* [9fans] secstore and PAKserver
@ 2007-08-27 9:32 lucio
2007-08-28 22:19 ` Russ Cox
0 siblings, 1 reply; 4+ messages in thread
From: lucio @ 2007-08-27 9:32 UTC (permalink / raw)
To: 9fans
I note in /sys/src/cmd/auth/secstore/pak.c:
// PAK is an encrypted key exchange protocol designed by Philip MacKenzie et al.
// It is patented and use outside Plan 9 requires you get a license.
// (All other EKE protocols are patented as well, by Lucent or others.)
I want to leverage the functionality of the secstore for a different
application (I'm not yet ready to publicize the details, but I will to
anyone who shows some interest), but this seems to put a bit of a
spanner in the works. Naturally, I can prototype with it, but in the
long term I have either to licence the PAK stuff (who do I contact?)
or to replace the code with an analogous facility.
Has the licence been waved for p9p? What are the terms of the
licence? Does anyone know of licence free options to perform a
similar function? I suppose I ought to ask what is so special about
PAK, too or, more to the point, what does it do that made Bell Labs
choose it for the secstore? Maybe if I understood PAK better I'd be
able to decide whether it is as important in my application as it was
for the secstore.
++L
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [9fans] secstore and PAKserver
2007-08-27 9:32 [9fans] secstore and PAKserver lucio
@ 2007-08-28 22:19 ` Russ Cox
2007-09-06 2:42 ` William Josephson
0 siblings, 1 reply; 4+ messages in thread
From: Russ Cox @ 2007-08-28 22:19 UTC (permalink / raw)
To: 9fans
> I want to leverage the functionality of the secstore for a different
> application (I'm not yet ready to publicize the details, but I will to
> anyone who shows some interest), but this seems to put a bit of a
> spanner in the works. Naturally, I can prototype with it, but in the
> long term I have either to licence the PAK stuff (who do I contact?)
> or to replace the code with an analogous facility.
>
> Has the licence been waved for p9p? What are the terms of the
> licence? Does anyone know of licence free options to perform a
> similar function? I suppose I ought to ask what is so special about
> PAK, too or, more to the point, what does it do that made Bell Labs
> choose it for the secstore? Maybe if I understood PAK better I'd be
> able to decide whether it is as important in my application as it was
> for the secstore.
I am not a lawyer; this is not legal advice.
The Lucent Public License permits redistribution of the programs
contained in the Plan 9 distribution, secstore included, in source
or binary forms, and includes appropriate copyright and patent
licenses. I believe that is the only license needed for me to
distribute the p9p programs. I have no special arrangement
with Lucent.
The details are in /LICENSE.
Of course, in such licensing situations, I have never understood
where the line is between redistributing the entire Plan 9 software
(obviously permitted, with copyright and patent licenses granted)
and redistributing just a few snippets of Plan 9 code that make up
an insignificant part of a larger program that happens to use
techniques from those same patents. I'm fairly certain p9p is on
the first side of that line, but I still don't know where the line is.
If this really matters to you, you should talk to a lawyer.
If you're not using Plan 9 code, you might look at SRP.
I don't think the licensing issues are any less murky than PAK,
but they are at least more widely studied.
Russ
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [9fans] secstore and PAKserver
2007-08-28 22:19 ` Russ Cox
@ 2007-09-06 2:42 ` William Josephson
0 siblings, 0 replies; 4+ messages in thread
From: William Josephson @ 2007-09-06 2:42 UTC (permalink / raw)
To: Fans of the OS Plan 9 from Bell Labs
On Tue, Aug 28, 2007 at 06:19:24PM -0400, Russ Cox wrote:
> If you're not using Plan 9 code, you might look at SRP.
> I don't think the licensing issues are any less murky than PAK,
> but they are at least more widely studied.
There ought to be an SRP implementation for secstore
lying around somewhere, possibly at the Labs. I did
one the summer the USENIX security paper got written.
^ permalink raw reply [flat|nested] 4+ messages in thread
* [9fans] secstore and PAKserver
@ 2007-08-27 9:39 lucio
0 siblings, 0 replies; 4+ messages in thread
From: lucio @ 2007-08-27 9:39 UTC (permalink / raw)
To: 9fans
I note in /sys/src/cmd/auth/secstore/pak.c:
// PAK is an encrypted key exchange protocol designed by Philip MacKenzie et al.
// It is patented and use outside Plan 9 requires you get a license.
// (All other EKE protocols are patented as well, by Lucent or others.)
I want to leverage the functionality of the secstore for a different
application (I'm not yet ready to publicize the details, but I will to
anyone who shows some interest), but this seems to put a bit of a
spanner in the works. Naturally, I can prototype with it, but in the
long term I have either to licence the PAK stuff (who do I contact?)
or to replace the code with an analogous facility.
Has the licence been waved for p9p? What are the terms of the
licence? Does anyone know of licence free options to perform a
similar function? I suppose I ought to ask what is so special about
PAK, too or, more to the point, what does it do that made Bell Labs
choose it for the secstore? Maybe if I understood PAK better I'd be
able to decide whether it is as important in my application as it was
for the secstore.
++L
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2007-09-06 2:42 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2007-08-27 9:32 [9fans] secstore and PAKserver lucio
2007-08-28 22:19 ` Russ Cox
2007-09-06 2:42 ` William Josephson
2007-08-27 9:39 lucio
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).