Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Token based OTP: SafeWord or SecurID?

From: Vin McLellan <vin () shore net>
Date: Fri, 8 Dec 2000 18:41:15 -0500 (EST)
Hi Ryan,
        
        You are corrrect. If it were patented, it would be public and
trade secret protection would no longer be necessary.

        Brainard's SecurID hash is not patented. It is only protected by
RSA's license agreements with its customers, the obligations those
customers place on their employers, and the degree to which those
employees honor those committments.

        No has ever claimed this protection is bulletproof, but it has
kept the SecurID hash unpublished for 14-15 years.

        Suerte,
                _Vin


On Thu, 7 Dec 2000, Ryan Russell wrote:


On Wed, 6 Dec 2000, Vin McLellan wrote:


         Tommy Ward <tommy () securify com> wrote:


As far as (RSA's SecurID] algorithm, it is patented, and it is implemented
in several software products, including the ACE/Server and the software
version of the token.  That means it is not really very secret....


         As others have noted, the 14 year-old SecurID hash is an RSA trade
secret. It remains unpublished today largely due to commitments RSA (then
Security Dynamics) made to early customers, when such commitments were
demanded by many customers, particularly in banking and financial services.


Based on my limited understaning of the patent application process in the
US, an item can't both be patented, and remain unpublished.  Which bit of
info is incorrect?




_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: