[The following is an official announcement from the League for Programming Freedom. Please redistribute this as widely as possible.] Digital Signature Scandal Digital signature is a technique whereby one person (call her J. R. Gensym) can produce a specially encrypted number which anyone can verify could only have been produced by her. (Typically a particular signature number encodes additional information such as a date and time or a legal document being signed.) Anyone can decrypt the number because that can be done with information that is published; but producing such a number uses a "key" (a password) that J. R. Gensym does not tell to anyone else. Several years ago, Congress directed the NIST (National Institute of Standards and Technology, formerly the National Bureau of Standards) to choose a single digital signature algorithm as a standard for the US. In 1992, two algorithms were under consideration. One had been developed by NIST with advice from the NSA (National Security Agency), which engages in electronic spying and decoding. There was widespread suspicion that this algorithm had been designed to facilitate some sort of trickery. The fact that NIST had applied for a patent on this algorithm engendered additional suspicion; despite their assurances that this would not be used to interfere with use of the technique, people could imagine no harmless motive for patenting it. The other algorithm was proposed by a company called PKP, Inc., which not coincidentally has patents covering its use. This alternative had a disadvantage that was not just speculation: if this algorithm were adopted as the standard, everyone using the standard would have to pay PKP. (The same patents cover the broader field of public key cryptography, a technique whose use in the US has been mostly inhibited for a decade by PKP's assiduous enforcement of these patents. The patents were licensed exclusively to PKP by the Massachusetts Institute of Technology and Stanford University, and derive from taxpayer-funded research.) PKP, Inc. made much of the suspect nature of the NIST algorithm and portrayed itself as warning the public about this. On June 8, NIST published a new plan which combines the worst of both worlds: to adopt the suspect NIST algorithm, and give PKP, Inc. an *exclusive* license to the patent for it. This plan places digital signature use under the control of PKP through the year 2010. By agreeing to this arrangement, PKP, Inc. shows that its concern to protect the public from possible trickery was a sham. Its real desire was, as one might have guessed, to own an official national standard. Meanwhile, NIST has justified past suspicion about its patent application by proposing to give that patent (in effect) to a private entity. Instead of making a gift to PKP, Inc., of the work all of us have paid for, NIST and Congress ought to protect our access to it--by pursuing all possible means, judicial and legislative, to invalidate or annull the PKP patents. If that fails, even taking them by eminent domain is better (and cheaper in the long run!) than the current plan. You can write to NIST to object to this giveaway. Write to: Michael R. Rubin Active Chief Counsel for Technology Room A-1111, Administration Building, National Institute of Standards and Technology Gaithersburg, Maryland 20899 (301) 975-2803. The deadline for arrival of letters is around August 4. Please send a copy of your letter to: League for Programming Freedom 1 Kendall Square #143 P.O.Box 9171 Cambridge, Massachusetts 02139 (The League for Programming Freedom is an organization which defends the freedom to write software, and opposes monopolies such as patented algorithms and copyrighted languages. It advocates returning to the former legal system under which if you write the program, you are free to use it. Please write to the League if you want more information.) Sending copies to the League will enable us to show them to elected officials if that is useful. ===================================================================== APPENDIX G: THE LETTERS I INTEND TO SEND ======================================== - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Dr Ross N. Williams Rocksoft Pty Ltd (ACN 008-280-153). 16 Lerwick Avenue Hazelwood Park 5066 Australia Net : ross@guest.adelaide.edu.au. Fax : +61 8 373-4911 (C/-Internode Systems) Work : +61 8 379-9217 Michael R. Rubin Acting Chief Counsel for Technology Room A-1111 Administration Building National Institute of Standards and Technology Gaithersburg, MD 20899 4 August 1993. Dear Mr Rubin, As a concerned member of the Australian public, and as a director of an Australian software company, I am writing in response to the notice "Notice of Proposal for Grant of Exclusive Patent License" published by NIST in the U.S. Federal Register, Vol. 58, No. 108, dated June 8, 1993 under Notices and relating to U.S. Patent Application No. 07/738.431 and entitled "Digital Signature Algorithm." This notice affects myself and my company in its relationship to the US commercial environment and because of the propagation of patent claims internationally. The notice states that:

The prospective license will be granted unless, within sixty (60) days of this notice, NIST receives written evidence and argument which established that the grant of the license would not be consistent with the requirements of 35 U.S.C. 209 and 37 CFR 404.7.

