OpenSSH SRP 3.8.1p1 patch

Edward Flick eddy at cdf-imaging.com
Thu Aug 5 01:06:13 EST 2004


Tom Wu wrote:

 > That's not what we're saying - it's more along the lines of "The burden
 > of proof is on the claimant, Phoenix in this case, and they haven't
 > produced any convincing evidence."
Its not proof thats scaring people off, its accusations.  I also really 
wish you would address them more directly in a public forum.  And get 
this issue finalized.

 >> I think if you and Stanford really wish to put this to bed I'd ensure
 >> that
 >> the IETF gets another email stated it doesn't conflict to add to the
 >> above
 >> URL that was posted.  If Phoenix legal department is not willing to do
 >> that than I think it's best to avoid the technology.
 >
 >
 > The problem with this stance is that it allows anyone to deny access to
 > a competitor's technology, especially in the OSS/Free software space,
 > simply by making a vague IP assertion and then refusing to issue an "all
 > clear", akin to SCO's behavior with Linux.  I don't think rewarding bad
 > faith and behavior is a good idea.
Yes, but the problem with ignoring it means extremely slow uptake of SRP 
technology.  In this lawyer ruled age of computing, people cower behind 
their worries of being sued because of inheriting an IP issue.  The 
fundamental flaw here isn't that the claimant is asserting a falsehood, 
it is the fact that people are listening to it.  You may not be abliged 
to put this issue to rest, but in the best interest of your project, and 
to the good that it could do in general, you might want to go ahead and 
do just that.

Edward




More information about the openssh-unix-dev mailing list