SRP secure remote password authentication

Tom Wu tom at
Thu Sep 18 11:58:41 EST 2003

Damien Miller wrote:
> On Thu, 2003-09-18 at 05:19, Tom Wu wrote:
>>SRP is, if anything, the protocol with the *least* problematic patent 
> And what about the claims that other companies make on SRP? E.g.
> You know about those and yet you fail to mention them.

If you look carefully at such "claims", you'll see that they are filled 
with "may"s and "might"s, if in fact there is any claim being made at 
all.  Unless there is some more substantiation that would allow one to 
distinguish them from frivolous claims designed to cause marketplace 
confusion/fear, I don't see why anyone, especially OSS projects 
ostensibly opposed to precisely this kind of patent abuse, should grant 
them any kind of legitimacy.

> -d

Tom Wu
Chief Security Architect
Arcot Systems
(408) 969-6124

More information about the openssh-unix-dev mailing list