Interesting People mailing list archives

An open letter of opposition to the NIST-PKP giveaway [ opposing viewpoints are welcome .. djf]


From: David Farber <farber () central cis upenn edu>
Date: Sat, 31 Jul 1993 10:48:45 -0500



netnews.upenn.edu!dsinc!spool.mu.edu!agate!ucbvax!silverton.berkeley.edu!djb
From: djb () silverton berkeley edu (D. J. Bernstein)
Newsgroups: sci.crypt
Subject: An open letter of opposition to the NIST-PKP giveaway
Date: 31 Jul 93 00:23:03 GMT
Organization: IR
Lines: 540
Apparently-To: Apparently-To: farber@linc

NIST plans to give PKP exclusive rights to NIST's DSA patent. Attached
is a copy of a letter I just sent NIST in opposition to this plan.

Some people have told me that they've read the NIST-PKP announcement and 
don't see any big problem. After all, they say, PKP asks for a mere 5%
royalty rate! Isn't it worth this much to settle the issue?

These people have missed a crucial phrase in the announcement. ``PKP's 
royalty rates for the right to make or sell products, _subject to
uniform minimum fees_, will be no more than 2 1/2% for hardware products 
and 5% for software...'' [italics added].

Those ``uniform fees,'' it turns out, are a minimum of $5 per program
per user, subject to a minimum of $10,000 per program per year, plus a
non-uniform startup fee of $10,000 for small companies and $25,000 for
large companies.

If you'd like to object to the NIST-PKP giveaway, you still have time. 
Your letter must be received by Michael R. Rubin, Acting Chief Counsel 
for Technology, Room A-1111, Administration Building, National Institute 
of Standards and Technology, Gaithersburg, MD 20899, 301-975-2803, by 
Friday, 6 August. (Rubin actually says that the next Monday is okay; but 
I wouldn't risk it.)

Even a short letter (``Dear Mr. Rubin: For NIST to grant an exclusive
DSA license to PKP would be illegal and against the public interest.
Please do not do this.'') can be devastatingly effective.

(You may also want to send a copy of your letter to the League for 
Programming Freedom, 1 Kendall Square #143, P.O. Box 9171, Cambridge, MA 
02139.)

---Dan

Note that this document uses the standard UNIX convention for 
underlining: underline-backspace-X means an underlined X. If your 
printer cannot handle this convention, just remove all the 
underline-backspace sequences.




                                [address]
                                28 July 1993

Michael R. Rubin
Acting Chief Counsel for Technology
Room A-1111
Administration Building
National Institute of Standards and Technology
Gaithersburg, MD 20899

Dear Mr. Rubin:

I strongly object to NIST's plan to grant an exclusive license for the
Digital Signature Algorithm (DSA) to Public Key Partners (PKP), as
outlined in the 8 June 1993 Federal Register. To grant an
_e_x_c_l_u_s_i_v_e
license would be unwise, unlawful, and pointless, for at least fourteen 
reasons.

Please note that what I object to is not the granting of a license to 
PKP, but the exclusion of licenses from all the other taxpayers who 
funded the invention of DSA.

1. NIST has not given the public a proper opportunity to file written 
objections.

35 USC 209(c)(1) requires in part that NIST may grant a license "only
if, after public notice and opportunity for filing written objections,
it is determined that the interests of the Federal Government and the
public will best be served by the proposed license ... and the proposed
terms and scope of exclusivity are not greater than reasonably necessary
.." It is the clear meaning of the statute that NIST must propose the
terms of a license in a public notice, at the start of the opportunity
to file written objections. Otherwise there is no "proposed license" and
there are no "proposed terms" for the public to examine.

NIST's 8 June 1993 notice does not exhibit a proposed license for public
examination. It provides only a broad statement of the type of license 
NIST plans to grant, together with a statement of PKP's intent. You told
me in a phone call last week that the proposed license did not exist and
that the terms had not been worked out between NIST and PKP. Where is
NIST's 35 USC 209(c)(1) "proposed license"? It does not seem to exist.

After NIST has created a license to propose, NIST should propose it, and
restart the 60-day public comment period. To grant an exclusive license
without first proposing it to the public would be illegal.

It also seems rather strange that NIST asked for public comments without
publishing the relevant patent application. NIST is giving the 
appearance of trying to "slip a fast one" past the taxpaying public. 
NIST states in its 8 June 1993 notice that it has waived its normal 
procedures in the interest of expeditiousness; but if speed is so 
important, why has NIST not already set up a temporary nonexclusive 
license with PKP? NIST does not need to wait 60 days for public comments 
in order to grant a nonexclusive license.

