Interesting People mailing list archives
Re: Security services for HTTP: Kerberos vs. PEM
From: HALLAM-BAKER Phillip <hallam () dxal18 cern ch>
Date: 30 Jun 93 09:05:04 GMT
In article <1993Jun30.020850.24174 () uvm edu>, wollman () trantor emba uvm edu (Garrett Wollman) writes: |>In article <SES.93Jun29203706 () tipper oit unc edu> ses () tipper oit unc edu (Simon E Spero) writes: |>>PEM isn't an option ; the encryption is only licenced for email |> |>Correction: PEM isn't an option inside of the United States and |>probably some other countries. (Same result, unfortunately.) If you |>live outside of the reach of PKP's lawyers, there's nothing stopping |>you from writing, distributing, and using your own PKE software. To emphasise the point, outside the US the patent is void on almost every count :- 1) It consists entirely of a mathematical method, these are specifically excluded from patent protection. 2) The patent was only applied for after the method was published. 3) The patent has expired ! (first published in 1974, thus any patent would have expired in 1988). 4) The patent is broader than the work of the patent holders, specifically it has a claim for *any* public key encryption system. Since CERN has international institute status and staff are covered for their actions as parts of their job by diplomatic immunity PKP can't even run a nuisance suit. It seems to me that situations like this where a patent has been granted in order to prevent work in the field is precisely the area for which the special status was created. ......
Current thread:
- Re: Security services for HTTP: Kerberos vs. PEM HALLAM-BAKER Phillip (Jun 30)