I am writing because I believe that the license is NOT consistent with the requirements of 35 U.S.C. 209. Here's why. In 35 U.S.C. 209. part (c)(1), the requirements specify a list of conditions (A)..(D) all of which must be met before a U.S. Federal agency may grant an exclusive or partially exclusive license. Part (A) says:

(A) the interests of the Federal Government and the public will best be served by the proposed license, in view of the applicant's intentions, plans, and ability to bring the invention to practical application or otherwise promote the invention's utilization by the public;

I do not wish to debate this clause as satisified or not satisifed except to note that this clause defines NIST's primary goal as the public benefit, not the private.

(B) the desired practical application has not been achieved, or is not likely expeditiously to be achieved, under any non-exclusive license which has been granted, or which may be granted, on the invention;

There is no reason why the DSA standard should not be widely implemented without the benefit of any patents at all. I am aware of the potential conflict that prospective implementers might have with Public Key Partners (PKP) of Sunnyvale California. However, I believe that this problem should be resolved by the free market and the patent system rather than by NIST.

(C) exclusive or partially exclusive licensing is a reasonable and necessary initiative to call forth the investment of risk capital and expenditures to bring the invention to practical application or otherwise promote the invention's utilization by the public; and

The history of innovation and technology diffusion in the computing industry clearly indicates that, in the absence of PKP, there would be no requirement to boost risk capital with the use of patents in order to diffuse the technology. As soon as a technologically workable standard is proclaimed, it will be adopted. In particular, the cost of implementing the standard in software is likely to be less than $30,000. As a result there will soon be many implementations.

(D) the proposed terms and scope of exclusivity are not greater than reasonably necessary to provide the incentive for bringing the invention to practical application or otherwise promote the invention's utilization by the public.

It is clause (D) to which I mainly take exception. In (A) I asserted that the goal of NIST should be the public good. In (B) and (C) I asserted that for a much-awaited cheap-to-implement standard such as the DSA, patents are not required in order to attract risk capital. These two clauses in combination with (D) imply that NIST should be doing its best to deliver the standard into the public domain, and if this is not possible, licensing it in the least-restrictive manner possible. Under the current proposal, NIST will license the DSA patent to PKP indefinitely; that is, until it runs out in the year 2010. However, PKP's patents, (which in the light of (A),(B), and (C) should be the sole motivation for the license proposal) expire in 1997 or soon after. This flies in the face of clause (D) which permits NIST to grant at most only the minimum reasonable license, in this case a license lasting only until 1997, after which the DSA patent should be placed in the public domain. This argument applies independent to any arguments stating that PKP have committed to behave in a certain "limited" way once granted the DSA patent licence; my argument applies to the time period over which the patent license is granted not the manner in which PKP conduct themselves during the period in which it is granted. Ideally thought, NIST should not grant DSS to PKP at all. I hope that the above provides a convincing argument that NIST would not be complying with the requirements of 35 U.S.C. 209.(c)(1)(D) if it executed the proposed license. --O-- There are many alternatives to the proposed license that NIST could pursue. For example, NIST could simply issue a general public license to DSA. Or NIST could use it's patent powers to impose the following condition on all implementors: Condition: All implementations of the DSA must be constructed in accordance with <<new standard that NIST suboffice can create>> so that DSA can be quickly and cheaply replaced with other algorithms at a later date. If this move were adopted now, it would pave the way for RSA in 2000, or perhaps for an even better, hitherto uncreate, algorithm. Other, more aggressive strategies exist that could solve the problem too, the extreme being the taking of PKPs patents by "eminant domain". However, I realize that this would be extreme and am writing primarily to submit the objections given above. In addition to the above, I enclose three letters applying for: 1) A license of DSA for myself to use DSA. 2) A license of DSA for myself to implement and distribute DSA for free. 3) An unlimited commercial license for my company Rocksoft Pty Ltd, or failing this a non-commercial license. I would like to end this letter on a lighter note... During times of drought a farmer noticed that his cow was looking a bit thin so he sent his son out with the cow to find some nice green grass to munch on so that the cow would grow fat and yield lots of milk. The son walked the cow for miles and miles (making the cow even thinner in the process), but couldn't find any grass (this is actually the Australian outback). In the end he found a nice green paddock and set the cow grazing. Later the son returned to the homestead: Farmer : How'd it go son? Do we have a happy cow now? Son : Well sort of; I had trouble finding a grassy paddock. Farmer : But you found one in the end didn't you? Son : Yes, and I put the cow in the paddock. But soon another farmer came running out. He said it was his paddock --- he had rented it for three years --- and that I couldn't graze my cow there without giving him some milk. It was the only green paddock there was. Farmer : So what did you do? Son : I gave him the cow. Thank you for your kind attention. Please do not hesitate to contact me if you require any more information or clarification of the above. Yours sincerely, Ross Williams ------------- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Dr Ross N. Williams Rocksoft Pty Ltd (ACN 008-280-153). 16 Lerwick Avenue Hazelwood Park 5066 Australia Net : ross@guest.adelaide.edu.au. Fax : +61 8 373-4911 (C/-Internode Systems) Work : +61 8 379-9217 Michael R. Rubin Acting Chief Counsel for Technology Room A-1111 Administration Building National Institute of Standards and Technology Gaithersburg, MD 20899 4 August 1993. Dear Mr Rubin, I am writing in response to the notice "Notice of Proposal for Grant of Exclusive Patent License" published by NIST in the U.S. Federal Register, Vol. 58, No. 108, dated June 8, 1993 under Notices and relating to U.S. Patent Application No. 07/738.431 and entitled "Digital Signature Algorithm." The notice states that:

