Subject: Re: FYI: RST-ACK patent
To: None <tech-net@netbsd.org>
From: Darren Reed <avalon@caligula.anu.edu.au>
List: tech-net
Date: 05/27/2004 18:46:55
I sent this email to bugtraq@ (forwarded on from an OpenBSD list) on this
topic and I'm forwarding it to tech-net for those that haven't yet read it.

Forwarded message:
> From avalon Thu May 13 09:59:38 2004
> Subject: Re: NISCC Vulnerability Advisory 236929: Vulnerability Issues in TCP
> To: beck@bofh.cns.ualberta.ca (Bob Beck)
> Date: Thu, 13 May 2004 09:59:38 +1000 (Australia/ACT)
> Cc: fw@deneb.enyo.de (Florian Weimer), da@securityfocus.com (David Ahmad),
> 	bugtraq@securityfocus.com
> In-Reply-To: <20040511225059.GC13701@bofh.cns.ualberta.ca> from "Bob Beck" at May 11, 2004 04:50:59 PM
> X-Mailer: ELM [version 2.5 PL1]
> Content-Length: 5541      
> 
> In some mail from Bob Beck, sie said:
> > 
> > > > http://www.ietf.org/internet-drafts/draft-ietf-tcpm-tcpsecure-00.txt
> > > 
> > > In the meantime, the IETF has disclosed the following IPR statement
> > > from Cisco:
> > > 
> > > <http://www.ietf.org/ietf/IPR/cisco-ipr-draft-ietf-tcpm-tcpsecure.txt>
> > 
> > 	Translation - BOHICA, Cisco doesn't want people writing compatible
> > free network stacks, they want to patent TCP. RAND basically means no
> > free software, you must license on some terms. So we end up with
> > stupid situations like we did with VRRP (see
> > http://www.openbsd.org/lyrics.html for that sordid tale), and the IETF
> > will roll over and piddle on itself insted of standing up to this
> > nonsense like W3C does.  This is nasty. 
> 
> Indeed.  But there's room here to fight it if you think it is possible.
> The included text below is from an email to misc@openbsd.org.  The summary
> is if you feel that Cisco are not entitled to this patent then write to
> the USPTO, at the appropriate time, and tell them.  Maybe Cisco won't
> get the patent and then it'll be no more of an issue.  Of course doing
> that is going to take more effort/dedication than sending an email to
> bugtraq, but there you go.  If you don't want Internet security to belong
> to corporate America, then you're going to have to fight for it.
> 
> Darren
> 
> >From avalon Wed May 12 15:05:21 2004
> Subject: Re: Cisco's Statement about IPR Claimed in draft-ietf-tcpm-tcpsecure
> To: misc@openbsd.org
> Date: Wed, 12 May 2004 15:05:21 +1000 (Australia/ACT)
> Cc: rbarr@cisco.com
> In-Reply-To: <200405112231.i4BMVSNx025733@cvs.openbsd.org> from "Theo de Raadt" at May 11, 2004 04:31:27 PM
> X-Mailer: ELM [version 2.5 PL1]
> Content-Length: 3839      
> Status: OR
> 
> I'm not 100% sure that everything I've said below is 100% correct,
> but if anyone is sufficiently interested, it hopefully provides a
> good pointer on where to start...most of my comments below are
> based on the understanding that OpenBSD (if not others) had already
> implemented some of the mechanisms discussed in that draft before
> this all came to the fore.
> 
> While a patent is considered to be "pending", it can be objected to,
> by anyone.  If the objection stands then the patent is not granted.
> I don't know if you can lodge an objection by email and you will also
> need to wait for the pending patent to be 'published'.  I don't know
> if Cisco is oblidged to provide relevant details if asked for, or
> not.  A "pending patent" is not a "granted patent".
> 
> If you can get the right reference to the patent application, the
> thing to do then is write to the USPTO (US Patent & Trademarks Office)
> and object to the patent application citing a few reasons, such
> as the following...
> 
> First, that there is an independant implementation of the ideas in
> this document already available and that this has been available to
> the public for some time.
> 
> Second, that the ideas expressed in this document are not novel and
> are a relatively straight forward progression in thinking on this
> topic.  One of the basic tenants of granting patents is that they
> must be novel.  This follows on from the first suggestion, somewhat,
> above.
> 
> Suggest that if the list of references on the patent application
> does not cite OpenBSD then it is not correct and has been prepared
> by staff who have not fully researched the subject matter of the
> patent.
> 
> Another important consideration is that the document they have filed
> as a "pending patent" is not necessarily what will appear as the final
> patent granted, so there is also scope for convincing Cisco to adjust
> their application such that it does not make any claims they are not
> entitled to.
> 
> i.e. Cisco do not appear to be in a good position on this, given
> developments by others, and rather than wait for the IETF to do
> something about it, use the system Cisco is trying to use against
> itself.
> 
> Note, that you cannot object to a patent until it is published
> because until that point in time you can't know what its exact
> contents are in order to object to and the USPTO will just ignore
> you.  It's filing ("patent pending"), publication and granting are
> not all the same.  The only issue here is that its publication is
> likely to happen at a point in time, in the future, when we've all
> forgotten about it and are concerned with other things and so will
> not be of a mind to write to the USPTO at the appropriate time.
> 
> Darren
> 
> In some mail from Theo de Raadt, sie said:
> > 
> > IETF is utterly diseased.  Cisco can't help it -- this is a US
> > business model.
> > 
> > Patenting security.
> > 
> > Feel free to give Robert at Cisco a call.
> > 
> > I wonder if he knows about the song yet.
> > 
> > 
> > 
> > http://www.ietf.org/ietf/IPR/cisco-ipr-draft-ietf-tcpm-tcpsecure.txt
> > 
> > Title: Cisco's Statement about IPR Claimed in draft-ietf-tcpm-tcpsecure
> > Received: April 26, 2004
> > From: Robert Barr <rbarr@cisco.com>
> > 
> > Cisco is the owner of one or more pending patent applications relating to
> > the subject matter of "Transmission Control Protocol security
> > considerations" <draft-ietf-tcpm-tcpsecure-00.txt>. If technology in this
> > document is included in a standard adopted by IETF and any claims of any
> > Cisco patents are necessary for practicing the standard, any party will be
> > able to obtain a license from Cisco to use any such patent claims under
> > reasonable, non-discriminatory terms, with reciprocity, to implement and
> > fully comply with the standard.
> > 
> > For information contact:
> > 
> > Robert Barr
> > Worldwide Patent Counsel
> > Cisco Systems
> > 408-525-9706
> > 
> > rbarr@cisco.com
> > 
> > ------- End of Forwarded Message
> > 
> 
> 
>