[39720] in Cypherpunks
Re: Please send me SSL problems...
daemon@ATHENA.MIT.EDU (hallam@w3.org)
Thu Sep 21 01:45:53 1995
To: cypherpunks@toad.com
Cc: hallam@w3.org
In-Reply-To: Your message of "Wed, 20 Sep 95 13:15:11 EDT."
<9509201715.AA19393@sulphur.osf.org>
Date: Thu, 21 Sep 95 01:43:16 -0400
From: hallam@w3.org
Rich Salz <rsalz@osf.org> writes
>I've heard that Digital, HP, and IBM have all mandated that all security
>code (except keymgmt and other things that are out of scope) must go
>through the GSSAPI: no writing your own stuff. I heard, less
>authoritatively, that Microsoft has the same rules, except they use a
>FunnyLookingVariant(far) of an earlier GSSAPI draft.
None of these organisations have mentioned GSSAPI to me.
Do you have a source?
David Van Wie <dvw@hamachi.epr.com> writes
>Many technologies have both patented parts and trade >secret parts. Often,
>companies will maintain information that is in patent applications as trade
>secret until they are granted. I guess I should say _if_ they are granted!
> After a patent is granted, it is usually a good idea to also maintain some
>trade secrets in your products -- since trade secrets never "expire," unlike
>patents. If the patent isn't granted, you still have the option of treating
>the contents as an intellectual property under trade secret protection.
Rubish, disclosure is required for a grant of a patent. Unless someone
skilled in the art can duplicate the invention from the patent claim
you don't get a patent issued.
Trade secret protection is very tricky in any case. Its practically
useless if you want to protect a product rather than a procedure.
