Current status of RSA patent...

Thu Jun 20 03:13:50 PDT 1996

"Paul S. Penrod" <furballs at netcom.com> suggested:

>PGP 2.6.2i is not US codebase, and RSA is not patented outside the US
>according to Bruce Schneiner. Therefore, if a product was deployed into
>the US using a non-US codebase, it is unclear to me what legal
>jurisdiction (if any) RSA may have in these circumstances.

        The relevant issue is not the code-base.  Copyright "protects" the
code.  A patent is a proprietary claim on a design for a device, in this
case RSA's PKC.  A nation issues a patent as an acknowledgement and
validation of a proprietary claim on a specific design, for a non-obvious
device, for a limited period, enforcable within the boundries of its
jurisdiction.

        Nice try.

        2.6.X-ui doesn't use Rivest's RASREF cryptographic toolkit like the
US version does, but it does impliment the patented RSA "device."  You can
bring it into the US, but if you try to sell it in the US and make money
from the design --without giving RSA its due -- they're gonna get ya!

        RSA has no "legal jurisdiction,"  in the US or elsewhere.  (Few
companies do;-)  But I can understand how, hanging around a Libertarian
cabal like C'punks, you might forget that sovereignty rests in the State.
Wishful thinking, lad.

        Suerte,
                        _Vin

         Vin McLellan +The Privacy Guild+ <vin at shore.net>
      53 Nichols St., Chelsea, Ma. 02150 USA Tel: (617) 884-5548
                         <*><*><*><*><*><*><*><*><*>