Applications for a license filed in response to this notice will be treated as objections to the grant of the prospective license. Only written comments and/or applications for a license which are received by NIST within sixty (60) days for the publication of this notice will be considered.

As such, I would like to apply, on behalf of my company Rocksoft Pty Ltd for a license of this patent. The following information is provided in accordance with 37 CFR 404.8. (a) Identification of the invention: Title: "Digital Signature Algorithm (DSA)." Patent Application Serial Number: 07/738.431. United States Patent Number: To be issued as 5,231,668, I believe. (b) The type of license required is a commercial license requiring no royalties, OR FAILING THAT A NON-COMMERCIAL (i.e. non-profit) LICENSE requiring no royalty payments. (c) The organization applying for the license is "Rocksoft Pty Ltd", a company incorporated in Australia, whose formally registered address is c/- Nelson Wheeler 200 East Terrace Adelaide 5000 Australia whose Australian Company Number is 008-280-153, and whose postal address (please address correspondence to this address) is: 16 Lerwick Avenue Hazelwood Park 5066 Australia. (d) The representative of Rocksoft is: Name : Dr Ross N. Williams. Address: 16 Lerwick Avenue, Hazelwood Park 5066 Australia. Phone: +61 8 379-5020. (e) Rocksoft is a software consultancy employing only Ross Williams. The company has not yet successfully commercialized any products. (f) Source of information concerning availability of a license: various sources, including your Federal Register notice. (g) I am unable to determine whether Rocksoft Pty Ltd may be formally classified as a small business firm under 404.3(c). However, I would be very surprised if it is not, unless there is some requirement for it to be incorporated in the US. (h) Development plan. If a license is granted, Rocksoft will attempt to create an implementation of the DSA and either sub license it as a component or embed it in products requiring digital signatures. No plans more specific than this can be provided at this time. (1) Rocksoft expects that many hundreds of programmer hours could be committed to the project. Very little capital is available. However, if a license is secured, this may become available. (2) NO further statement on a development plan can be made at present. (3) Fields of use: Rocksoft wishes to use the technology in many diverse fields. (4) Geographic are of use: The whole world. Failing this, just Australia. (i) No previous licenses have been granted to Rocksoft under Federally owned inventions. (j) Known uses of DSA by industry or government: I have heard that ISC sells a product called dsaSIGN, and that Bellcore has implemented DSA. (k) Any other information. I am aware that one of the goals of the licensing of Federally owned inventions is to promote small business in the US and Rocksoft is a small business in Australia. I am hoping however that this application will be successful because it is an application for a non-exclusive, non-transferrable license. I understand that NIST may grant an exclusive DSA license to PKP, and that this license application will be treated as an objection to the PKP license. I would like this application to be treated as such. Thank you for your kind attention. Please do not hesitate to contact me if you require any more information or clarification of the above. Yours sincerely, Ross Williams ------------- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Dr Ross N. Williams 16 Lerwick Avenue Hazelwood Park 5066 Australia Net : ross@guest.adelaide.edu.au. Fax : +61 8 373-4911 (C/-Internode Systems) Work : +61 8 379-9217 Michael R. Rubin Acting Chief Counsel for Technology Room A-1111 Administration Building National Institute of Standards and Technology Gaithersburg, MD 20899 4 August 1993. Dear Mr. Rubin: I hereby apply for a personal license to use the Digital Signature Algorithm. 1. Title of invention: Digital Signature Algorithm (DSA). 2. Patent Application Serial Number: 07/738.431. 3. United States Patent Number: To be issued as 5,231,668, I believe. 4. Source of information concerning availability of a license: Various sources, including your Federal Register notice. 5. Name and address of applicant: Dr Ross N. Williams 16 Lerwick Avenue Hazelwood Park 5066 Australia Net : ross@guest.adelaide.edu.au. Fax : +61 8 373-4911 (C/-Internode Systems) Work : +61 8 379-9217 6. Applicant's representative: not applicable. 7. I am an Australian citizen. 8. Approximate number of persons employed: not applicable. 9. I am not a small business firm. 10. Purpose: I would like a personal license allowing me to implement and use DSA. See #12. 11. Business and commercialization: not applicable; see #10. 12. Plans: I plan to use DSA to attach digital signatures to a variety of electronic documents, primarily for authentication. I plan to use DSA implementations, initially in software but perhaps later in hardware, from a variety of potential future sources. Investments: I may spend many hours programming a DSA implementation. 13. Fields of commercialization: not applicable; see #10. 14. I am not willing to accept a license for less than all fields of use of DSA. 15. I intend to implement and use DSA throughout the world. However, failing this a license for Australia and the U.S.A. would be appreciated. Failing this, a license for just Australia would still be useful. 16. Type of license: I would like a non-exclusive license which does not require royalty payments. 17. I have never been granted a license to a federally owned invention. 18. Known uses of DSA by industry or government: I have heard that ISC sells a product called dsaSIGN, and that Bellcore has implemented DSA. 19. Other information: I understand that NIST may grant an exclusive DSA license to PKP, and that this license application will be treated as an objection to the PKP license. Please note that PKP has stated its intent to make DSA free for personal use. Therefore, if NIST grants PKP a license and PKP acts according to its stated intent, there is no harm to anyone if I am granted this personal license. However, I do not trust PKP to act according to its stated intent, and I do not want to have to apply for a license from PKP even if it is royalty-free. So I ask that you grant me a license directly. Thank you for your kind attention. Please let me know if you need more information. Yours sincerely, Ross Williams ------------- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Dr Ross N. Williams 16 Lerwick Avenue Hazelwood Park 5066 Australia Net : ross@guest.adelaide.edu.au. Fax : +61 8 373-4911 (C/-Internode Systems) Work : +61 8 379-9217 Michael R. Rubin Acting Chief Counsel for Technology Room A-1111 Administration Building National Institute of Standards and Technology Gaithersburg, MD 20899 4 August 1993. Dear Mr. Rubin: I hereby apply for an implementor's license permitting me to sublicense the use of the Digital Signature Algorithm. 1. Title of invention: Digital Signature Algorithm (DSA). 2. Patent Application Serial Number: 07/738.431. 3. United States Patent Number: To be issued as 5,231,668, I believe. 4. Source of information concerning availability of a license: Various sources, including your Federal Register notice. 5. Name and address of applicant: Dr Ross N. Williams 16 Lerwick Avenue Hazelwood Park 5066 Australia Net : ross@guest.adelaide.edu.au. Fax : +61 8 373-4911 (C/-Internode Systems) Work : +61 8 379-9217 6. Applicant's representative: not applicable. 7. I am an Australian citizen. 8. Approximate number of persons employed: not applicable. 9. I am not a small business firm. 10. Purpose: I would like a license allowing me to let others freely use my implementation of DSA, i.e., allowing me to sublicense the use of DSA at no cost. See #12. 11. Business and commercialization: not applicable; see #10. 12. Plans: I plan to create a source-code implementation of DSA in software, using computer resources which are already available to me. I plan to give this implementation to anyone who asks, and perhaps to publish this implementation via electronic or non-electronic means, for study and use by the academic and non-academic communities. I hope to have people hear about this implementation by a variety of means, including word of mouth. 13. Fields of commercialization: not applicable; see #10. 14. I am not willing to accept a license for less than all fields of use of DSA. 15. I intend to implement DSA in Australia (but distribute my implementations throughout the world). 16. Type of license: I would like a non-exclusive license which does not require royalty payments. 17. I have never been granted a license to a federally owned invention. 18. Known uses of DSA by industry or government: I have heard that ISC sells a product called dsaSIGN, and that Bellcore has implemented DSA. 19. Other information: I understand that NIST may grant an exclusive DSA license to PKP, and that this license application will be treated as an objection to the PKP license. Let me emphasize that this is not a commercial license application. I do not intend to collect any fees for the use of this implementation. Thank you for your kind attention. Please let me know if you need more information. Yours sincerely, Ross Williams ------------- ===================================================================== ---<End of Document>--- Paul Ferguson | "Government, even in its best state, Network Integrator | is but a necessary evil; in its worst Centreville, Virginia USA | state, an intolerable one." fergp@sytex.com | - Thomas Paine, Common Sense I love my country, but I fear its government.