Rich Salz <rsalz@osf.org> writes

I've heard that Digital, HP, and IBM have all mandated that all security code (except keymgmt and other things that are out of scope) must go through the GSSAPI: no writing your own stuff. I heard, less authoritatively, that Microsoft has the same rules, except they use a FunnyLookingVariant(far) of an earlier GSSAPI draft.

None of these organisations have mentioned GSSAPI to me. Do you have a source? David Van Wie <dvw@hamachi.epr.com> writes

Many technologies have both patented parts and trade >secret parts. Often, companies will maintain information that is in patent applications as trade secret until they are granted. I guess I should say _if_ they are granted! After a patent is granted, it is usually a good idea to also maintain some trade secrets in your products -- since trade secrets never "expire," unlike patents. If the patent isn't granted, you still have the option of treating the contents as an intellectual property under trade secret protection.

Rubish, disclosure is required for a grant of a patent. Unless someone skilled in the art can duplicate the invention from the patent claim you don't get a patent issued. Trade secret protection is very tricky in any case. Its practically useless if you want to protect a product rather than a procedure.