Richard Pyne <[EMAIL PROTECTED]> wrote:
>What most of you seem to be forgetting is the simple fact that the vast
>majority of work done by R, S and A that led to their patent was at a public
>(i.e. taxpayer funded) institution with a taxpayer funded research grant. I
>find it a very hard to believe that anyone should "own" the results of that
>research other than those that paid the bills, i.e. the public. The laws on
>copyrights and patents have long held that whoever pays the bills owns the
> work.
Ummmm.
1. Most Americans, at least, know that MIT (the Massachusetts
Institute of Technology) is a private higher-education institution.
2. Of the three MIT junior instructors who -- as an answer to the
connundrum poised by Diffie and Hellman; a problem that was then probably
being considered by thousands of other researchers as well -- invented the
RSA public key cryptosystem in '77, only Ron Rivest had received a research
grant (to study algorithms, not crypto, not the D-H question) from the US
government.
3. Len Aldeman and Adi Shamir did not receive any federal funds.
Shamir not only did not receive federal funds; he was not even an American.
(Bright people come in all shapes, colors, and nationalities.) The US
government owned neither the people or institution -- nor had it "paid the
bills" for the brainstorming that resulted in RSApkc.
4. In the initial RSA publication, and in MIT's belated patent
application -- belated because this was a pioneering use of the patent
process: describing the function of the algorithm in process terms as a
key-exchange function for a communications system -- Rivest did note that he
had recieved support from a US research grant.
5. US agencies -- just because of that long-ago grant to young
Rivest -- have always had royalty-free rights to use the RSApkc patented by
MIT. (RSADSI, founded by the three inventors, was subsequently licensed by
MIT to develop and exploit the patent.)
6. Using process terms to describe a digital communications function
was an innovative way to claim the algorithm in the patent, but why should
anything which can be described in an algorithm (the electron flow of an
electrical current?) be barred from a patent... when it is novel, not
obvious, and fits a perceived need as neatly as the right filament and a
vacumn did in Edison's electric lightbulb?
7. Although it is only tangental to the RSApkc patent, US policy
and practice -- at least since the post-war push into applied research --
has indeed been to let the recipients of federal research grants file for
patents on discoveries made in the course of that research. While I'm sure
the alternatives have been discussed and advocated, current US policy seems
to presume that this is the most effective way to let a new technology
attract the capital usually required to develop it and push it into the
marketplace where the citizen can benefit from it. (Most patented
technology sits on a shelf, undeveloped, unused.)
9. The fact that the US government has the right to freely use the
RSApkc does not automatically confer upon every US citizen either a right of
access or a share of the royalties (although this is a fabulous conceit.) A
gift, grant, or even a tax return given or submitted to the US government
does not automatically become shared property, available to any US citizen.
Leland V. Lammert <[EMAIL PROTECTED]> asked a couple questions.
>I also believe in SW patents, .. but the current farce with RSA, even you
have >to admit, is stupid! Why cannot developers purchase a license (I do
not call >$100,000 a license fee for ANYONE)? Why has RSA abandoned RSAREF?
1. People who own something (and a patent is an property ownership
grant) don't have to let anyone, who demands access to it, actually get
direct access to it.
2. RSAPKC was a freeware reference implementation and toolkit made
available by RSADSI in source. It was intended to let academics and
corporate researchers play with the technology and get familiar with it. By
the terms of the RSAREF license, users could only access the underlying
crypto algorithms through the interface built into the RSAREF package. That
interface was limited, and did not, and does not, permit RSAREF to be used
to support SSL.
3. IMNSHO, RSADSI stopped supporting RSAREFv2 because it found that
it could not control or manage the actions of RSAREF licencees to guarrantee
that its patented process (or even it own free code) would not be used to
undercut the 600-odd commercial OEMs which have always provided its
lifeblood revenue.
4. While this restriction has (temporarily;-) inconvenienced
creative programmers who want to use RSAPKC or their own implementation of
RSApkc in some local application -- or some commercial profit-making product
-- it has proven remarkably successful in pushing the technology through the
OEM channel into the commercial and consumer marketplace.
5. There are now nearly a half *billion* copies of RSA's own RSApkc
implementation code that have made it into the hands of end users.
6. Vendors like Red Hat bury the burden of the RSA royalties
(historically, about 2 percent of sales price for an RSA-enabled commercial
product) within the $150 pricetag on the R.H. Secure Server.
7. There are doubtless a lot of people on this List, like Mr.
Lammert, who want access to RSA's technology and have been unable to get it
on the terms they want or require. Unfortunately, for US corporations, I
don't expect that will change over the next nine months. Sorry.
Suerte,
_Vin
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