                                                                page 2

Hereafter I will refer to the potential exclusive license NIST plans to
grant to PKP, whatever its terms may eventually be, as "the PKP
license."

2. This is a highly abnormal exclusive licensing situation.

The government acquires patents on many government inventions. It is 
rarely claimed that those inventions infringe existing patents. In a
normal exclusive licensing situation, the government gives an invention
to an enterprising company. The company is willing to invest the time, 
money, energy, and engineering expertise to bring the invention to the
public in a usable form. In return the government protects the company's 
investment by giving it a monopoly.

The PKP license is entirely abnormal. NIST plans to give PKP exclusive 
sublicensing rights to the DSA patent, but in return it will demand that
PKP sublicense the DSA patent and certain other patents to all companies 
uniformly. PKP is not an engineering company trying to protect a risky 
investment; it is a litigation company using its patent portfolio.

Let me remind you that the validity of a patent is a question of law,
which can be determined only by a judge. The infringement of a patent by 
a particular action is also a question of law.

In particular, it has not been determined whether PKP has any control
over DSA. Only a judge can make this determination. Some citizens 
believe that the PKP patents are valid, and that the use of DSA would 
infringe the PKP patents. Some citizens do not.

NIST has stated its belief that PKP has no control over DSA: in the 30 
August 1991 Federal Register, NIST stated "[we] believe this technique 
is patentable and that no other patents would apply to the DSS."

If PKP has no control over DSA, then there is obviously no reason to
grant PKP an _e_x_c_l_u_s_i_v_e license.

In any case NIST should recognize the abnormality of this situation, and 
should enter into a dialogue with the public to better determine whether 
such an abnormal license should be granted.

3. The grant of an _e_x_c_l_u_s_i_v_e license would be in the
interest of nobody
except PKP.

35 USC 209(c)(1)(A) requires for any exclusive or partially exclusive 
license that "the interests of the Federal Government and the public 
will best be served by the proposed license, in view of the applicant's 
intentions, plans, and ability to bring the invention to practical 
application or otherwise promote the invention's utilization by the 
public."

PKP is a litigation company. Its sole contact with the public, to my 
knowledge, has been a series of threatening letters. It does not bring
inventions to practical application, or promote use of anything by the
public, nor has it ever demonstrated any ability to do so.

                                                                page 3

You told me that the Federal Government has certain national security
interests in the PKP license. As the documents explaining these
interests are supposedly classified I am unable to address this point.

However, 35 USC 209(c)(1)(A) requires that the PKP license also best
serve the interests of the public. The PKP license does not do so. The
public will, within a few years, obtain rights to almost all of PKP's
patents. The public obviously has an interest in being able to use DSA
without royalty payments after PKP's patents expire. The grant of an
exclusive license would not serve this interest.

The only way in which the PKP license could possibly serve the interests
of the public is by means of its requirements upon PKP. You told me that 
PKP will be required to grant licenses to the public as outlined in 
Appendix A of NIST's notice. However, this simply does not serve the 
interests of those citizens who believe that the PKP patents are not 
valid in the first place. This license acts against the interests of 
all citizens by removing our rights to the DSA patent and forcing us to 
comply with PKP's terms and fees.

To grant an exclusive license which does not serve the interests of the 
public would be illegal.

By the way, NIST's 8 June 1993 notice states that "it was determined 
that expeditious granting of such license will best serve the interest 
of the Federal Government and the public." Please be aware that, under
35 USC 209(c)(1), NIST is required to make such determinations _a_f_t_e_r
the public comment period, though of course it is not prohibited from 
making tentative determinations at any time. Has NIST prejudged the 
ability of the PKP license to serve the interests of the public?

4. The desired practical application of DSA has already been achieved.

35 USC 209(c)(1)(B) requires for any exclusive or partially exclusive 
license that "the desired practical application has not been achieved, 
or is not likely expeditiously to be achieved, under any nonexclusive 
license which has been granted, or which may be granted, on the 
invention."

Information Security Corporation (ISC) sells implementations of DSA.
These implementations achieve the desired practical application of DSA. 
Therefore to grant an exclusive license for DSA would be illegal.

5. Exclusive licensing is not a necessary incentive to call forth 
investment to bring DSA to practical application or otherwise promote 
DSA's use.

