- From: Tom Libert <libert@gradient.com>
- Date: Fri, 07 Mar 1997 13:44:56 -0500
- To: David.Brownell@Eng.Sun.COM (David Brownell -- JavaSoft), dpkemp@missi.ncsc.mil, ietf-tls@w3.org
At 09:17 AM 3/7/97 -0800, David Brownell -- JavaSoft wrote: >> Date: Fri, 7 Mar 1997 10:27:29 -0500 >> From: dpkemp@missi.ncsc.mil (David P. Kemp) >> >> Perhaps you should check with RSADSI to see if they still regard RC4 as >> an "unpublished work", despite the fact that it leaked out some time ago. > >I believe the answer is "yes", so anyone (at least in the US) who >wants to ship an "RC4-compatible" cipher should have lawyers ready. >(The name "RC4" is probably trademarked, regardless of the secrecy >of that algorithm.) From Schneier, p. 398: "The name is trademarked, so anyone who writes his own code has to call it something else....RSA Data Security, Inc. will almost certainly sue anyone who uses unlicensed RC4 in a commercial product. They probably won't win, but they will certainly make it cheaper for a company to license than fight." RC4 appears to be a strong cipher. The TLS protocol should clearly not mandate the use of proprietary ciphers, but neither should it prohibit their use. -- Tom Libert tel: 508.485.5235 x286 Gradient Technologies, Inc. fax: 508.229.0338 2 Mount Royal Avenue http://www.gradient.com Marlborough, MA 01752
Received on Friday, 7 March 1997 13:43:48 UTC