ssh(R) trademark issues: comments and proposal

Robert O'Callahan roc+ at cs.cmu.edu
Sat Feb 17 03:54:29 EST 2001


Tatu Ylonen wrote:
>
>  > "A license was granted in 1995 that allows free use of the
>  > trademarks"
> 
>  This is not accurate, but refers to the following language in
>  ssh-1.2.12 COPYING file:
> 
>     As far as I am concerned, the code I have written for this software
>     can be used freely for any purpose.  Any derived versions of this
>     software must be clearly marked as such, and if the derived work is
>     incompatible with the protocol description in the RFC file, it must
>     be called by a name other than "ssh" or "Secure Shell".
> 
>  First, this is a copyright license ("the CODE can be used..."), with an
>  additional restriction on naming.  It is not a trademark license.

Of course, because you didn't have the trademark then. However, your
statement presumes that the word "ssh" is in the public domain and that
others will be able to use it ... otherwise you wouldn't need this clause
at all.

>  Also, this text is from the COPYING file from ssh-1.2.12, dated Nov
>  17, 1995.  The trademark claims were made in 1996 (ssh-1.2.13 was the
>  first release claiming them, released on Feb 11, 1996), and this
>  license provision would not have covered them anyway.  Ever since, our
>  policy has been not to allow unauthorized use of the trademarks.  The
>  trademark claims have been made consistently in every release ever
>  since.

The fact remains that in 1995 you stated your intention to allow people to
use the name "ssh" for their derived works, with no indication of limited
duration or other terms, and then in Feb 1996 you decided to rescind that
right. Even if you could legally do that, which I doubt, that's pretty
low.

>  > "no-one has ever been notified of infringement"
> 
>  For example, I notified Van Dyke of the trademark a few years ago when
>  they used the SSH mark on their web site inappropriately.  We
>  discussed it, they were very co-operative, and immediately added
>  trademark markings and acknowledgement on their website.  Issue
>  solved.  (They were not using it in a product name.)

No-one (or at least, none of the posts I've read) claimed "no-one has ever
been notified of infringement". The claim is that there are major users of
the word "SSH" who have never been notified.

>  > (reference to FiSSH, TTSSH, Top Gun ssh, etc.)
> 
>  These are all non-commercial academic projects made at universities.
>  We have never really encountered any one of these in the marketplace.

FiSSH never really existed and Top Gun doesn't seem to be used much, but
there are a lot of TTSSH users. Try searching for "TTSSH" in Google and
observe how many universities, labs, ISPs, etc have set up Web pages to
tell their students/customers/employees about it. It's a very long list*.
Now, it may not be commercially significant to you, since I never got a
dime and a lot of those people wouldn't pay for your client anyway. And of
course you can stretch your definition of "really encountered" to fit
whatever scenario you need. The fact remains that (except for my ego) it
doesn't matter what you "really encountered" or what is "commercially
significant", because under trademark law you have to protect your mark
against all comers, not just the ones you don't like or the ones you think
are important.

Note that searching for "Windows SSH client" in Google, the first hit is
TTSSH, and the second hit is PuTTY, which uses the word "SSH" prominently
in its Web page without attribution. If that's not trademark dilution, I
don't know what is.

* Also, searching for "TTSSH" in Google gets about 5,600 hits, whereas
"SecureCRT" gets around 8,100. Your threshold of "really encountered"
seems to be quite finely tuned.

>  > "how about the 'ssh' command name under Unix/Linux?"
> 
>  This relates to the proposal I want to make.
...
>  Let's discuss the exact terms if I get a preliminary "ok, looks fine,
>  let's try to get this resolved along those lines" from the community
>  and the relevant parties.

It would be a fair proposal if your trademark was defensible, but I think
it could hardly be more clear that you have failed to protect the mark and
that it has passed into the public domain. So I'm not very interested in
your proposal. If you can somehow get the community to go along with it,
I'll follow, otherwise, I won't bother.

This is a sad situation because I think by not pursuing your trademark in
the past, you did a good and reasonable thing. It feels a bit like you're
now being punished for that. However, the truth is that you are being
punished because you have stopped being reasonable. If you planned to ever
enforce your trademark, then it would have been better for everyone (and
required by law) for you to have enforced it from the beginning.

Rob
-- 
[Robert O'Callahan http://www.cs.cmu.edu/~roc 7th year CMU CS PhD student
"Now when Joshua was near Jericho, he looked up and saw a man standing in
front of him with a drawn sword in his hand. Joshua went up to him and
asked, 'Are you for us or for our enemies?' 'Neither,' he replied, 'but
as commander of the army of the LORD I have now come.'" - Joshua 5:13-14]





More information about the openssh-unix-dev mailing list