patent free(?) anonymous credential system pre-print

bear bear at sonic.net
Tue Nov 5 20:15:25 EST 2002 


On Tue, 5 Nov 2002, Nomen Nescio wrote:

>That's just one possibility.  The point is, your ideas are going nowhere
>using your present strategy.  Either this technology won't be used at
>all, or inferior but unrestricted implementations will be explored,
>as in the recent work.  If you want things to happen differently, you
>must change your strategy.

There is a possibility that you have neglected.  And, evidently,
so have most of the patent-filers.

Twenty years is not so long.  Patents expire.

It's not terribly helpful for someone to lock up an idea for twenty
years, but honestly it may be at least that long before the legal and
cultural infrastructure is ready to fully take advantage of it anyway.

You, like most engineers, are thinking of technical barriers only;
it's entirely reasonable to suppose that you could deploy the
technical stuff in two to five years and rake in money on your patents
for the next fifteen to eighteen.  That's a valid model with computer
hardware, because its value to business is intrinsic.  Bluntly, it
enables you to do things differently and derive value within your own
company regardless of what anyone else is doing.  But here we are
talking about something whose value is extrinsic; it affects the way
mutually suspicious parties interact.  For changes in that arena to
happen, they have to be supported by the legal system, by precedent,
by custom, by tradition, etc.  These are barriers that will take a
*hell* of a lot longer to overcome than the mere technical barriers.
The fights over liability alone will take that long, and until those
fights are settled we are not talking about something that a
profit-motivated business will risk anything valuable on.

I remember having exactly your reaction (plus issues about patenting
math and the USPTO being subject to coercion/collusion from the NSA
and influence-peddling and so on...) when the RSA patent issued - but
RSA is free now, and RSA security has not made that much money on the
cipher itself.  And frankly, I don't think that having it be free much
earlier, given the infrastructure and implementation issues, would
really have made that much of a difference.  Note that there are
*still* a lot of important court decisions about asymmetric encryption
that haven't happened yet, and it was only profitable (due to
e-commerce) for the last couple years of the patent's run.

These patents are being filed in an industry and application which is
NOT part of how the world does business today.  They may or may not
turn out to be enabling items, but the world will have to learn to do
business in a different way before they become relevant.  That's not
going to happen in time for the dog-in-the-manger crowd to make any
money off the patents they're filing, so unless they can mobilize
*BILLIONS* of dollars for infrastructure replacement, education,
marketing, lobbying, court cases about legal validity for their
digital signatures and credentials, etc, etc, etc, there is no chance
of them withholding anything of value from the public domain.

It will take twenty years or more just for the *legal* system to
adjust to the point where a credential system or "non-repudiation
property" might possibly become useful to business.  Add another five
or ten years at least for acceptance and custom to grow up around it.
Another five or ten years for court cases and precedent and decisions
about liability to get settled so that it can become standard business
practice.  By that time the patents will be long gone.

Check history.  There is a long list of companies that made cipher
machines or invented ciphers, patented them, and went broke.  It isn't
a coincidence, nor a recent development.

			Bear






---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com

More information about the cryptography mailing list