Re: TLS 1.0 "draft-ietf-tls-protocol-01.txt" Now Available

At 09:17 AM 3/7/97 -0800, David Brownell -- JavaSoft wrote:
>> Date: Fri, 7 Mar 1997 10:27:29 -0500
>> From: (David P. Kemp)
>> Perhaps you should check with RSADSI to see if they still regard RC4 as
>> an "unpublished work", despite the fact that it leaked out some time ago.
>I believe the answer is "yes", so anyone (at least in the US) who
>wants to ship an "RC4-compatible" cipher should have lawyers ready.
>(The name "RC4" is probably trademarked, regardless of the secrecy
>of that algorithm.)

From Schneier, p. 398: "The name is trademarked, so anyone who writes his
own code has to call it something else....RSA Data Security, Inc. will almost
certainly sue anyone who uses unlicensed RC4 in a commercial product.
They probably won't win, but they will certainly make it cheaper for a company
to license than fight."

RC4 appears to be a strong cipher.  The TLS protocol should clearly
not mandate the use of proprietary ciphers, but neither should it
prohibit their use.
Tom Libert                    tel: 508.485.5235 x286
Gradient Technologies, Inc.   fax: 508.229.0338
2 Mount Royal Avenue
Marlborough, MA  01752

Received on Friday, 7 March 1997 13:43:48 UTC