IETF-SSH archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: agent draft (was Re: Secure Shell: Milestone Update.)



Bill Sommerfeld <sommerfeld%sun.com@localhost> writes:

> The patent isn't the issue -- it's the license terms offered.
> 
> compare: http://www.ietf.org/ietf/IPR/WU-SRP
> with: http://www.ietf.org/ietf/IPR/PHOENIX-SRP-RFC2945.txt

I guess Phoenix haven't cared to indicate which claims of their patent
6,226,383 are infringed by SRP or by
http://www.watersprings.org/pub/id/draft-perlman-strong-pass-00.txt? I
think the inventor, David Jablon, is or used to be a member of this
wg. Would you mind clarifying?

To me, the first claim of US patent 6,226,383 is really bizarre. It is
of the form

  [...desirable properties for a key exhange protocol based on a
  shared secret S, including dictionary attack...]

  Claimed: Any method that meets those objectives, by using some
  public-key mechanism in some way parametrized by S.

And then the patent even goes on to cite prior art that meets precisely the
same objectives, using exactly the same high level "method"!

The draft by Radia Perlman and Charlie Kaufman is quite different from
all other secure password authentication methods, in that the choice
of primes is parametrized by the password. But of course, like any
other method that solves the problem using any public-key techniques
whatsoever, I guess it could infringe Jablon's claim 1, assuming that
claim really is valid.

BTW, is it correct that it is possible to update one's patent claims
during the time between patent application and patent issue? In this
case, the timing is as follows: Patent application: March 25, 1997.
Perlman-Kaufman draft: June 26, 2000. Patent issued: May 1, 2001.

Sorry if this discussion is off-topic, but it's really frustrating.

Regards,
/Niels



Home | Main Index | Thread Index | Old Index