Copyright (c) 1993 Eric Hughes. Unlike most everything else I write, I do not grant right to use this without my express permission. If you want it sent somewhere else, ask me. I'll probably just send it there myself. I'm going to try to give an overview of the RSADSI and PGP situation. This is long. I've put it in the form of premises, assertions, facts, lemmas, theorems. I know that below I am mostly trying to justify RSADSI's actions. I offer the following so that you may understand how they view themselves. I also wish to offer my personal view on RSADSI. I do not consider them the enemy; I consider the enemy to be NSA/COMINT and those who would destroy privacy to create Big Brother. The RSA patent expires in seven years; the NSA will be around long after that. I have a clear priority here. This long term battle is worth winning to the exclusion of some other desiderata. "Patents don't kill people. Tyrants kill people." I do not think we should pick fights with our allies. The patent battle will not be won by mere defiance, but by careful planning. PGP is not the right vehicle for this fight. Every argument below is predicated on the first premise. I know lots of people are stronly opposed to the patents; I myself am of two minds on the subject. I do wish to point out that the validity of the patents is not what I argue from, but their pragmatic effect in the legal world. Premise: The RSADSI patents are _de facto_ effective. This is a completely separate issue from whether the ought to exist, whether the public really should have them, etc. The fact is, the PTO granted them, the courts will find them valid unless a lot of money is spent in a legal challenge whose outcome is by no means guaranteed. A large organization with lots of money to spend (not the LPF) might have a chance of a successful overturning, but that course of action is not in sight. Premise: Jim Bidzos is not in a unconstrained position; he has repsonsibilities and restrictions and can't do whatever he might want. The effectiveness of the patents gave rise to a commercial opportunity. That commercial opportunity is embodied in PKP and RSADSI. That opportunity was successful by any reasonable measure. The success directly created a fiscal responsibility for the agents of the patent owners to make money for the owners. Bidzos can't take actions which can reasonably be seen as threatening to his business; the point of view here is that of the owners, no one else's. Premise: PGP threatens the business of PKP and RSADSI. This is fairly explicit in the documentation; PGP intends to threaten their business. The patent claims are denounced, variously, as unethical, immoral, and stolen. The docs says "Hey! we tried to get a license, and they wouldn't give it to us, but here's the software anyway." The point is that the truth or falsity of these claims is not the issue. These statements on their face can be taken as harmful; that is sufficient. Premise: RSADSI and PKP will defend themselves. Seems obvious, eh? The way to counter rhetoric is with more rhetoric, and the rhetoric of business is the law and threats of legal action. To my knowledge, no actual legal actions have been made by RSADSI, but lots of threats have been. I also believe that RSADSI is ready to take legal action, however. Premise: RSADSI's main business is licensing, and licensing individuals is not very profitable. RSADSI has had enormous commercial success in getting large corporations to sign up. The only reason to license individuals is to allow them to use non-commerical software of one form or another. The brute fact of the matter is that most people just don't use non-commercial software, as a percentage of market. (If you disagree, consider the size of the PC deployed base vis a vis Unix, and then consider that most of those PC's are owned by companies, who purchase their software.) Lemma: Licensing patents is different than licensing software. With software, most of your revenue stream in the long run is upgrades, not initial purchases. The incremental cost to produce an upgrade over its sale price is far less than for the initial version. With a patent license, you get one sale and that's it. Premise: RSADSI created RSAREF in order to license individuals. The purpose of RSADSI is not to suppress cryptography--it is to promote it. They lose very little by making a free version and they gain a lot in terms of goodwill and preparing and educating people to use commercial versions. Since they don't make any money from it, there's no reason for them to spend much money paying lawyers to draft license agreements for products which bring in no income. Therefore they want all non-income uses of the patents to be filtered through a single license. Fact: Commercial licenses to RSAREF are available. They have not been advertised widely as yet, though. Assertion: The reason that RSADSI requires that individual licenses be mediated through RSAREF is that non-commercial software is inevitably used in commercial contexts. Remember, their main business is licensing. All software used in a commercial context must be licensed, otherwise their main business is imperiled. Were they to make separate licenses for every low end product, they would be in the same situation as if they licensed individuals--high overhead, small return. Therefore, they license RSAREF to companies; this allows RSADSI to economically offer licensed use for all such low end software packages. Theorem: PGP does not need to threaten RSADSI's business. By using RSAREF, PGP can satisfy RSADSI's business requirement to control licensing and satisfy PGP's requirement to have a free license. Fact: RSAREF has a restricted interface which does not allow for direct RSA cryptosystem operations. Assertion: RSADSI is protecting their good name by restricting the default RSAREF interface. Jim Bidzos has told me that the reason they use a restricted interface is to prevent people from making stupid cryptographic mistakes and then claiming that the lack of security was the fault of RSADSI. Given the number of cryptographic numbskulls out there, this concern is not unrealistic. Fact: PGP cannot use the default RSAREF interface. For one, DES is embedded into that interface. Fact: RSADSI has allowed products to go behind the RSAREF interface before. Their concern is that your not doing anything stupid. PGP isn't, so that concern is satisfied. Fact: RSAREF requires a written request to go around the standard interface. Licensing is a legal issue; written words are pretty much required in order to be responsible. Fact: No one has ever made such a written request for PGP. Part of the reason has been that moving to RSAREF entails some architectural changes, and these are still being debated. The recent clipper announcement delayed things as well. Fact: RSAREF is slow. It's only C code. The 386 assembly code in PGP runs about 15 times faster than the C code in RSAREF. RSAREF explicitly allows modifications for improved performance. The plan is to make the PGP assembly speedup modules available as RSAREF speed improvements; this is another delay in getting a port done. Fact: RSAREF can't be legally exported from the US because of the ITAR. Bidzos is seeking a Commerce Jurisdiction ruling for RSAREF, which would mean that it would be permitted for export. But until then, PGP would have to support two versions: an RSAREF one for US use, and a non-RSAREF one for non-US use. This requires more wrappers, and thus more work. Fact: PGP development is already moving in the direction of RSAREF. As I've stated, however, there are a number of practical problems that have to be straightened out before software ships. Eric