devine@vianet.UUCP (Bob Devine) (09/25/87)
In article <615@rocky.STANFORD.EDU>, andy@rocky.STANFORD.EDU (Andy Freeman) writes: > Since no one has bothered to actually look up the RSA patent to find > out what is covered, various people on the net have assumed that what > it covers supports their position. [ I've added misc.legal to the distribution -- Bob] Well, since I couldn't get my hands on a copy of the patent quick enough to contribute to this discussion, I talked to someone who has read it. Philip Zimmerman wrote the IEEE Computer article last year about RSA. Since he lives within a local-call distance, I asked him about his take on the patent. His comments: 1. The patent does not cover an implementation (hardware nor software) of the RSA algorithm. 2. Many side issues are also listed in the patent. (eg. using 3 primes, bootstrapping into another algorithm) 3. It seemed to him that patenting the algorithm is like patenting a mathematical idea. [I agree. Remember folks, the patent test of "novel and unobvious" is easily passed when dealing with judges who were Poli-Sci majors. :-)] So, he concluded that a patent challenge would likely win. Now other points are with the patent process itself: while it is not totally clear, it looks like software is NOT patentable (but can be copyrighted easily enough) because the idea, per se, is in the underlying algorithm. Be careful in distinquishing between an algorithm and a process; the courts did but it seems rather artificial to me. If you read patents, many times they will show the idea manifested as a hardware device. I think even Ritchie's setuid idea used a hardware diagram. I conclude that a hardware version of RSA is definitely patentable but that pushing it to more than that is questionable. Now if RSA is patentable (patents are easily obtained) and stands up to challenges (RSA probably wouldn't), it still has to guard against infringement. And, oh lordy, there's been a ton o' infringement. It seems that everyone and their uncle has come up with their own implementation of RSA. RSA Inc. has not attempted to stop infringment (I haven't heard of any). So, it may fall like Ritchie's setuid patent because of non-enforcement. yet another non-lawyer, Bob Devine