[Cryptography] Toxic Combination

grarpamp grarpamp at gmail.com
Thu Dec 11 03:25:56 EST 2014

On Wed, Dec 10, 2014 at 8:31 PM, Bill Frantz <frantz at pwpconsult.com> wrote:
> No security
> protocol will achieve wide adoption unless it includes a revenue model which
> someone can use to build a business.
> Some may claim that SSH is a counterexample

What is the revenue model of AES, OpenPGP, SHA3, ECDHE...?
And who collects the revenue? The NSA?
What of protocol creator Bitcoin, Pond, FOSS... where the revenue them?

Those who require revenue may choose to adopt protocols that assist
product monetization when woven therein, generally towards the limits
of exclusivity and extraction. The protocols themselves stand alone,
and work fine for building things for non sale environments. One can
debate which of the two the internet actually is.

> in the beginning, SSH was
> only available as a software product

SSH was free and open through 1.2.12, then Ylonen closed it.
So OSSH forked that and OpenBSD forked that into OpenSSH.
People can still pay ssh.com for "product" if it makes them happy.

More information about the cryptography mailing list