[6521] in cryptography@c2.net mail archive
Re: legal status of RC4
daemon@ATHENA.MIT.EDU (Paul Crowley)
Thu Jan 27 10:59:17 2000
To: Vin McLellan <vin@shore.net>
Cc: cryptography@c2.net, Eric Murray <ericm@lne.com>,
Greg Broiles <gbroiles@netbox.com>, John Young <jya@pipeline.com>
From: Paul Crowley <paul@hedonism.demon.co.uk>
Date: 27 Jan 2000 08:21:29 +0000
In-Reply-To: Vin McLellan's message of "Wed, 26 Jan 2000 13:40:49 -0500"
Message-ID: <87aelrorg6.fsf@hedonism.demon.co.uk>
Vin McLellan <vin@shore.net> writes:
> I suspect that RSA did send out more than a few nastygrams to OEMs
> or other mass marketeers about "illicit use" of RC4, but -- at least in
> recent years -- its complaints probably went to commercial enterprises which
> both (a) sought to resell the algorithm in the US, and (b) blatently used
> the RC4 label in a way that is likely to confuse many people as to the
> source of the RC4 implementation code.
Not so. I know of a firm that paid hundreds of thousands of dollars
to RSADSI in order to use their own entirely original implementation
of RC4, under direct threat of a bogus copyright lawsuit. They knew,
I think, that if RSADSI sued they'd lose, but they didn't fancy being
dragged into court.
This wasn't a crypto product, just an implementation of a standard
whose encryption option mandated RC4. I doubt any mention of RC4
would have been made in either the advertising or the documentation.
--
__
\/ o\ paul@hedonism.demon.co.uk Got a Linux strategy? \ /
/\__/ Paul Crowley http://www.hedonism.demon.co.uk/paul/ /~\