35 USC 209(c)(1)(C) requires for any exclusive or partially exclusive 
license that "exclusive or partially exclusive licensing is a reasonable
and necessary incentive to call forth the investment of risk capital and 
expenditures to bring the invention to practical application or 
otherwise promote the invention's utilization by the public."

As noted above, ISC has already brought DSA to practical application. 
Furthermore ISC promotes DSA's use by, e.g., advertising dsaSIGN. 
Therefore exclusive licensing is not necessary to call forth investment 
in DSA. So the PKP license is illegal.

                                                                page 4

6. The PKP license is not a reasonable incentive to call forth
investment to bring DSA to practical application or otherwise promote
DSA's use.

35 USC 209(c)(1)(C) considers not only what is necessary, but also what
is reasonable.

My understanding is that the PKP license will require PKP to sublicense
DSA to anyone who asks (with the exception of those who break the rules)
at uniform fees.

In my opinion, that is an absolutely insane way to call forth
investment. A venture capitalist is going to look for a good return on
his money. If PKP is required to sublicense DSA to everyone, then
competing DSA vendors will have a level playing field. This is exactly
what the  investors do not want.

Does NIST recognize the absurdity of attempting to call forth investment 
with a license that provides uniform sublicensing to all companies?

PKP's current patent portfolio is a very pleasant prospect for
investors, to the extent that the patents are valid, because those
patents provide potential protection for risk capital. PKP has, so far, 
been incredibly discriminatory in its licensing policies. If it were to 
suddenly switch to a uniform policy, investors would lose incentive to
fund DSA development.

The whole point of 35 USC 209(c)(1)(C) is that an enterprising developer 
should ask for an exclusive license for his _o_w_n marketing of an 
invention. The exclusivity protects his capital and gives his investors
some incentive to embark upon this plan in the first place. NIST must 
not grant an exclusive license which does not provide such protection.

So by 35 USC 209(c)(1)(C) the PKP license is illegal.

7. The scope of exclusivity of the PKP license is much greater than
reasonably necessary.

35 USC 209(c)(1)(D) requires for any exclusive or partially exclusive 
license that "the proposed terms and scope of exclusivity are not 
greater than reasonably necessary to provide the incentive for bringing 
the invention to practical application or otherwise promote the 
invention's utilization by the public."

I have already pointed out that such incentive is not necessary, as DSA 
has already been brought to practical application and is actively 
promoted.

However, even if such were not the case, the PKP license would be
illegal. The manner in which you told me you expect the PKP license to
promote use of DSA is that it will require PKP to sublicense certain
other patents.

Now, if the PKP license were made nonexclusive with no other changes,
then PKP would still be required to sublicense those other patents, and
the same effect would still be achieved.

                                                                page 5

I fully realize that PKP might not be willing to accept a nonexclusive 
license. But 35 USC 209(c)(1)(D) does not contemplate anyone's desires.
It requires that the scope of exclusivity be no greater than reasonably 
necessary to achieve certain effects. Because the PKP license would
achieve those effects even if it were nonexclusive, the exclusivity is
not necessary at all, let alone reasonably necessary.

I tried to bring this issue up in our phone conversation yesterday. But 
you refused to consider the hypothetical possibility of a nonexclusive 
license. I understand that you have put a lot of work into negotiating 
with PKP and thinking about the PKP license. However, NIST
_c_a_n_n_o_t excuse 
itself from 35 USC 209(c)(1)(D) merely by pointing out a lack of
desire or ability to set up a nonexclusive PKP license. Otherwise every
Federal agency could excuse itself from 35 USC 209(c)(1)(D) in the same 
way! It is not NIST's job to sabotage the stated intent of Congress.

Please note that in the normal exclusive licensing situation, as 
discussed above, exclusivity is critical in protecting an enterprising 
company's investment. Without a monopoly the company may not be able to 
acquire sufficient venture capital. So such an exclusive license would 
satisfy the requirements of 35 USC 209(c)(1)(D). But the monopoly NIST
plans to give to PKP does not have this effect. Hence it is illegal.

8. NIST has acquired a highly biased view of the public interest and of
public concern over patent issues.

NIST must, before it grants any exclusive license, judge the interests
of the public, among other things. In a phone call a month ago I asked
you why you believed that a license to PKP would be in the public 
interest. You referred me to the public responses to the original DSS 
proposal.

I have now read through all of those responses. I regret to inform you 
that many of the responses come from people with a financial interest in
PKP which they did not disclose.

Here is a complete summary of all the mentions of the word "patent" in
those responses.

