[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: US6154543: Public key cryptosystem with roaming user capabili ty

To: "'ietf-sacred@xxxxxxx'" <ietf-sacred@xxxxxxx>
Subject: RE: US6154543: Public key cryptosystem with roaming user capabili ty
From: lelteto <lelteto@xxxxxxxxxxx>
Date: Tue, 9 Jan 2001 12:07:37 -0800
List-archive: <http://www.imc.org/ietf-sacred/mail-archive/>
List-id: <ietf-sacred.imc.org>
List-unsubscribe: <mailto:ietf-sacred-request@imc.org?body=unsubscribe>
Sender: owner-ietf-sacred@xxxxxxxxxxxx

I read the patent with all its claims. The system claims are not a problem
as they all require that ONE program (Enabler) should do both the key
retrieval AND the message sending. However, the method claims (29, 53-56)
are more worrisome (at least my reading). Although SACRED itself does not do
message encryption (or signing) any system which uses SACRED eventually
would do that and hence may bump into this patent. This affects only the
server-based key storage, not the direct credential transfer from device to
device.

Laszlo Elteto
Fellow Scientist
Rainbow Technologies, Inc.

-----Original Message-----
From: Jeff.Hodges@xxxxxxxxxxxxxxxxx
[mailto:Jeff.Hodges@xxxxxxxxxxxxxxxxx]
Sent: Monday, January 08, 2001 1:25 PM
To: ietf-sacred@xxxxxxx
Subject: fyi: US6154543: Public key cryptosystem with roaming user
capability 


I haven't examined this..

  http://www.delphion.com/details?pn=US06154543__

..in detail (it has 59 claims; plus IANAL), but it seems it ought to be of 
interest to this group, specifically w.r.t. the "Client/Server Credential 
Exchange" in draft-ietf-sacred-framework-00.txt (aka "credential server" 
approach in draft-ietf-sacred-reqs-00.txt).

In glancing at US06154543, it seems it might be written generally and
broadly 
enough to apply to at least some aspects of sacred's work, but it also might

be too specific in particulars such that it can be sidestepped.

Also, perhaps it is moot if there is indeed relevant prior art as suggested 
below.

In any case, someone(s) with more expertise will have to take a look. 

JeffH

------- Forwarded Message

Date: Mon, 08 Jan 2001 14:04:25 -0500
From: Rich Salz <rsalz@xxxxxxxxxxxxxxxx>
To: cryptography@xxxxxx
Subject: Hush Communications gets silly patent

"DUBLIN, Ireland--(BUSINESS WIRE)--Jan. 8, 2001-- Hush Communications
(www.hush.com), a leading global provider of managed security solutions
and encryption key serving technology, today announced it has been
granted a patent for its revolutionary key pair management technology
that enables personal computer users to send and receive fully encrypted
electronic communications. Hush Communications, the category leader in
key pair management technology, now has the exclusive intellectual
ownership of its core technology, the Hush Encryption Engine(TM). " 
Full PR in http://biz.yahoo.com/bw/010108/hush_commu.html

US Patent 6154543.  It seems to be nothing more than store the private
key on a server,
give it out when the user presents the hash of their initial passphrase.

Similar technology was part of DCE in 1996, cf
http://www.opengroup.org/rfc/mirror-rfc/rfc94.1.txt

Sigh...
	/r$


------- End of Forwarded Message

Prev by Date: RE: Further SACRED requirements comments
Next by Date: Re: Some SACRED blasphemy
Previous by thread: Some SACRED blasphemy
Next by thread: RE; THANK YOU
Index(es):
- Date
- Thread