Re: Looking for statement of patent issues re ISAKMP/Oakley
Daniel Harkins <dharkins@cisco.com> Thu, 12 March 1998 05:36 UTC
Received: (from majordom@localhost) by portal.ex.tis.com (8.8.2/8.8.2) id AAA25561 for ipsec-outgoing; Thu, 12 Mar 1998 00:36:28 -0500 (EST)
Message-Id: <199803120549.VAA22271@dharkins-ss20.cisco.com>
X-Authentication-Warning: dharkins-ss20.cisco.com: Host localhost.cisco.com didn't use HELO protocol
To: Paul Koning <pkoning@xedia.com>
Cc: ipsec@tis.com
Subject: Re: Looking for statement of patent issues re ISAKMP/Oakley
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Date: Wed, 11 Mar 1998 21:49:48 -0800
From: Daniel Harkins <dharkins@cisco.com>
Sender: owner-ipsec@ex.tis.com
Precedence: bulk
There are no patents on IKE itself and to my knowledge there are none on the protocols it's based on. All of the mandatory-to-implement options-- DES, SHA or MD5, Diffie-Hellman over modp groups using pre-shared keys-- are free of patent claims. RSA (and their lawyers) may claim that DSS infringes on one of their patents but that's a disputed subject and many choose to simply ignore them. You can get a royalty free-- for commercial and non-commercial use-- copy of DSS as part of the IKE reference implementation by pointing your favorite browser to http://www.cisco.com/public/library/isakmp/disclaimer.html and following the hotlinks. This is an up-to-date implementation (ISAKMP v8 and IKE v6) which interoperates with other implementations (e.g. cisco IOS and SSH) to the extent possible (it is tied to a PF_KEYv1 version of the NRL IPSec code and doesn't have any mechanism in place to express IPSec policy). US patent 5548646 ("System for signatureless transmission and reception of data packets between computer networks") sounds alot like tunnel mode IPSec between gateways. That was the subject of considerable debate on this list some time ago. I don't recall what if anything was resolved though. Perhaps someone with a better memory than mine remembers. Dan. > I was putting together a memo on licensing needs for IPSec products, > and looked in the various drafts for guidance. From what I > understand, IETF standards-track documents are supposed to contain a > section discussing any patent issues that may pertain to the > technology in question. > > A number of the transform specs contain such sections (e.g., DES and > IDEA). Somewhat to my surprise, the ISAKMP/Oakley documents do not. > > I also looked in other places (specifically, Scheier) for input. It > mentioned the well-known fact that RSA is subject to patents and > licenses. No confusion there. > > Scheier also discussed the situation for DSS. As I read it, it sounds > like the patent situation there is muddled. In particular, he > mentions a U.S. Government patent (D. Kravitz) supposedly generally > licensed at no cost -- but also mentions that claims have been made > that the Schorr patent applies as well. > > Question: Does anyone have any further insight on this topic? And > could this be added to the document?
- Looking for statement of patent issues re ISAKMP/… Paul Koning
- RE: Looking for statement of patent issues re ISA… Bob Baldwin
- RE: Looking for statement of patent issues re ISA… Kenneth Durazzo
- Re: Looking for statement of patent issues re ISA… Perry E. Metzger
- RE: Looking for statement of patent issues re ISA… Adel Jaber
- Re: Looking for statement of patent issues re ISA… Steve Bellovin
- Re: Looking for statement of patent issues re ISA… Daniel Harkins
- Re: Looking for statement of patent issues re ISA… Hugo Krawczyk