SSH trademarks and the OpenSSH product name

Michael H. Warfield mhw at wittsend.com
Wed Feb 14 13:13:06 EST 2001 

Tatu,

On Wed, Feb 14, 2001 at 03:36:19AM +0200, Tatu Ylonen wrote:
> Friends,

> Sorry to write this to a developer mailing list.  I have already
> approached some OpenSSH/OpenBSD core members on this, including Markus
> Friedl, Theo de Raadt, and Niels Provos, but they have chosen not to
> bring the issue up on the mailing list.  I am not aware of any other
> forum where I would reach the OpenSSH developers, so I will post this
> here.

	[...]

	I understand what you have written.  I wonder if you understand
what you have just done.  You've probably done yourself far more damage
than any since the ssh 2.x licensing debacle.  Probably far more damage
than any security attack.

	I was a contributor back in the early days of ssh.  I can now
say that, what ever name it is named, I will support the OpenSSH project
and recommend, both personally and profesionally against the use of
the commercial version of SSH in any environment.  I find that the use
of trademarks in this maner to be intellectually and ethically offensive
in a maner which detracts severely from my confidence in your product.
Security, apparently, now plays second fiddle at SSH Communications
behind marketing and bully business practices.

	If that's the effect you want to achieve, I hope you enjoy
the consequences.

	I hope that you have informed the IETF of your efforts to trademark
SSH and Secure Shell and have given them time to remove any and all
reference from the RFCs.  With luck, they'll change the RFC's sufficiently
(to protect your trade mark) to render your version incompatible with the
standard.

	You should also now notify IANA of your actions to have their
allocation of port 22 to ssh to be revoked.  After all, we can't have your
trademarked sullied by association with other inferior products through
the use of a common port bearing your trademarked name.  Or are you also
going to demand that they (OpenSSH, psst, lsh, and IETF) change port
numbers as well since port 22 would link their products to your trademark?
After all, your trademark is branded into almost every /etc/services file
in many flavors of Unix/Linux/BSD.

	I suppose you will now require that they change the name of the
binaries as well.  No more running ssh to connect to other systems or
sshd to serve those connections.  Well, we've seen what happened when
RSA tried that.  When RC4 became known and they tried to claim IP rights
over the name.  The public implimentation became arcfour (for Aledged RC4).
Based on that premiss, I propose the term assh and asshd.  That way
all of us will be reminded of the people who originated ssh.  Our
appreciation for that inventiveness and innovation.  Our regrets for
the ill turn of affairs.  It will not be forgotten.

	Regretable and sad.  Unfortunately, I suppose, also inevitable.

> Regards,

>     Tatu Ylonen

> SSH Communications Security           http://www.ssh.com/
> SSH IPSEC Toolkit                     http://www.ipsec.com/
> SSH(R) Secure Shell(TM)               http://www.ssh.com/products/ssh

	Mike
-- 
 Michael H. Warfield    |  (770) 985-6132   |  mhw at WittsEnd.com
  (The Mad Wizard)      |  (678) 463-0932   |  http://www.wittsend.com/mhw/
  NIC whois:  MHW9      |  An optimist believes we live in the best of all
 PGP Key: 0xDF1DD471    |  possible worlds.  A pessimist is sure of it!

More information about the openssh-unix-dev mailing list