Please send me SSL problems...

hallam at w3.org hallam at w3.org
Wed Sep 20 22:43:20 PDT 1995


Rich Salz <rsalz at osf.org> writes

>I've heard that Digital, HP, and IBM have all mandated that all security
>code (except keymgmt and other things that are out of scope) must go
>through the GSSAPI:  no writing your own stuff.  I heard, less
>authoritatively, that Microsoft has the same rules, except they use a
>FunnyLookingVariant(far) of an earlier GSSAPI draft.

None of these organisations have mentioned GSSAPI to me.

Do you have a source?


David Van Wie <dvw at hamachi.epr.com> writes

>Many technologies have both patented parts and trade >secret parts.  Often, 
>companies will maintain information that is in patent applications as trade 
>secret until they are granted.  I guess I should say _if_ they are granted! 
> After a patent is granted, it is usually a good idea to also maintain some 
>trade secrets in your products -- since trade secrets never "expire," unlike 
>patents.  If the patent isn't granted, you still have the option of treating 
>the contents as an intellectual property under trade secret protection.

Rubish, disclosure is required for a grant of a patent. Unless someone 
skilled in the art can duplicate the invention from the patent claim
you don't get a patent issued.

Trade secret protection is very tricky in any case. Its practically
useless if you want to protect a product rather than a procedure.






More information about the cypherpunks-legacy mailing list