   Demitros of HUD: Three mentions of a patent. Demitros expressed 
   concern that the NIST patent may take a long time to approve, 
   especially given the potential for patent disputes. (Obviously this 
   concern is now answered.)

   Reynolds of Chemical: "The patent issues are far from clear."

   Gasser of DEC: One "exportability and patentability" heading on a 
   section discussing only exportability. No actual mention of patents.

   Drake of DEC: Mentions his own patents.

   Shroyer of Motorola: "We like the proposal that DSS does not require 
   royalty payments as contrasted with RSA, but there have been some 
   questions raised about patent infringement which must be resolved 
   before we would consider using DSS." (Obviously Shroyer has an 
   interest in resolving the patent infringement issue, but this is 
   balanced by his interest in using DSS without royalties.)

                                                                page 6

   Okamoto of NTT: Proposes ESIGN, a patented alternative digital 
   signature algorithm, and expresses willingness to make patent free.

   Anderson of Mobius: Mentions patents briefly, suggesting use of 
   Mobius's patent-free technology.

   May: Talks about patents; suggests cooperation with PKP. (However, 
   May has recently stated that his letter must not be taken to support
   the PKP license.)

   Larson of IEEE: Doesn't actually mention patents, but incorporates by 
   reference Hellman's letter (see below).

   Baum of IM: In an extensive review of DSS, discusses patent claims.

   James of ITAA: Mentions patents briefly, expressing the opinion that 
   RSA has not taken undue or unfair advantage of its [sic] patent 
   portfolio.

   Fischer: Repeats at some length the accusations of patent 
   infringement.

   Rivest of MIT: Repeats accusations of patent infringement.

   Fougner of PKP: Accuses NIST of patent infringement.

   Bidzos of RSADSI: Repeats accusations at some length.

   El Gamal of RSADSI: Discusses his failure to acquire a patent.

   Neumann of SRI: Cites Bidzos, Rivest, and Hellman.

   Schnorr of Frankfurt: Accuses NIST of patent infringement.

   Hellman of Stanford: Repeats accusations of patent infringement.

The combination of letters from Fischer, ITAA, Rivest, Fougner, Bidzos, 
Neumann, Schnorr, and Hellman might give you the impression that many 
people, including several cryptographic experts, think PKP and Schnorr
have a serious claim upon DSA rights.

You are of course aware of the connections between Schnorr and PKP.
But you may not be aware that Bidzos runs PKP. (As of last year he 
identified himself in an information database as president of both 
RSADSI and PKP.) His two companies, PKP and RSADSI, are very closely
aligned in strategy and goals.

You also may not be aware that Rivest and Hellman work for RSADSI.
(Like El Gamal, both Rivest and Hellman are identified as RSADSI
Scientists in an RSADSI advertisement I just saw, as well as in a press
release I saw many months ago announcing an RSADSI software product.)

You also may not be aware that Fischer is the sole distributor of one of 
RSADSI's software products.

Together these people shout quite loudly. Each one cites accusations of 
patent infringement from the others, while they all pretend to be
independent scientists and businessmen. Sometimes they bamboozle 
outsiders into thinking "all these people say there's a problem, so
there must be a problem."

                                                                page 7

In fact all the accusations come primarily from financial partners of
one man, Jim Bidzos. Please be aware that all is not as it seems. The 
interests of Jim Bidzos, no matter how often repeated, are not the 
interests of the public.

9. PKP has misrepresented its intentions to NIST; PKP stated that it 
planned to charge uniform minimum fees when in fact it planned to charge 
exploitative minimum fees.

Appendix A of NIST's 8 June 1993 notice contains the following statement 
from PKP: "PKP's royalty rates for the right to make or sell products, 
subject to uniform minimum fees, will be no more than 2 1/2% for 
hardware products and 5% for software, with the royalty rate further 
declining to 1% on any portion of the product price exceeding $1,000."

That statement is a misrepresentation. PKP's actual planned minimum fees 
were (and are) as follows: $10,000 plus $10,000 per year for businesses
with revenue under one million dollars per year, and $25,000 plus
$10,000 per year for businesses with revenue over one million dollars
per year.

Those minimum fees are not uniform. They are exploitative. They extract 
higher prices from companies with deeper pockets.

Fougner of PKP told me these prices twice, in two separate phone calls. 
"That's the only fee that changes depending on the size of your 
business, is the startup fee," he said. "After that---other than that---
everything, it's a, it's a level playing field for everybody in terms of 
product." So Fougner admits that the minimum fees do not provide a level 
playing field.

