[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

    RE: Full Text of Phoenix letter

    Here's the contact info that goes with the text of the letter.
    Sorry for omitting it earlier.  --David
    David Jablon
    508.898.9024 direct
    509.561.1953 eFax
    Phoenix Technologies Ltd.
    320 Norwood Park South
    Norwood, MA  02062
    781.551.5000 main
    > -----Original Message-----
    > From: []
    > Sent: Saturday, February 09, 2002 2:43 AM
    > To:
    > Subject: Full Text of Phoenix letter
    > To: IETF IP Storage Working Group
    > Subject: Phoenix Patents and RFC 2945 
    > February 6, 2002
    > Dear working group members,
    > Regarding the inquiry by working group co-chair David Black into the
    > of U.S. patent 6,226,383 and its relation to SRP and RFC 2945, this letter
    > presents a status update on Phoenix's plans to provide an appropriate
    > response for the working group.  This letter also presents a general
    > of our licensing practices and products in the field of password-based
    > cryptography, which I hope will assist you in the planning process.
    > Phoenix owns patent 6,226,383 which describes the SPEKE methods for
    > zero-knowledge password authentication.  An investigation into exactly how
    > this patent relates to RFC 2945 is now underway within the company.  While
    > providing guarantees and assurances for use of technology developed by
    > organizations has not been a traditional priority for Phoenix, there is
    > recognition of the need for this working group and others to have clarity
    > this matter, and a position statement will be provided very soon.
    > Phoenix Technologies, in part through the acquisition of Integrity
    > has developed the SPEKE family of zero-knowledge password methods,
    > both licenses and implementations.  These protocols have been cited and
    > studied in numerous research papers over the past several years.  In
    > particular, the BSPEKE protocol can provide a plug-and-play upgrade for
    > An Internet Draft discussing these issues is also being prepared.  These
    > methods are comparable to the best of any similar methods, and they are
    > easily shown to be unencumbered by the other patents in this field.
    > It would seem a shame for a new standards effort to avoid zero-knowledge
    > password techniques as a purely cost-savings measure, given the choices
    > available.  The need for convenient, strong, and inexpensive security
    > built-in to the infrastructure of Internet applications is as great today
    > ever.  The SPEKE techniques represent a generational improvement in
    > authentication, providing strong security with minimal effort.  These
    > methods provide the best choices in this field, with the cleanest
    > implementations, optimal security, best alignment with standards, and
    > easiest license agreements for commercial deployment of zero-knowledge
    > password techniques.
    > A statement regarding licensing of the SPEKE patent in the context of the
    > IEEE 1363 standard is on file with the IEEE, and Phoenix is also committed
    > to providing an updated statement in this same time frame that conforms to
    > both IEEE and IETF policies assuring reasonable and non-discriminatory
    > terms.  But more importantly, as a leading provider to the PC industry,
    > Phoenix will stand behind its technology.  Phoenix has a 20-year history
    > broadly licensing products to this industry, and has helped to pioneer
    > widely used standards and technologies that are built-in to the systems
    > we all take for granted.  Our history of cooperation with many of the
    > leading companies in the industry makes Phoenix naturally suited to gently
    > encouraging the adoption of this new class of strong and convenient
    > techniques.
    > Sincerely,
    > David Jablon
    > CTO, Phoenix Technologies


Last updated: Tue Feb 12 17:17:59 2002
8733 messages in chronological order