Thesis: Software patents are a bad idea because they freeze the evolution too early and payment metering schemes are too difficult to arrange, which also helps to freeze evolution. Software patents are bad because customers cannot freely and without entanglements incorporate the ideas into their own products. The situation has become much worse with software, because there is no physical object which can be used to meter usage of a patent.
Its nice to see a carefully reasoned argument. Consider, also reading http://www.verisign.com/faqs/id_faq.html http://www.verisign.com/apple/cis.html Comment: The thesis is fundamentally flawed in the case of publickey applications which provide or exploit digital signatures, as its assumptions are false, patently. However, a gem of truth is revealed; however, possible outcomes may be unpalatable as "pay-per-view". Crypto metering for commercial-grade systems is easy. A number of companies, including those who are bantering about the latest batch of payment protocols, are beginning to really understand that to combat intruder-in-the middle attacks of the commercial end-systems' keying material, its necessary to authenticate the source of keying material used for all subsequent security services. Contrary to the thesis, there are an ever evolving number of practical ideas upon the nature of security services and secure applications. (In fact, its ever harder to track the explosion of innovation which is actually happening.) To combat the threat which intruder-in-the-middle represents to the key exchange/agreement crypto underlying most applications, a notion of public-key certificates was formulated. The certificate is a certified end-system key. The evaluation of the certificate requires users to consider trust models, as someone "trusted" digitally signs the key to assert that the key is certified for purpose X. The number of trust models being propounded is astounding; the innovation wonderful to behold; contrary to the thesis. Two models are prevalent - the Kent RFC 1422 model which uses third-parties to base non-repudiation services, and the Zimmermann PGP model which does not use third-parties, and accomplishes something other than non-repudiation. Other models are in heated discussion! There is a little truth in the thesis that asserting upfront to the licensor the nature of your idea does hamper innovation. However, a solution maybe at hand. Note, anyway, that (a) RSA is an excellent public-key scheme which is free of patent restrictions anywhere in the world except US territories (b) personal use of RSA in the US is effectively unlicensed (see PGP/PGPfone) (c) RSAREF is a free reference implementation available for developers to innovate with, before deciding how to make their ideas commercially available (d) there are lots of competitive providers of RSA stuff supporting many form-factors and packaging styles. So either all innovation occurs in the US, else free public availability is not the key to idea generation. Both these conclusions are patently wrong, in my view. Whats a solution? Well there is a solution which gets rid of the up-front, tell-all requirement. Its called controlled certificate issuance. Given the importance of the certificate role, if one meters certificate issuance such that a postage-stamp fee goes to the licensor for each key used in any idea, for any purpose, however often or valuable-a-transaction, then the developer is effectively freed up - in terms of innovation. The keying material can be Diffie-Helman, knapsack, anything the developer like. Whats the downside - well its like having a pay-per-view box on your company TV. Still, this is highly regarded by many industries and is the basis of much competition in the broadcasting & programming distribution industry. Some people, really object to pay-per-view. But then, some people object to inventors getting benefit from their discovery. One metering product is the BBN safekeyper. Metering certificates causes about as much hate mail, as MIT patent enforcement though. So beware about even thinking about reading the following pages for more information about the options and issues: http://www.verisign.com/faqs/id_faq.html - for digital ID material (lots of references) http://www.verisign.com/apple/cis.html - for metering and "simple" licensing How do we do away with the say-it-all-up-front restriction, which is currently the only means whereby the licensor can collect a negotiated fee? RSA DSI invested heavily in a hardware product for metering the issuance of those critical certificates. That is, any developer w