Fougner explained to me the reason for the million-dollar exploitative 
cutoff: "We really do want to show that we want to help, uh y'know, the 
startup folks, uh, get into the business if they want to."

I asked how stable the numbers were: had they changed since June; were 
they going to change. "I don't want to change anything," Fougner said. 
And, later: "I don't intend to, nor do I want to, change anything." And, 
still later: "No plan on our part to change anything." And, once again:
"If you take the Federal Register notice, and assuming that goes forward 
as presently stated there and everybody does what they say they're gonna 
do, we don't plan to change anything."

Obviously it would have been more difficult for PKP to convince NIST to 
grant PKP a license if PKP had disclosed its actual exploitative fees---
otherwise, why has NIST been planning to require PKP to charge uniform
fees? So PKP's misrepresentation of its fee structure had obvious
potential benefits for PKP.

I realize that these allegations of misrepresentation are very serious. 
Fraudulent misrepresentation would be a horrible violation of the trust 
which forms an essential part of any government process. If Fougner
denies making the above statements, please let me know, and I will
provide you with certain forms of evidence.

10. RSADSI charges exploitative fees.

As noted above PKP plans to charge exploitative minimum fees for its 
sublicenses. This is not new practice for Jim Bidzos's companies: RSADSI 
has already established its practice of charging exploitative fees.

                                                                page 8

The following information appears in an RSADSI marketing brief labelled 
"Copyright 1992, 1993." For a certain license RSADSI charges $1,400 for 
vendors with annual revenue under one million dollars; $3,400 for 
vendors with annual revenue up to 25 million dollars; $7,400 for vendors 
with annual revenue up to 50 million dollars; $24,900 to 100 million;
$74,900 to 1000 million; and $124,900 above that.

11. PKP's fees are obscenely high.

A software company can start up with just a few thousand dollars. PKP's 
$20,000 first-year fee is far too much for a new programming business to 
afford. Appendix A of NIST's 8 June 1993 notice, with its description of a 
mere 5% royalty rate, doesn't sound too bad; but behind the scenes is 
hidden a $20,000 fee.

What does PKP provide for this money? Nothing. The PKP license lets PKP
set its prices arbitrarily high at everyone else's expense.

What is the point of requiring DSA implementors to pay such fees to PKP? 
It is unwise to give PKP such power to extract money from the public.

12. Bidzos has habitually squashed the use of cryptography.

It is well known that Bidzos, via PKP, has attempted to squash several
public-key cryptography implementations, such as RPEM and PGP. For
several years personal computers have been fast enough to make
public-key cryptography convenient for the masses. Do you make daily use 
of encryption? I suggest that, if it were not for Bidzos, we would all 
be using cryptography now.

If Bidzos's goal were to make money he would offer personal licenses to
let individuals use PGP for a reasonable fee. Instead he simply refuses
to provide any licenses for PGP.

Given his history, do we want Bidzos in control of DSA? Especially now, 
when he is just a few years away from losing his monopolies, does it 
make any sense to give him a fresh new 17-year monopoly over a U.S. 
government standard technology?

13. NIST has already promised the public royalty-free use of DSA.

The Deputy Directory of NIST testified on 27 June 1991 that DSA "is 
expected to be available on a royalty-free basis in the public interest 
world-wide." Indeed, the royalty-free availability of DSA is in the 
public interest, and the payment of royalties for DSA is against the 
public interest. Perhaps PKP has frightened some people into believing 
that they must pay royalties for DSA, but that is not an excuse for NIST 
to _h_e_l_p PKP act against the public interest.

In the 30 August 1991 Federal Register, NIST stated again "NIST expects 
it to be available on a royalty-free basis. Broader use of this 
technique resulting from public availability should be an economic 
benefit to the government and the public."

How can NIST give in to PKP's unsubstantiated allegations of patent 
infringement and act against the public interest, after promising the 
public that NIST would make DSA available worldwide?

                                                                page 9

Please scrap the PKP license. If PKP wants to prove patent infringement it 
has the option of suing for a declaratory judgment that the use of DSA 
would infringe its patents. In the meantime I expect NIST to stick to 
its previous promises.

14. The PKP license is pointless.

If PKP's patents do control the use of DSA, why does PKP need
_e_x_c_l_u_s_i_v_e
rights to NIST's patents as well?

Thank you for your kind attention. Please let me know if you need more 
information. I would also welcome your responses to the twelve questions
appearing in this letter.

                                Sincerely,



                                Daniel J. Bernstein


Current thread: