, CA
> ASSIGNEES: Netscape Communications Corporation, Mountain View, CA
> ISSUED: Aug. 12, 1997
> FILED: Aug. 25, 1995
I would like to point out that SSH 1.0 was published in July 1995,
transmits encrypted data over a transport protocol (TCP/IP), and
provides an API to an application layer program (unix command line
interface, used e.g. by SCP which is included in the distribution).
Before the public release, SSH was distributed to dozens of people at
Helsinki University of Technology, Finland and other organizations
without any non-disclosure clauses.
Note also that there were several encrypting telnet type applications
published around the same time, some before SSH.
I also recall Kerberized telnets being around much earlier.
Tatu
> There are three independent claims, which seem to be restatements
> of the same thing. Here's the shortest version:
>
> 3. A method of encrypting and decrypting information
> transferred over a network between a client application
> program running in a client computer and a server application
> program running in a server computer, the method comprising:
>
> providing a socket application program interface
> to an application layer program;
> [*] providing encrypted information to transport protocol
> layer services;
> encrypting information received from an application
> layer program; and
> decrypting information received from transport protocol
> layer services.
>
> Presuming that Netscape intends to enforce this, and
> that others might want to challenge it, to survive it
> must be novel over newly cited prior art. The main thing
> that makes it potentially different than many other
> encrypted transport layers is the phrase I marked with a [*].
>
> It might only take one good example of earlier work that
> used any kind of encrypted data to control the
> transport layer to invalidate this.
> A big weakness here is that there are no narrower claims.
> The "encrypted information" is nowhere limited to
> being digitally signed, so purely symmetric techniques
> are relevant.
>
> ------------------------------------
> David Jablon
> Integrity Sciences, Inc.
> dpj@world.std.com
> <http://world.std.com/~dpj/>
--
SSH Communications Security http://www.ssh.fi/
F-Secure Internet Security Solutions http://www.datafellows.com/f-secure/
Free Unix SSH http://www.cs.hut.fi/ssh/
