From: Rob Szarka Area: Public Key Encryption To: Wes Landaker 9 Oct 94 05:20:52 Subject: IFS UpdReq -=> Wes Landaker spake unto Christopher Baker, saying <=- CB> SECDEV12.ZIP CB> SECDR13D.ZIP CB> SFS100.ZIP WL> Do you know if any of these will work under OS/2, if there is an OS/2 WL> version of these programs, or if there is something of similiar WL> functionality for use with OS/2? =) If there isn't, there sure ought to be! I would think it would be even easier to implement as an OS/2 Installable File System... Any OS/2 programmers out there listening? ;-) ... Stealing is illegal, the government hates competition. 201434369420143436942014343694201434369420143436942014343694718 From: Rob Szarka Area: Public Key Encryption To: Jim Grubs, W8GRT 9 Oct 94 00:38:44 Subject: News from PRZ UpdReq I'm sure you meant well by posting this message, but since it wasn't signed surely none of use will lend it the full weight of Mr. Zimmerman's authority... :( ... The best cure for insomnia is to get a lot of sleep. 201434369420143436942014343694201434369420143436942014343694718 From: Mike Riddle Area: Public Key Encryption To: Ross Lonstein 11 Oct 94 20:48:40 Subject: Re: RC4 Revealed! UpdReq In a message to Jim Bell on Sep 28 94 at 09:53, Ross Lonstein wrote: RL> This is probably another example of a mis-informed writer RL> delivering verbatim what his sources told him. Cryptographic RL> formulae are published in journals so that they can be RL> examined by the experts for defects. The general release of RL> the formula can't harm the security of the scheme unless it RL> was already insecure. Neither will it enable an experienced RL> programmer to write a cryptography routine since there are RL> relatively few who can understand the workings sufficiently RL> well to code RL> it. The problem is with intellectual property law. RC4 was protected as a trade secret, not by copyright (although it probably exists since the Berne Convention, but RC4 predated that) or patent (probably not available to RC4). Trade secrets that are not secret can be used by the competition without paying royalties. Oops! 201434369420143436942014343694201434369420143436942014343694718 From: Grant Karpik Area: Public Key Encryption To: All 10 Oct 94 01:58:26 Subject: RSA suit and counter 1/8 UpdReq ============================================ * Original to : All * Forwarded on : Oct 12 94 at 02:11 * Forwarded from: LEGAL_LAW * Forwarded by : Mike Riddle ============================================ The following was cross-posted in both Legal_Law and Debate: For those interested in encryption (i.e. PGP}; From the Internet: ................... Comments: This message did not originate from the address listed in the From line. It has been forwarded by an automated remailing service at that address. Please report any misuse to Subject: Re: RC4 Source Code Posted - A Response from RSA Data Security, Inc. Followup-To: talk.politics.crypto,misc.legal.computing Date: Sat, 8 Oct 1994 14:34:29 +0000 Message-ID:<199410082234.SAA05280@csugrad.cs.vt.edu> Sender: usenet@demon.co.uk Lines: 763 [requoting snipped: Grant] I suppose it's because Cylink feels RSADSI is dealing unfairly, and is calling Mr. Bidzos' bluff. Cylink and RSADSI were never in bed together as soulmates. It was a marriage of convenience. Pick out the real reasons for yourself. Here are Cylink's original complaint (relatively short), and RSADSI's motion to dismiss (quite lengthy and dreary, actually, but interesting). They were OCRed by another kind soul. (I have tried to remove inappropriate newsgroups, such as sci.crypt, from the header, and tried to redirect followups as appropriate.) ------- Forwarded Message ------- Contents: 1) - Cylink's complaint against RSA - 2) - RSA's motion to dismiss the Cylink complaint - -- Cylink's complaint against RSA --------------------------------- Jon Michaelson, Esq., (State Bar No. 083815) Kurt H. Taylor, Esq., (State Bar No. 127077) Robert W. Ricketson, Esq., (State Bar No. 148481) HOPKINS & CARLEY A Law Corporation 150 Almaden Boulevard, Fifleenth Floor San Jose, California 95113-2089 Telephone: (408) 286-9800 Attorneys for Plaintiff CYLINK CORPORATION IN THE UNITED STATES DISTRICT COURT IN AND FOR THE NORTHERN DISTRICT OF CALIFORNIA CYLINK CORPORATION, Plaintiff, v. RSA DATA SECURITY, INC., Defendants. COMPLAINT FOR DECLARATORY JUDGMENT AND INJUNCTIVE RELIEF AND DEMAND FOR JURY TRIAL I. Plaintiff Cylink Corporation is incorporated under the laws of the State of California, and has its principal place of business therein. 2. Defendant RSA Data Security, Inc. ("RSADSI") is a corporation incorporated under the laws of the State of Delaware, and has its principal and a regular and established place of business a 100 Marine Boulevard, Redwood City, CA 94065. 3. Jurisdiction of this Court arises under the Federal Declaratory Judgments Act, Title 28, United States Code, Sections 2201 and 2202, and under the laws of the United States concerning actions relating to patents, Title 28, United States Code, Section 1338(a), as shown by the facts alleged below. 4. On September 20, 1983, U.S. Letter Patent No. 4,405,829 entitled "Cryptographic Communications System and Method" was issued to inventors and assignors R. Rivest, A. Shamir and L. Adleman ("the Patent"). 5. Cylink is informed and believes and on that basis alleges that in or about 1984 defendant RSADSI obtained an exclusive license to the Patent. 6. Cylink has made and/or offered for sale within the past six years and since the issuance of the said Letters Patent, certain encryption products. 7. Beginning in or about December 1993, RSADSI has charged that Cylink's manufacture and sale of said encryption products infringes the Patent and all claims thereof. On June 28, 1993, RSADSI delivered to Cylink's wholly- owned subsidiary, in this judicial district, a letter expressly stating RSADSI's intent to bring an infringement action against Cylink. A true and correct copy of RSADSI 's letter to Cylink dated June 29, 1994 is attached hereto as Exhibit A. 8. There is a substantial and continuing justiciable controversy between (Continued to next message) Grant {Internet: karpik@sfu.ca} 201434369420143436942014343694201434369420143436942014343694718 From: Grant Karpik Area: Public Key Encryption To: All 10 Oct 94 01:58:36 Subject: RSA suit and counter 2/8 UpdReq ============================================ * Original to : All * Forwarded on : Oct 12 94 at 02:11 * Forwarded from: LEGAL_LAW * Forwarded by : Mike Riddle ============================================ -=> Note: Forwarded (from: DEBATE) by Grant Karpik using timEd. Originally from Grant Karpik (1:153/9125.1) to All. Original dated: Oct 10 '94, 01:40 (Continued from previous message) Cylink and RSADSI as to RSADSIs right to threaten or maintain suit for infringement of the Patent, and as to the validity, scope, and enforceability thereof, and as to whether any of Cylink's products infringes any valid claim thereof. 9. Cylink is informed and believes and on that basis alleges that the Patent is invalid unenforceable, and void, for one or more of the following reasons: (a) The alleged invention was not novel; (b) The differences (if any) between the alleged invention and the prior art were such that the alleged invention would have been obvious at the time made to a person having ordinary skill in the art; (c) The claims of the Patent, and/or the Patent as a whole, fails to meet one or more of the requirements of 35 U.S.C. section 1 12. (d) If there is any invention in the subject matter of the Patent, which is denied, the Patent nevertheless was not obtained in a manner consistent with the provisions of Title 35 of the United States Code. (e) The claims of the Patent are functional, indefinite, and are broader than the alleged invention as set forth in the specification of the Patent. 10. Cylink will seek leave of court to amend this complaint to assert such additional grounds for invalidity as may be ascertained and shall give such notice prior to trial as may be required by 35 U.S.C. section 282 of the matters specified therein. 11. Cylink is informed and believes and on that basis alleges that its encryption products do not infringe on the Patent or its claims. 12. Cylink is informed and believes and on that basis alleges that the Patent is unenforceable for reasons including, but not necessarily limited to the following: (a) RSADSI, with full knowledge of the activities of Cylink, has failed to assert the Patent for a period of 3 years while Cylink invested time and money in building its business and goodwill, and RSADSI is now guilty of laches and cannot maintain any cause of action against plaintiff under the Patent. (b) Pursuant to certain written agreements, RSADSI has obligated itself to license Cylink to make, use, and sell products employing all inventions claimed in the patent, and is therefore estopped from asserting the Patent against Cylink. True and correct copies of these agreements are attached hereto and incorporated in this complaint as Exhibits B and C. 13. RSADSI has denied that it is obligated to license Cylink as alleged in paragraph 12(b) above. Cylink and its wholly owned subsidiary have initiated an arbitration proceeding against RSADSI pursuant to the written agreements between the parties. By bringing this suit, as it has been forced to do in order to protect itself against the threat of litigation by RSADSI, Cylink does not waive its right to a determination through contractually mandated arbitration that RSADSI is obligated to grant to Cylink a license to the Patent according to the terms of the parties' agreements. WHEREFORE, plaintiff demands: (a) Entry of judgment that RSADSI is without right or authority to threaten or to maintain suit against plaintiff or its customers for alleged infringement of Letters Patent No. 4,405,829; that the Patent is invalid, unenforceable, and void in law; and that the Patent is not infringed by Cylink because of the making, selling, or using of any products made, sold, or used by Cylink. (b) Entry of a preliminary injunction enjoining RSADSI, its officers, agents, servants. employees, and attorneys, and those persons in active concert or participation with it who receive actual notice thereof from initiating infringement litigation and from threatening Cylink or any of its customers, dealers, agents, servants, or employees, or any prospective or present seller, dealer, or use of Cylink's products, with infringement litigation or charging any of them either verbally or in written with infringement of Letters Patent No. 4,405,829 because of the manufacture, use, sale, or offering for sale of products made by Cylink, to be made permanent following trial. (c) Entry of judgment for its costs and reasonable attorney fees incurred by Cylink herein. (d) Such other and further relief as the Court may deem appropriate. DATED: June 30, 1994 HOPKINS & CARLEY A Law Corporation BY: Kurt H. Taylor, Esq. Attorneys for Plaintiff CYLINK CORPORATION DEMAND FOR JURY TRIAL Cylink hereby demands trial by jury of all issues triable of right by jury. DATED: June 30, 1994 HOPKINS & CARLEY A Law Corporation By Kurt H. Taylor, Esq. Attorneys for Plaintiff CYLINK CORPORATION ... End ................ (Continued to next message) Grant {Internet: karpik@sfu.ca} 201434369420143436942014343694201434369420143436942014343694718 From: Grant Karpik Area: Public Key Encryption To: All 10 Oct 94 01:58:44 Subject: RSA suit and counter 3/8 UpdReq ============================================ * Original to : All * Forwarded on : Oct 12 94 at 02:11 * Forwarded from: LEGAL_LAW * Forwarded by : Mike Riddle ============================================ -=> Note: Forwarded (from: DEBATE) by Grant Karpik using timEd. Originally from Grant Karpik (1:153/9125.1) to All. Original dated: Oct 10 '94, 01:44 (Continued from previous message) -- RSA's motion to dismiss the Cylink complaint ------------------------------ JAMES R. BUSSELLE (SBN 75980) THOMAS E. MOORE III (SBN 115107) MARY O'BYRNE, (SBN 121067) TOMLINSON, ZISKO, MOROSOLI & MASER 200 Page Mill Road, Second Floor Palo Alto, California 94306 Telephone: (415) 325-8666 Attorneys for Defendant RSA Data Security, Inc. UNITED STATES DISTRICT COURT NORTHERN DISTRICT OF CALIFORNIA CYLINK CORPORATION, Plaintiff, vs . RSA DATA SECURITY, INC., Defendant. CASE NO.: C 94 02332 CW NOTICE OF MOTION TO DISMISS UNDER RULE 12(b)(7) DATE: September 9, 1994 TIME: 10:30 a.m. BEFORE: Hon. Claudia Wilken TO THE PLAINTIFF AND ITS COUNSEL OF RECORD: PLEASE TAKE NOTICE that on September 9, 1994 at 10:30 a.m., or as soon thereafter as counsel may be heard by the above entitled Court, located at 450 Golden Gate Avenue, San Francisco, California, defendant RSA Data Security, Inc. will and hereby does move the Court to dismiss the action pursuant to Federal Rule of Civil Procedure 12(b)(7) for failure to join parties under Federal Rule of Civil Procedure 19. Such motion will be made on the grounds that Caro-Kann Corporation, Public Key Partners, the Massachusetts Institute of Technology and Stanford University are necessary parties to the action within the meaning of Rule l9(a). This motion is based on this Notice of Motion, the accompanying Memorandum of Points and Authorities, the Declaration of D. James Bidzos, all pleadings and papers on file in this action, and other such other matters as may be presented to the Court at the time of the hearing. Dated: July 25, 1994 TOMLINSON, ZISKO, MOROSOLI & MASER By Thomas E. Moore III Attorneys for Defendant RSA Data Security, Inc. -- Arguments supporting RSA's move for dismissal JAMES R. BUSSELLE (SBN 75980) THOMAS E. MOORE III (SBN 115107) MARY O'BYRNE, (SBN 121067) TOMLINSON, ZISKO, MOROSOLI & MASER 200 Page Mill Road, Second Floor Palo Alto, California 94306 Telephone: (415) 325-8666 Attorneys for Defendant RSA Data Security, Inc. UNITED STATES DISTRICT COURT NORTHERN DISTRICT OF CALIFORNIA CYLINK CORPORATION, Plaintiff, vs. RSA DATA SECURITY, INC., Defendant. CASE NO.: C 94 02332 CW MEMORANDUM OF POINTS AND AUTHORITIES IN SUPPORT OF MOTION TO DISMISS UNDER RULE 12(b)(7) DATE: September 9, 1994 TIME: 10:30 a.m. BEFORE: Hon. Claudia Wilken TABLE OF CONTENTS I. INTRODUCTION AND ISSUES PRESENTED II. STATEMENT OF FACTS III. ARGUMENT A. Rule 19 is Designed to Protect the Interests of Absent Parties Whose Rights May be Impaired If the Action were to go Forward Without them (Continued to next message) Grant {Internet: karpik@sfu.ca} 201434369420143436942014343694201434369420143436942014343694718 From: Grant Karpik Area: Public Key Encryption To: All 10 Oct 94 01:58:50 Subject: RSA suit and counter 4/8 UpdReq ============================================ * Original to : All * Forwarded on : Oct 12 94 at 02:11 * Forwarded from: LEGAL_LAW * Forwarded by : Mike Riddle ============================================ -=> Note: Forwarded (from: DEBATE) by Grant Karpik using timEd. Originally from Grant Karpik (1:153/9125.1) to All. Original dated: Oct 10 '94, 01:46 (Continued from previous message) B. MIT and PKP are Necessary Parties Because They Each Hold Substantial Rights to the MIT Patent, Including the Right to Bring an Infringement Action Against Cylink C. CKC and Stanford are Necessary Parties Because Each has an Interest that Would be Impaired if the MIT Patent were Held Invalid, and Their Relationship to Cylink is Such that RSA Could Not Adequately Represent Their Interests IV. CONCLUSION TABLE OF AUTHORITIES CASES CP National Corp. v. Bonneville Power Admin., 928 F.2d 905 (9th Cir. 1991) Caldwell Manufacturing Co. v. Unique Balance Co.. Inc., 18 F.R.D. 258, 108 U.S.P.Q. 7 (S.D.N.Y. 1955) Channel Master Corp. v. JFD Electronics Corp., 260 F. Supp. 568, 152 U.S.P.Q. 687 (E.D.N.Y. 1967) Classic Golf Co. v. Karsten Manufacturing Co., 231 U.S.P.Q. 884 (N.D. Ill. 1986) Dentsply International Inc. v. Centrex. Inc., 553 F. Supp. 289, 220 U.S.P.Q. 948 (D.-Del. 1982) Diamond Scientific Co. v. Amico. Inc., 848 F.2d 1220 (Fed. Cir. 1988) Lear. Inc. v. Adkins, 395 U.S. 653 (1969) Messerschmitt-Boelkow-Blohm GmbH. v. Huqhes Aircraft Co., 483 F. Supp. 49, 208 U.S.P.Q. 643 (S.D.N.Y. 1979) Micro-Acoustics Corp. v, Bose Corp., 493 F. Supp. 356, 207 U.S.P.Q. 378 (S.D.N.Y. 1980) Shermoen v. United States. 982 F.2d 1312 (9th Cir. 1992) United Mine Workers of America v. Gibbs, 383 U.S. 715 (1966) Waterman v, MacKenzie, 138 U.S. 252 (1891) STATUTES AND RULES Federal Rule of Civil Procedure 12(b)(7) Federal Rule of Civil Procedure l9(a) Federal Rule of Civil Procedure l9(b) MISCELLANEOUS 6 Chisum, Patents, 21.03[4], pp. 21-300 21-301 (1993) 3A Moore, Moore's Federal Practice, 119.05[2], p. 19.78 (2d ed. 1993) 3A Moore, Moore's Federal Practice, 119.07-1, p. 19.90-1 (2d ed. 1993) 3A Moore, Moore's Federal Practice, 1 19.07[2.--1], p. 19.103 (2d ed. 1993) I. INTRODUCTION AND ISSUES PRESENTED This is a declaratory relief action to invalidate a patent that permits the coding or "encryption" of computer data transmissions. Prior to 1990, the plaintiff, Cylink Corporation ("Cylink") was in the data encryption market as a manufacturer of computer hardware, operating under a license to the so-called "Stanford Patents." The defendant, RSA Data Security, Inc. ("RSA"), was in the data encryption market as a software manufacturer, operating under a license to the so-called "MIT Patent." The MIT Patent is the subject of this invalidation action. In 1990, at Cylink's instigation, Cylink and RSA created complex inter- relationships between each other, Stanford University ("Stanford") and the Massachusetts Institute of Technology ("MIT") to exploit the licensing potential of both sets of patents. Two new entities were created: Caro-Kann Corporation ("CKC"), a wholly-owned subsidiary of Cylink; and Public Key Partners ("PKP"), a partnership between Cylink/CKC and RSA, whose sole assets consist of the licensing rights to both sets of patents. (Continued to next message) Grant {Internet: karpik@sfu.ca} 201434369420143436942014343694201434369420143436942014343694718 From: Grant Karpik Area: Public Key Encryption To: All 10 Oct 94 01:59:00 Subject: RSA suit and counter 5/8 UpdReq ============================================ * Original to : All * Forwarded on : Oct 12 94 at 02:11 * Forwarded from: LEGAL_LAW * Forwarded by : Mike Riddle ============================================ -=> Note: Forwarded (from: DEBATE) by Grant Karpik using timEd. Originally from Grant Karpik (1:153/9125.1) to All. Original dated: Oct 10 '94, 01:48 (Continued from previous message) By filing this action, Cylink not only seeks to pull the thread that unravels these inter-relationships but also hopes to do so in the absence of PKP, CKC, MIT and Stanford. Because (i) PKP and MIT hold significant rights to the MIT Patent, including the right to bring infringement actions and (ii) the action stands to impair the interests of CKC and Stanford, the action must be dismissed under Federal Rule of Civil Procedure 12(b)(7), subject to the joinder of those parties as necessary parties under Rule l9(a).[1] II. STATEMENT OF FACTS RSA is a local company operating out of Redwood City, California. RSA develops, markets and distributes encryption software. Encryption software utilizes complex mathematical formulas or algorithms to create unbreakable codes for securing computer communications, such as data transmissions over telephone lines via modems, from eavesdropping. [2] RSA has been a pioneer in the field of developing encryption software and has worked in this field since 1982, when it was first formed. (Bidzos Decl. 11 2, 3). The founders of RSA were three scientists from MIT, Ronald L. Rivest, Adi Shamir, and Leonard M. Adleman (the letters "RSA" are the initials of those three men). Together, they invented an algorithm which makes it possible to secure data transmissions. This algorithm was patented on September 20, 1983 as U.S. Letter Patent No. 4,405,829 and entitled "Cryptographic Communications System and Method" (the "MIT Patent"). Rivest, Shamir and Adleman assigned the patent to MIT. MIT owned, and continues to own, the MIT Patent. (Bidzos Decl., 1 4) Rivest, Shamir and Adleman formed RSA, and MIT granted RSA an exclusive license to the MIT Patent. RSA has paid royalties to MIT ever since. (Bidzos Decl., 1 5) After an initial slow period, RSA grew to be successful. It developed and marketed an "end user" product called "MailSafe in 1986 and sold thousands of copies. It also developed a software tool kit which was first sold to Lotus Corporation in 1986 and has since been sold to many other companies who have acted as original equipment manufacturers or "OEM's." RSA also sold patent licenses for use of the MIT Patent to a modem company called Racal and also to Motorola and Digital Equipment. (Bidzos Decl., 1 6). During 1987 and 1988, representatives from Stanford began to claim that RSA's MIT Patent rights could not be used by RSA or anyone else without infringing patent rights owned by Stanford (the "Stanford Patents). This dispute was resolved when Stanford licensed rights to its patents to MIT, and MIT in turn passed on those rights to RSA. In exchange for those rights, Stanford received from MIT a portion of the royalty payments that RSA had been paying to MIT for RSA's use of the MIT Patent. (Bidzos Decl., 1 7) It was at this point that plaintiff Cylink appeared on the scene. Cylink is primarily a hardware manufacturer -- it builds computer chips that are used in the data encryption process and markets them to others for incorporation in hardware products eventually sold to the end user customers. Before Stanford agreed to license rights to the Stanford Patents to MIT, Cylink and only a very few other companies had license rights to the Stanford Patents. (Bidzos Decl., 1 8). Cylink was very concerned when it discovered that RSA had acquired rights to the Stanford Patents through MIT. On or about October 17, 1989, Cylink's Chief Executive Officer, Lew Morris ("Morris"), first approached RSA by calling Bidzos on the telephone. Morris threatened to sue RSA unless a deal could be reached by which Cylink would purchase RSA. From this inauspicious beginning, the discussions eventually lead to how RSA and Cylink might work together. (Bidzos Decl., 1 9) The parties' discussions culminated in an Agreement of Intent entered into on April 6, 1990. Under that Agreement, Cylink and RSA each agreed to give up the rights to license and sublicense their respective patent rights in the MIT and Stanford Patents and vest those rights in a new partnership, PKP, exclusively. (Bidzos Decl., 1 10, Ex. A). The two partners in PKP are RSA and CKC, a wholly-owned subsidiary of Cylink. The sole assets of PKP are the licensing rights to the MIT and Stanford Patents. [3] (Bidzos Decl., 1 11). As part of the formation of PKP, the royalty payments owed to Stanford and MIT were simplified. To accomplish this, RSA and Cylink entered into amendments to their respective license agreements with MIT and Stanford. Under the terms of those amendments, first, the direct license arrangement between Stanford and MIT was essentially nullified. Second, while RSA remained obligated to pay royalties to MIT, and Cylink/CKC remained obligated to pay royalties to Stanford, the royalties owed to each university were based on PKP's unsegregated revenues from both the Stanford and MIT Patents: RSA pays MIT a percentage of PKP's distributions to RSA, and Cylink/CKC pays Stanford a percentage of PKP's distributions to Cylink/CKC.4 (Bidzos Decl., 11 12, 13, Exs. B, C). The-amendment to the MIT Patent license governs the various parties' rights to sue for patent infringement of the MIT Patent. Under Section 8 of that amendment: (a) PKP may institute an infringement action and join RSA and MIT (costs borne by PKP); (b) PKP and MIT may jointly bring such an action and join RSA (costs shared (Continued to next message) Grant {Internet: karpik@sfu.ca} 201434369420143436942014343694201434369420143436942014343694718 From: Grant Karpik Area: Public Key Encryption To: All 10 Oct 94 01:59:08 Subject: RSA suit and counter 6/8 UpdReq ============================================ * Original to : All * Forwarded on : Oct 12 94 at 02:11 * Forwarded from: LEGAL_LAW * Forwarded by : Mike Riddle ============================================ -=> Note: Forwarded (from: DEBATE) by Grant Karpik using timEd. Originally from Grant Karpik (1:153/9125.1) to All. Original dated: Oct 10 '94, 01:49 (Continued from previous message) by PKP and MIT); (c) PKP and RSA may jointly bring such an action and join MIT (costs shared by PKP and RSA); (d) MIT may institute such an action with PKP's consent; and (e) RSA may institute such an action and join PKP and MIT (costs borne by RSA). (Bidzos Decl., Ex. B, pp. 13-14). Footnotes: [1] Under Rule 12(b)(7), an objection to a plaintiff's failure to join a party under Rule 19 may be made by motion before pleading. 3A Moore, Moore's Federal Practice, 119-05[2]. p. 19.78 (2d ed. 1993). [2] To explain the function of RSA's software, RSA's President, D. James Bidzos ("Bidzos"), describes unprotected computer communications as the electronic equivalent of typewritten postcards -- such communications can be read by anybody, and no one can be sure who wrote them. RSA sells the equivalent of signatures, so that the writer can be verified, and the equivalent of envelopes, so the messages cannot be read except by those to whom they are addressed. (Bidzos Decl., 1 2). [3] RSA and Cylink did not part with all of their rights to their respective patents. RSA and Cylink retained their right to continue to conduct business as they had done previously. RSA continued to market encryption software, and Cylink continued to market hardware incorporating data encryption technology. (Bidzos Decl., 1 11). [4] RSA, PKP, Cylink, CKC, MIT and Stanford are the principal parties with a vested interest in the validity of the MIT Patent because of the royalty revenue that such Patent generates for them. In addition, two other absent parties, David P. Newman, a Washington D.C. patent lawyer, and Prof. Martin E. Hellman, a Stanford professor, also receive royalties based on the MIT Patent and also have a vested interest in the validity of the MIT Patent. Because of uncertainty about the exact arrangement regarding their receipt of royalties, RSA is not seeking their joinder at this time. (Bidzos Decl., 1 14). III. ARGUMENT A. Rule 19 is Designed to Protect the Interests of Absent Parties Whose Riqhts May be Impaired If the Action were to Go Forward Without them. Federal Rule of Civil Procedure 19(a) authorizes joinder of "necessary" parties to the action. [5] Rule l9(a) states in pertinent part: (a) Persons to be Joined if Feasible. A person who is subject to service of process and whose joinder will not deprive the court of jurisdiction . . . shall be joined as a party in the action if (1) in the person's absence complete relief cannot be accorded among those already parties, or (2) the person claims an interest relating to the subject of the action and is so situated that the disposition of the action in the person's absence may (i) as a practical matter impair or impede the persons ability to protect that interest or (ii) leave any of the persons already parties subject to a substantial risk of incurring double, multiple, or otherwise inconsistent obligations . . . . Thus, Rule 19 is designed to protect the interests of absent parties, as well as those already before the court, from multiple litigation, inconsistent judicial determinations or the impairment of interests or rights. CP National Corp. v. Bonneville Power Admin., 928 F.2d 90S, 911 (9th Cir. 1991). A persons status as a necessary party is not judged by any precise formula, but depends on the context of the particular litigation. CP National, 928 F.2d at 912. However, "Under the Rules, the impulse is toward entertaining the broadest possible scope of action consistent with fairness to the parties; joinder of claims, parties and remedies is strongly encouraged." United Mine Workers of America v. Gibbs, 383 U.S. 715, 724 (1966). Necessary-parties have therefore been described as: [T]hose `[p]ersons having an interest in the controversy, and who ought to be made parties, in order that the court may act on that rule which requires it to decide on, and finally determine the entire controversy, and do complete justice, by adjusting all the rights involved in it.' CP National, 928 F.2d at 912 (quoting Shields v. Barrow, 58 U.S. 130, 139 (1855)). The context of this particular litigation requires joinder of PKP, CKC, MIT and Stanford as defendants. PKP and MIT are holders of substantial rights to the MIT Patent, including the right to bring infringement actions. CKC and Stanford receive significant revenues from the MIT Patent which would be lost if the patent were to be invalidated. Moreover, CKC and Stanford's relationship to Cylink is unique to them and cannot be adequately represented by RSA. B. MIT and PKP are Necessary Parties Because They Each Hold Substantial Riqhts to the MIT Patent. Including the Right to Bring an Infringement Action Against Cylink. MIT and PKP are necessary parties. MIT is the patent owner. MIT, PKP and RSA have substantial rights to the MIT Patent, including the significant right to bring infringement actions, subject to the other parties' right to (Continued to next message) Grant {Internet: karpik@sfu.ca} 201434369420143436942014343694201434369420143436942014343694718 From: Grant Karpik Area: Public Key Encryption To: All 10 Oct 94 01:59:14 Subject: RSA suit and counter 7/8 UpdReq ============================================ * Original to : All * Forwarded on : Oct 12 94 at 02:11 * Forwarded from: LEGAL_LAW * Forwarded by : Mike Riddle ============================================ -=> Note: Forwarded (from: DEBATE) by Grant Karpik using timEd. Originally from Grant Karpik (1:153/9125.1) to All. Original dated: Oct 10 '94, 01:51 (Continued from previous message) join and share the costs of suit. "Generally, the patent owner is an indispensable party to a declaratory judgment action." Classic Golf Co. v. Karsten Manufacturing Co., 231 U.S.P.Q. 884, 886 (N.D. Ill. 1986). The issue becomes more complex, however, when the patent owner transfers some kind of interest to a third party, who is then sued to invalidate the patent. Dentsply International Inc. v. Centrex. Inc., 553 F. Supp. 289, 293-4, 220 U.S.P.Q. 948 (D. Del. 1982). At one extreme, the interest that the patent owner transferred is deemed to be a license, and the patent owner is deemed to be a necessary party to the invalidation action. Id. At the other extreme, the interest transferred is deemed to be an assignment, and the patent holder is not considered to be a necessary party. Dentsply, 553 F. Supp. at 294; see generally Waterman v. MacKenzie, 138 U.S. 252, 255 (1891). The rationale of the latter situation is that the patent owner suffers no prejudice from a judgment of invalidity in its absence, if the patent owner has entrusted the assignee with the right to protect its interests by suing for infringement. Messerschmitt-BoelRow-Blohm GmbH. v. Hughes Aircraft Co., 483 P. Supp. 49, 52, 208 U.S.P.Q. 643 (S.D.N.Y. 1979). As the Dentsply court acknowledged, many cases, such as the present one, fall between the two extremes. DentsDly, 553 F. Supp. at 294. The Dentsdlv court added, however, that the court's task is simplified if the agreement between the parties allocates the right to sue and be sued on the patent. Id. The allocation of the right to sue for infringement under the parties' agreement is the "true test" that determines the identities of the necessary parties. Channel Master Corws. v. CFD Electronics CorD., 260 F. Supp. 568, 572, 152 U.S.P.Q. 687 (E.D.N.Y.-1967)(action dismissed for lack of an indispensable party because defendant licensee could not bring suit for infringement until after the absent patent owner had declined to do so); Caldwell Manufacturing Co. v. Unique Balance Co.. Inc., 18 F.R.D. 258, 263-4, 108 U.S.P.Q. 7 (S.D.N.Y. 1955); 6 Chisum, Patents, 21.03[4], pp. 21-300 - 21-301 (1993)("Thus, a person is a proper party defendant if but only if that person had standing to sue the plaintiff for infringement"). In this case, none of the parties had an independent, unconditional right to instigate litigation without offering the others the opportunity to join and share the expenses of litigation. PKP, RSA and MIT each retained the right to join and take part. Because of these mutual rights, each is a necessary party in this action to invalidate the MIT Patent. [6] C. CKC and Stanford are Necessary Parties Because Each has an Interest that Would be Impaired if the MIT Patent were Held Invalid. and Their Relationship; to Cylink is Such that RSA Could Not Adequately represent Their Interests. CKC and Stanford are also necessary parties. [7] CKC and Stanford admittedly lack standing to bring a patent infringement action against Cylink. Nevertheless, both have important interests that would be impaired by this action, and RSA could not adequately represent those interests. In addition, as a practical matter, the inter-relationship of the various parties in this case counsels in favor of CKC's and Stanford's joinder. The issue of whether a person is a necessary party under Rule l9(a) depends first, on whether such person has an interest that is impaired by the suit and second, on whether such impairment may be minimized if the absent party is adequately represented in the suit. Shermoen v. United States, 982 F.2d 1312, 1318 (9th Cir. 1992). In determining whether a persons interest is impaired, it is not necessary that the judgment be binding on that person in a technical sense; it is enough that as a practical matter that person's rights will be affected. 3A Moore, Moore's Federal Practice, 1 19.07[2.-- 1], p. 19.103. CKC and Stanford's rights would be impaired if this action were to go forward in their absence. Both CKC and Stanford are the beneficiaries Cylink's entry into the Agreement of Intent and transfer of the Stanford Patents to PKP. (Bidzos Decl., Ex. A). Both CKC and Stanford derive significant royalty income from PKP's rights to the MIT Patent. Both CKC and Stanford would lose those royalties if Cylink prevails and invalidates the MIT Patent. RSA cannot adequately represent the interests of CKC and Stanford. CKC and Stanford's relationship to Cylink is unique. Implicit in Cylink's formation of PKP to exploit the MIT Patent were Cylink's representations to CKC and Stanford that the MIT Patent was-valid and that Cylink would protect, not defeat, its validity. Stanford in particular relied to its detriment on Cylink's formation of PKP by waiving its independent right to royalties directly from MIT. (Bidzos Decl., 11 7, 13). Thus, Stanford and CKC may have their own unique estoppel defense to the present action.[8] Finally, as a practical matter, the inter-relationships among the parties make this more than a simple patent case. If this case is to be resolved in a reasonable length of time, then all the parties and all the issues should be before this Court. Because of this, RSA urges the Court to err in favor of joinder with respect to CKC and Stanford. Footnotes: [5] Rule 19 distinguishes between necessary" parties under subdivision (a) and "indispensable" parties under subdivision (b). The court must first determine whether an absent person is a "person to be joined if feasible" pursuant to subdivision (a). If joinder is feasible, a ruling as to the person's indispensability under subdivision (b) is not required, since subdivision (b) comes into play only where joinder is not feasible. 3A (Continued to next message) Grant {Internet: karpik@sfu.ca} 201434369420143436942014343694201434369420143436942014343694718 From: Grant Karpik Area: Public Key Encryption To: All 10 Oct 94 01:59:20 Subject: RSA suit and counter 8/8 UpdReq ============================================ * Original to : All * Forwarded on : Oct 12 94 at 02:12 * Forwarded from: LEGAL_LAW * Forwarded by : Mike Riddle ============================================ -=> Note: Forwarded (from: DEBATE) by Grant Karpik using timEd. Originally from Grant Karpik (1:153/9125.1) to All. Original dated: Oct 10 '94, 01:53 (Continued from previous message) Moore, Moore's Federal Practice, 119.07-1, p. 19.90-1 (2d ed. 1993). RSA is not aware of any reason why joinder of CKC, PKP, MIT and Stanford would not be feasible. It is therefore unnecessary to analyze whether any of those parties are indispensable under Rule l9(b). [6] This express allocation of the right to sue for infringement distinguishes this case from cases such as Micro-Acoustics Corp. v. Bose CorD., 493 F. Supp. 356, 207 U.S.P.Q. 378 (S.D.N.Y. 1980), in which the patent owner retained no right, conditional or otherwise, to institute an action for infringement. [7] RSA intends through its answer and counter-claim to assert that CKC and Cylink are alter-egos of each other. RSA is not, by this motion, asserting that Cylink is under any obligation to sue itself. This motion only requires Cylink to be consistent. If Cylink believes that CKC is an independent party, then Cylink should join CKC as a party defendant. If Cylink concedes that CKC is not an independent party, then RSA is willing to accept such concession and drop its request that CKC be joined. [8] The use of estoppel as a defense to an action to invalidate a patent is complex and involves a balancing between private contractual rights and the public interest in freeing the use of ideas from the monopoly of invalid patents. Lear. Inc. v. Adkins, 395 U.S. 653 (1969)(invalidating "licensee estoppel"); Diamond Scientific Co. v. Amico, Inc., 848 F.2d 1220 (Fed. Cir. 1988)(upholding "assignor estoppel"). Stanford and CKC's potential estoppel defense does not fall neatly within the doctrines examined in either Lear or Diamond Scientific. The legitimacy of that defense cannot be properly raised and considered unless Stanford and CKC are made party defendants. IV. CONCLUSION Joinder of parties is strongly encouraged. Joinder of the absent parties in this case i9 feasible. MIT and PKP should be joined because of their substantial rights in the MIT Patent. CKC and Stanford should be joined because of the potential impairment of their rights and the inability of RSA to protect those rights adequately. For these reasons and those set forth above, RSA respectfully urges the Court to grant this motion. Dated: July 25, 1994 TOMLINSON, ZISKO, MOROSOLI & MASER Attorneys for Defendant RSA Data Security, Inc. PROOF OF SERVICE CYLINK CORPORATION V. RSA DATA SECURITY, INC. UNITED STATES DISTRICT COURT, NORTHERN DISTRICT OF CALIFORNIA CASE NO: C 94 02332 CW STATE OF CALIFORNIA, COUNTY OF SANTA CLARA I am employed in the County of Santa Clara, State of California. I am over the age of 18 and not a party to the within action. My business address is 200 Page Mill Road, Second Floor, Palo Alto, California 94306. On July 25, 1994, I served the following documents: MEMORANDUM OF POINTS AND AUTHORITIES IN SUPPORT OF MOTION TO DISMISS UNDER Rule 12(b)(7) to the following: Liza X. Toth, Esq. Jon Micha-lson, Esq. Hopkins & Carley 150 klmaden Boulevard, 15th Fl. San Jose, California 95113-2089 [X] BY MAIL [ ] I deposited such envelope in the mail at Palo Alto, California. The envelope was mailed with postage thereon fully prepaid. [X] As follows: I am readily familiar with the firm's practice of collection and processing correspondence for mailing. Under that practice it would be deposited with the U.S. postal service on that same day with postage thereon fully prepaid at Palo Alto, California in the ordinary course of business. I am aware that on motion of the party served, service is presumed invalid if postal cancellation date or postage meter date is more than one day after date of deposit for mailing in affidavit. Executed on July 25, 1994, at Palo Alto, California. [X] STATE: I declare under penalty of perjury under the laws of the State of California that the above is true and correct. [ ] FEDERAL: I declare that I am employed in the office of a member of the bar of this Court at whose direction the service was made. Sharon L. Sotelo .. End ............................... ........ End Forwarded Message ........ ................... End cross-post. Grant {Internet: karpik@sfu.ca} 201434369420143436942014343694201434369420143436942014343694718 From: jason carr Area: Public Key Encryption To: Shawn McMahon 14 Oct 94 08:29:00 Subject: Re: PGP Signatures UpdReq Shawn McMahon wrote in a message to jason carr: SM> Yes, but if you hide those hyphens behind control-As, mail SM> tossers are free to add and delete things from between those SM> hyphens. SM> It was a good idea, but unworkable in practice at the SM> present time. Yeah, I think you're right... jason ... Fer sell cheep: IBM Spel chekker. Wurks grate. 201434369420143436942014343694201434369420143436942014343694718 From: Tony Belding Area: Public Key Encryption To: All 11 Oct 94 21:37:10 Subject: PGP & headers UpdReq Here's a question... Suppose I am using PGP to encrypt LHA or ZIP compressed files. Those files have a predictable header. Does this make the encryption less secure? If so, to what degree? 201434369420143436942014343694201434369420143436942014343694718 From: Ross Lonstein Area: Public Key Encryption To: Shawn McMahon 14 Oct 94 09:09:46 Subject: Re: RC4 Revealed! UpdReq >> This is probably another example of a mis-informed writer >>delivering verbatim what his sources told him. Cryptographic >>formulae are published in journals so that they can be >>examined by the experts for defects. >>RC4 wasn't, however. >>And it's author, Ron Rivest, is quite aware of the implications of >that; remember, he's the "R" in RSA. >I suspect that his reason for not publishing it was marketting, but >others suspect whatever they choose to suspect. I, being one of the others, suspect nothing. Were I a user of RC4, I would have general concerns over the security of the algorithm, marketing strategy or not. I stand corrected about its publication but adhere to my belief that most writers for mainstream journals/newspapers are tragically underinformed about the topics they report and cannot sift the grain from the chaff- any recent copy of Newsweek or Time will lend proof. RLONSTEIN PGP key upon request or via Key servers ... "Ok, now for a quick backuL+b&2PO^1+=. --- * TLX v4.00 * 201434369420143436942014343694201434369420143436942014343694718 From: jason carr Area: Public Key Encryption To: Alan Pugh 14 Oct 94 20:46:58 Subject: Clear-Signed "Hole" UpdReq Alan Pugh wrote in a message to jason carr: AP> again, i'd probably head in that direction in school. i used AP> to have a really good report on crypto on my computer AP> somewhere. can't seem to find it now though. it went into AP> pretty good detail on some of the algorthms and different AP> crypto methods, weaknesses to attack, and other similar AP> stuff. (stuff is a technical term here) AP> if i find it again, i'll post it somewhere for the masses. That would be cool. If it's too big to post, I'll FREQ it and make it available to others down here in Dallas. jason ... When God made woman, he used the rib that holds our stomachs in. 201434369420143436942014343694201434369420143436942014343694718 From: jason carr Area: Public Key Encryption To: Jerome Greene 14 Oct 94 20:48:22 Subject: Re: New To Pgp UpdReq -----BEGIN PGP SIGNED MESSAGE----- Jerome Greene wrote in a message to jason carr: jc> Here's how I do it. It's a little sloppy now, but it works and may jc> give you some ideas. jc> :: CALLQ.BAT, a way to make timEd call PGP for encryption, JG> Looks like you've cleaned this up quite a bit from what I JG> first saw. Jerry Yeah, a little clearer, I hope. It's certainly not the ultimate solution, but hopefully it's helpful. jason ... Insanity is fun if you do it right. -----BEGIN PGP SIGNATURE----- Version: 2.61 Comment: PGP_ECHO: Encryption, sigs, and fun in D-FtW... iQCVAwUBLp9RbEjhGzlN9lCZAQGlVQP9G9fAmmOMKQromLahlYeZH2/MUXIroeSw RtHpnQLyRS9pv923GzjFkMZ75vh8NyrB4mUadPDJlkNjhxBaP5EwoMeuQE443U1v D8HGJEpfczBoFdRizEsDadykY7OGgmfO/YWoCuIPdP8/YhshlmMEbPn6gdQT1tt6 okl2Q3796C0= =7J8F -----END PGP SIGNATURE----- 201434369420143436942014343694201434369420143436942014343694718 From: Jim Grubs, W8GRT Area: Public Key Encryption To: All 14 Oct 94 09:56:00 Subject: Phil's travels UpdReq Come out and support Phil if he's in your area. > Path: voxbox!news > From: Philip Zimmermann > Newsgroups: alt.security.pgp > Subject: PRZ tour schedule > Message-ID: > Date: Fri, 14 Oct 1994 00:55:29 -0700 (MDT) > Sender: news@voxbox.norden1.com > Reply-To: Philip Zimmermann > From: Philip Zimmermann > tel +1 303 541-0140 > Sometimes when I get back from my travels, someone > finds out that I was > traveling in their area, and they say I should have > posted my travel > schedule so that more people in that area could meet > with me or come > and see me speak. > For those of you who might want to meet with me > regarding PGP or other > matters, here is a summary of a fairly complicated > tour I'm starting on > later this month. > Wed 26 Oct - Arriving in Los Angeles from Denver. > Thu 27 Oct, 4pm - Debate with NSA General Counsel > Ronald Lee, at the Thousand > Oaks Civic Arts Auditorium, at the "Passport to > Tomorrow" conference, > presented by the World Affairs Council of Ventura > County. > Contact: Bill Barbee at 805 652-2052. > Sat 29 Oct, 8:45am - Arrive in London, England, > Gatwick. > London itiniery details TBD, but as the plans > settle down, > Paul Leyland might know > something. > Tue 1 Nov, 4:15pm - Talk at Cambridge University, > details TBD. > Contact: Ross Anderson, email > ross.anderson@cl.cam.ac.uk. > Wed 2 Nov - Arrive in Bucharest, Romania. > Thu 3 Nov - Speak at ROSE94 conference in Bucharest. > Contact: Alexandru Rotaru, email arot@guru.ro. > Sun 6 Nov - Arrive in Budapest, Hungary. > Mon 7 Nov - Speak at Hungarian Unix Users Group > conference in Budapest. > Contact: Zoltan Porkolab, email > gsd@augusta.elte.hu. > Wed 9 Nov, pm - Arrive in Washington DC, Dulles. > Thu 10 Nov, 9am - All-day cryptography seminar at the > ACM conference > at the University of Maryland. > Contact: Skip Williamson, email > williamson.robert@forum.va.gov. > Fri 11 Nov, 10am-12 - Speak at Software Psychology > Society conference, > at GWU's Marvin Center, Washington. Other > speaker is Dorothy Denning. > Sat 12 Nov, 10am - Tour NSA Crypto Museum, Fort Meade, > MD. > Sat 12 Nov - Arrive in Boston. > Mon 14 Nov - Speak at Hal Abelson's class at MIT. > Mon 14 Nov, pm - Arrive in Washington DC again. > Tue 15 Nov, 8am-9:15 - Speak at Computer Security > Institute conference. > Topic: Cryptography and Social Responsibility. > Tue 15 Nov, pm - Arrive in Denver. > Wed 16 Nov, 9:45am-11:30 - Denver, Regency Hotel (303 > 458-0808), > Colorado Information Managers Association (CIMA) > conference. > Talk on authentication and privacy of government > records. > Contact: John Komdat, at 303 866-2102. > Thu 17 Nov - CableLabs, Louisville, CO. Talk on > public policy issues > regarding privacy and civil liberties on the > National Information > Infrastructure. > Thu 17 Nov, pm - Boulder, CO. Sleep. Sincerely, Jim Grubs, W8GRT 201434369420143436942014343694201434369420143436942014343694718 From: Jim Grubs, W8GRT Area: Public Key Encryption To: David McIntyre 14 Oct 94 16:26:00 Subject: Which PGP version is best? UpdReq > I know this is a loaded question, but which is the > best version of PGP > to use? Why not use the one Phil Zimmerman wrote and uses, the M.I.T. version? Sincerely, Jim Grubs, W8GRT 201434369420143436942014343694201434369420143436942014343694718 From: Jim Grubs, W8GRT Area: Public Key Encryption To: gk pace 14 Oct 94 16:31:00 Subject: Clear-Signed "Hole" UpdReq > -----BEGIN PGP SIGNED MESSAGE----- > In a message dated: 08 Oct 94, you were quoted as > saying: > JGW> The MIT version is written by Phil Zimmerman. What the hell more do you > > JGW> want? > No more than those issued by the Rebel. Are you saying you think Phil has nothing to do with the MIT version of PGP? Sincerely, Jim Grubs, W8GRT 201434369420143436942014343694201434369420143436942014343694718 From: Shawn McMahon Area: Public Key Encryption To: David McIntyre 15 Oct 94 12:39:26 Subject: Which PGP version is best? UpdReq Despite the stern warnings of the tribal elders, David McIntyre said this to All: DM> I know this is a loaded question, but which is the best version DM> of PGP to use? Rebellious Guerilla's OS/2 compile of 2.61, with bugfixes. Or, MIT's MSDOS compile of 2.6.1, without bugfixes. DM> I know that 2.3a is the last version with true RSA, but is DM> the new encryption algorithm any less secure than RSA? That is false. MIT's versions use the exact same encryption algorithms as 2.3a; RSA and IDEA. MIT simply uses the RSAREF library for it's RSA implementation, while 2.3a and below use a custom implementation written by Phil Zimmerman. DM> Also, which version will allow the most people to decrypt my DM> messages? 2.3a and/or the European 2.6UI hack. For now. However, be advised that you're talking very few extra people. Most are either capable of making the minor modification to 2.3a to allow it to read 2.6 messages, or have downloaded a version that will. Also understand that ALL the versions of PGP that can produce messages readable by 2.3a at present, with the exception of ViaCrypt's commercial 2.4 version, are patent violations. DM> Last question is, what is the best format to use as my DM> ID/address if I don't have an internet address? You have several options. For one thing, you should probably make your primary UserID simply your full name, with or without middle initial or name. This is because your address may change, and you don't want to have to get a whole new raft of signatures every time it does. Then, you can try one of the following ideas: David McIntyre David McIntyre <@f441.n3625.z1.fidonet.org> Fidonet is, in a sense, part of the Internet. You can be sent Internet email as: David.McIntyre@f441.n3625.z1.fidonet.org Thus, either of the above gives people the information they need to contact you via either Fidonet or Internet. The advantage of the first example is that Fidonet people who don't know about Internet can more easily read the address; the advantage of the second is that Internet people who don't know about Fidonet can more easily read it. A third alternative would be to simply put the Fidonet ID, then put your full Internet address as the next one. Thus, you'd use the following IDs: David X. McIntyre [whatever your middle initial is] David McIntyre David.McIntyre@f441.n3625.z1.fidonet.org If you sign all your extra IDs yourself, you only need to have others sign your first ID. As for your alias, there are two options. If you routinely let others know that you use that alias, and aren't relying upon it for any enhanced secrecy, then simply add it to the list of IDs. If you rely upon it for secrecy, create a new key just for it. 201434369420143436942014343694201434369420143436942014343694718 From: Shawn McMahon Area: Public Key Encryption To: Low Kok Kiong 15 Oct 94 12:38:52 Subject: pgp - HELP!!! UpdReq Despite the stern warnings of the tribal elders, Low Kok Kiong said this to All: LKK> few times. I think it stands for "Pretty Good Privacy", LKK> but apart from that, i know next to nothing. Primarily designed for encrypting and digital-signing electronic mail, also has some features to make it work well for storing encrypted files. Uses RSA for key management, IDEA for encryption, MD5 for message-digests, a modified RADIX-64 for converting 8-bit data to 7-bit (similar to UUENCODE) and a ZIP-type algorithm for compression prior to encryption. LKK> any1 out there please enlighten how to use it, which LKK> file/program to download ...etc, possibly also what LKK> literature to read to understand more? thanks alot. The documentation will tell you much, and has references to other cryptographic works if you really want to fill your brain with it. As to what you should download, it depends upon what operating system you use, and in what countries you'll be using the program. Assuming MS-DOS in the United States and Canada, you should download PGP261.ZIP most places. Filename might be slightly different, that's the one on Fidonet 1:374/14. Also available at that address is PGP261A.ZIP, which has some bugfixes. However, it may not be legal to distribute it and you'll have to decide for yourself whether you trust other people modifying your copy of PGP. For other operating systems, you'll have to hunt. Same address has various OS/2, Mac, and Amiga versions. FREQ "PGPFILES" from that address for a complete list of what he has. If you need an Internet FTP site, lemme know and I'll dig one up. 201434369420143436942014343694201434369420143436942014343694718 From: Shawn McMahon Area: Public Key Encryption To: Ross Lonstein 16 Oct 94 00:58:50 Subject: Re: RC4 Revealed! UpdReq Despite the stern warnings of the tribal elders, Ross Lonstein said this to Shawn McMahon: RL> I, being one of the others, suspect nothing. Were I a user of RL> RC4, I would have general concerns over the security of the RL> algorithm, marketing strategy or not. I don't think that you and I are in disagreement, Ross. I was only saying what I believed might be Rivest's reason, not what I think was a *GOOD* reason. He may have felt that underinformed potential clients might feel, incorrectly, that a "secret" algorithm was more secure. For better-informed clients, he could always use another algorithm, with proven security. And remember, RC4 probably *IS* secure. I don't trust it, and neither do lots of professionals in the field (which I decidedly am NOT) but even some of those who don't trust it (like Bruce Schneier, for instance) acknowledge that Rivest is among the top minds in the field. RL> I stand corrected about its publication but adhere to my RL> belief that most writers for mainstream journals/newspapers RL> are tragically underinformed about the topics they report RL> and cannot sift the grain from the chaff- any recent copy of RL> Newsweek or Time will lend RL> proof. My five-plus years' experience working in newspaper and radio leave me in perfect agreement, Ross. Then again, now that I'm back in the computer field, I'm finding that many people making money off of the unsuspecting public in this field are ALSO less than fully competent. Ghu love 'em; I'm making a bundle cleaning up their messes. :-) 201434369420143436942014343694201434369420143436942014343694718 From: Shawn McMahon Area: Public Key Encryption To: Jim Grubs, W8GRT 16 Oct 94 00:58:32 Subject: Clear-Signed "Hole" UpdReq Despite the stern warnings of the tribal elders, Jim Grubs, W8GRT said this to gk pace: >> No more than those issued by the Rebel. JGW> Are you saying you think Phil has nothing to do with the MIT JGW> version of PGP? Are you saying you think RG wrote his version from scratch? MIT's version is other people's modifications to Phil's code. RG's version is one-or-more other people's modifications to Phil's code. GK's point is a good one. True, trusting RG's compiles requires trusting one more person than trusting MIT's, but if you've ever messed with GenMsg then you've trusted GK, and it's his word you're taking that RG is trustworthy. If you've even MESSED with GenMsg, you've trusted that GK wouldn't misuse knowledge of your passphrase, and potential access to your secret key. If GK is lying about RG's trustworthiness, then you've already given him access to your passphrase so you're screwed. 201434369420143436942014343694201434369420143436942014343694718 From: Scott Miller Area: Public Key Encryption To: Tony Belding 15 Oct 94 19:38:00 Subject: PGP & headers UpdReq TB>Suppose I am using PGP to encrypt LHA or ZIP compressed TB>files. Those files have a predictable header. Does this TB>make the encryption less secure? If so, to what degree? I wouldn't think it should make any difference. But then I am not a cryptography expert. Though I do believe that in RSA it should not make as much difference as a conventional substitution cipher. ------------------------------------ Scott PGP v2.6 key available! FREQ PGPKEY ------------------------------------ KeyID: 4CA7DD5D 201434369420143436942014343694201434369420143436942014343694718 From: Scott Mills Area: Public Key Encryption To: Ryan Adams 14 Oct 94 22:14:58 Subject: PGP & Golded UpdReq -----BEGIN PGP SIGNED MESSAGE----- Tuesday October 11 1994, Ryan Adams writes to All: RA> I am having some problems using GoldEd 2.42 for OS/2 and PGP 2.6 UI for RA> OS/2. Quite simply, they don't seem to work together using the files and RA> instructions that are included in Golded. I think there might be some RA> incombatible commands, but I am not sure. In your GOLDED.CFG file there should be a section that looks like this EXTERNUTIL 1 c:\pgp\pgp2.exe +force -sa @file "@dname" "@oname" -u "@oname" -o @file EXTERNUTIL 2 c:\pgp\pgp2.exe +force -ea @file "@dname" "@oname" -o @file EXTERNUTIL 3 c:\pgp\pgp2.exe +force @file -o @file EDITSAVEMENU Yes EDITSAVEUTIL 1 "S PGP Sign the msg" EDITSAVEUTIL 2 "E PGP Encrypt the msg" EDITSAVEUTIL 3 "D PGP Decrypt the msg" you want to add a fourth option. EXTERNUTIL 4 d:\mailer\golded\clearsig.cmd and EDITSAVEUTIL 4 "C PGP Clearsign the msg" then create a CLEARSIG.CMD file that contains the following pgp -sta +clearsig d:\mailer\golded\golded.msg -o sign.tmp copy sign.tmp golded.msg del sign.tmp That works for me. I think the problem with the standard setup is that OS/2 is so protective of files. It wont let you write an output with the same name of the input file as long as the input file is still open. RA> secure mail. I'll leave the paranoia to the security freaks who think the RA> CIA is watching them . Aren't they? Scott Today's subliminal message is .Thank You. Scott Mills 1024/26CD5D03 For my PGP key just send NetMail with Return Receipt Request flag on. sm@f119.n265.z1.fidonet.org - --- -----BEGIN PGP SIGNATURE----- Version: 2.61 iQCVAwUBLp8/bCP6qSQmzV0DAQH1WwQAnee/AVYnPj7mZXK8l/ZYoaJgVzq4juQ/ ANy4o24vAbouccGaOXqR+Mum8OM5+rtlEdvYETgIg3MNaWrD19E5LifzpKaHRSWp A1PEEj9MinSQIz4ygZZmj5j4Hk7KQpu5sJCfKSDd4x8r9zOxO6lazMLyWKJbwsPL YN1Mmq3ee4s= =mk4t -----END PGP SIGNATURE----- --- 201434369420143436942014343694201434369420143436942014343694718 From: Scott Mills Area: Public Key Encryption To: Alan Pugh 14 Oct 94 22:38:40 Subject: Clear-Signed "Hole" UpdReq Monday October 10 1994, Alan Pugh writes to gk pace: AP> i've played with this to see how much of a bug it is, and i think it AP> is a pretty serious bug to those not _thouroughly_ conversant with AP> the workings of pgp. many wouldn't think to check the output with a AP> messages if it checks out as o.k. i know that i didn't initially AP> until i performed some rather extensive tests. My usual method was just to run the who packet through PGP and direct the output to a text file. Then I'd just scan for errors. Apparently that hasn't been accomplishing much. Scott The Bill Clinton Watch: Only $14.95 + Tax + Tax + Tax + Tax + Tax... Scott Mills 1024/26CD5D03 For my PGP key just send NetMail with Return Receipt Request flag on. sm@f119.n265.z1.fidonet.org --- 201434369420143436942014343694201434369420143436942014343694718 From: Brian Ehrler Area: Public Key Encryption To: All 15 Oct 94 21:03:00 Subject: PGP and Blue Wave UpdReq Does anyone know where I can FREQ a copy of the program that interfaces PGP with Blue Wave Offline mail reader? Thanks Brian ... "Milhouse, we live in the age of cooties!" - Bart Simpson 201434369420143436942014343694201434369420143436942014343694718 From: John Schofield Area: Public Key Encryption To: All 10 Oct 94 23:43:24 Subject: Nodelist problems UpdReq -----BEGIN PGP SIGNED MESSAGE----- I just wanted to let everyone know--if you're having trouble sending netmail to me, or anyone else in net 102, there's a simple reason. Someone dropped *ALL* of net 102 from the nodelist, as well as two other nets, I understand. Yikes! Hopefully this will get cleared up by the time nodelist.287 gets distributed. nodelist.280 was the guilty one. We're running on nodelist.273 here until it gets cleared up. If this message is bit choppy, it's because I've been working hard, it's late, and I'm tired. Hope it makes sense. {grin} JMS -----BEGIN PGP SIGNATURE----- Version: 2.7 Comment: Call 818-345-8640 voice for info on Keep Out magazine. iQCVAwUBLpoz52j9fvT+ukJdAQF4kgQAxr4fhcOmLJNMZmImT1nElBH0xme8QfCX 0yyuyLn31WLrF2JfKwzFMcgKKydXrXkS/+u+7eVKS3UBCXaiKOkXGIjKfw9Vpn/A hqutef3jCycNDyzjX345+io7N5FV/qSPW+D91nC//ndebl9W09Bj8GLGQwQY6eWH yNV/PHQJCRY= =Z2qm -----END PGP SIGNATURE----- **EZ-PGP v1.07 ... "It's not frozen up, it's just resting." -- John Schofield 201434369420143436942014343694201434369420143436942014343694718 From: Bill Brown Area: Public Key Encryption To: Wes Landaker 15 Oct 94 04:45:04 Subject: REXX script UpdReq On (11 October 94) Wes Landaker wrote to Brad Stiles... WL> Of course, I run it a bit differently, as I have written a fairly WL> complex REXX command script that handles everything for me under OS/2, WL> If you're interested, I can send it to ya, or post it here. Please post it, as I'm sure I'm not the only one who might be interested. :) Thanks. Bill Brown 201434369420143436942014343694201434369420143436942014343694718 From: Brian McMurry Area: Public Key Encryption To: Ross Lonstein 14 Oct 94 00:37:06 Subject: Re: RC4 Revealed! UpdReq -----BEGIN PGP SIGNED MESSAGE----- On Wed 28-Sep-1994 9:53a, Ross Lonstein wrote: RL> scheme unless it was already insecure. Neither will it enable an RL> experienced programmer to write a cryptography routine since there are RL> relatively few who can understand the workings sufficiently well to code RL> it. It is very easy to add it to any program since it was posted in full 'C' form. Futher, it has been improved upon after close scrutiny by the group that it was released to. RL> >It is also the only software-based formula that the National Security RL> >Agency, the govenrment's electronic spy agency, will permit to be RL> >easily exported under and agreement the agency reached two years ago RL> >with the Software Publishers Association, an industry trade RL> >association. RL> And there is the proof that it is insecure, the NSA likes it. Not necessarily, the NSA only appoves of 40-bit or less implimentations of RC4. -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLp1iwd2dg1OWsljdAQHZ/wQA8L4U94ekryNyLJrcZLh1X282+f1nDTWS xgRYzM15VF3p+REm2ptS5jVbftuwvFIo6Nff1M0YuWDoOZT+fqGw7Vg91ImHH0sJ XANG6CgCsoXd+CtXRe/iMQU2bGVqtdJZGLw0u1qxzhEstYzWTureHLApSouAHTMK rvh5UBkdeAo= =A+Rx -----END PGP SIGNATURE----- 201434369420143436942014343694201434369420143436942014343694718 From: Brian McMurry Area: Public Key Encryption To: Jason Carr 14 Oct 94 00:47:10 Subject: Re: PGP Signatures UpdReq -----BEGIN PGP SIGNED MESSAGE----- On Sat 8-Oct-1994 11:19a, Jason Carr wrote: JC> Jeez Louise, how many recipients were encoded in there? I regularly JC> encrypt to 6-7 people and my msgs are not noticeably longer. All of the Fido people on my keyring -- I'd guess about 50. (Yes, I had to write a script to do it for me.) -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCUAwUBLp1mOt2dg1OWsljdAQEvEwP3V5ORRveOwuXLHEqNskk0ke04eTvxUe3E E3niSxn5jIFzYWHncjM98zv2pUi/eesv3YLKIhFuWFikOmy5zrfrQ47apE0F+0vY e9mYJAVkEBLkXZPcfbSsCPlOamyyu+/IV8jl3ckhJXf7GGRrk3kLLZ6GGjJEiM68 1H9Rin3MIA== =Vqot -----END PGP SIGNATURE----- 201434369420143436942014343694201434369420143436942014343694718 From: Charles Chapman Area: Public Key Encryption To: All 12 Oct 94 01:11:00 Subject: Article in Dr. Dobb's Journal UpdReq -----BEGIN PGP SIGNED MESSAGE----- Anything above this line is not part of the message. There is an article entitled "Truly Random Numbers," on page 113 of the 11/94 ed. of Dr. Dobb's Journal. The article is by Colin Plumb, one of the designers and programmers of PGP. The article also lists C source code on page 137. -----BEGIN PGP SIGNATURE----- Version: 2.6.1 Comment: Private e-mail address: charlesc@netcom.com. iQCVAwUBLpubCtRsZFzPbtphAQFEHwP/ZRa8PpCIJNn6jzvQzb2xQO9MJES/Z2X6 5f2mdnGvFc5fZ4tR9ZyRsvAo7Cw0JLHrDR0IZe8IGWwCOyjK6X6TAS37jsx+v4cb W8NsuKfXISLIKLplOm/s0fEktbfQxMMLndAlaS1LdQH+rMKafhx7YIDynupA3NyJ D+M5aqUN/ss= =ViL5 -----END PGP SIGNATURE----- 201434369420143436942014343694201434369420143436942014343694718 From: John Schofield Area: Public Key Encryption To: Ross Lonstein 13 Oct 94 08:42:10 Subject: There goes more freedom! UpdReq -----BEGIN PGP SIGNED MESSAGE----- --==I hope nobody is taking this post seriously. It is obviously a joke >(but a good one!) > >> It came from UPI (or at least appears to have) and you think it's a >> JOKE?! >> Come on... > >> When you're denied access to Internet or limited to 5 MHz or 2400 bps, >> THEN tell me it is a joke. RL> Yes. It is a joke, adapted from the licensing structure for ham radio RL> operators. Lighten up, folks! The following is stolen without permission from Dave Barry, a nationally syndicated humor columnist. It is a test to tell whether you are humor-impaired. Please take it. Dave Barry suggests subtitles (THIS IS NOT A JOKE, HE REALLY DOES) in text to let humor-impaired people know when things are supposed to be funny and when they aren't. (Note: In this quote, text between *'s was in italics in the original column) **************BEGIN QUOTE************** Today we're going to attempt a ground-breaking medical experiment in an effort to help those unfortunate readers who suffer from a tragic condition called Humor Impairment. Don't laugh! Humor Impairment aflicts Americans from all walks of life. Look at Richard Nixon. Here's a man whose sense of humor was so badly stunted that he was forced, at White House social functions, to wear special undershorts equipped with radio-controlled electrodes so that his aides could signal him, via electric shocks, when he was supposed to laugh. Sometimes, if the guests were unusually witty, the chief executive wound up twitching like a fresh-caught mackerel as dangerous voltage levels were reached in his boxers. So it is possible for a Humor Impaired person, through courage and determination, to overcome his handicap, and maybe even someday, like Mr. Nixon, attain the ultimate political achievement of not getting indicted. But before we can treat Humor Impairment, we have to be able to recognize it. It can affect anyone. YOU could have it. To find out whether you do, ask yourself this: *What was your reaction to the first paragraph of this column?* Did you think: "Ha ha! That Nixon sure is a geek, all right!" Or did you think: "This is offensive, cheap, crude, and vicious humor, aiming fun at a former president of the United States, a major public figure, an internationally recognized elder statesman, just because he is a geek." If you had either of those reactions, you are not Humor Impaired, because you at least grasped that the paragraph was *supposed* to be funny. The Humor Impaired people, on the other hand, missed that point entirely. They are already writing letters to the editor saying: "They wouldn't use electric shocks! They would use hand signals!" Or: "Where can I buy a pair of undershorts like that?" Trust me! I know these people! I hear from them all the time! **********END QUOTE*********** If you fail the test, PLEASE ask a friend with a sense of humor to interpret questionable material you see on the net, before you make a fool of yourself taking it WAY too seriously. (THIS IS A JOKE. HE IS NOT ACTUALLY SUGGESTING THAT PEOPLE INTERPRET HUMOR FOR YOU. JUST LIGHTEN UP.) JMS -----BEGIN PGP SIGNATURE----- Version: 2.7 Comment: Call 818-345-8640 voice for info on Keep Out magazine. iQCVAwUBLp1VAGj9fvT+ukJdAQGfuAP/ZpEXqdDEOjiuVnECZykK+UVmwmPvE+wR 3oNPf3pIkkxJaAtusISTRVRxNp7VJwjoivhXJjE8uuCxasEfMH/U4e4w2KVzYSYN pVdYOdkesEQIGZ5n+kx6n8JB9YgTwK1P9ubNSNtbFMe9Dnf2TkAWuP69aC4av36v SS5tluJHFXc= =nEzq -----END PGP SIGNATURE----- **EZ-PGP v1.07 ... I thought about being born again, but my mother said no. 201434369420143436942014343694201434369420143436942014343694718 From: Ryan Watson Area: Public Key Encryption To: ALL 14 Oct 94 23:14:48 Subject: Howdy All Here's my Spot!!! UpdReq -----BEGIN PGP SIGNED MESSAGE----- Hello folks, just testing out my Arexx scripts with my new Spot. R. Matthew Watson (BVFD Unit #1821) -----BEGIN PGP SIGNATURE----- Version: 2.6 Comment: PGP & Amiga, a forever winning combination! iQBVAwUBLp9lQwmcRtNX1uOhAQG/jwH/YuChsdjnH3K7tU9PRujuTBcb61URmLkj LQWRSqfuzK3lh/rZrHSe/WICp+BHxgosIxPkC4t76aZV+TQwex49bQ== =oK5w -----END PGP SIGNATURE----- 201434369420143436942014343694201434369420143436942014343694718 From: Tim Devore Area: Public Key Encryption To: Ryan Watson 15 Oct 94 05:43:28 Subject: Howdy All Here's my Spot!!! UpdReq -----BEGIN PGP SIGNED MESSAGE----- In a message of 14 Oct 94 Ryan Watson wrote to ALL: RW> Hello folks, just testing out my Arexx scripts with my new Spot. RW> R. Matthew Watson (BVFD Unit #1821) I'm testing you back but you need to get my new key and delete the one that you have now. Tim Devore -----BEGIN PGP SIGNATURE----- Version: 2.6 Comment: Don't know the contents? Don't claim responsibility for it! iQCVAwUBLp/qjWH5di5VidgVAQEDVQQAlzsnvxHU+tZ8u6H3B3CH2zotAIpp96gU JPkPX71JlFJGZDZZx8a9Jg8IRzs16WmAmoA+DY6xtvHzRD5qEVGkpnYU6+li28Kh vEtLjhvSx83fXHNQhqism4UNKJzDELCxDaruS7r8czH5SKn0X2+O5X0xiSJZ1OeZ fJH599K0BZE= =vtBF -----END PGP SIGNATURE----- 201434369420143436942014343694201434369420143436942014343694718 From: Ryan Watson Area: Public Key Encryption To: Tim Devore 15 Oct 94 14:03:24 Subject: Re: Howdy All Here's my Spot!!! UpdReq In a message of 15 Oct 94 Tim Devore wrote to me: TD> In a message of 14 Oct 94 Ryan Watson wrote to ALL: RW>> Hello folks, just testing out my Arexx scripts with my new Spot. RW>> R. Matthew Watson (BVFD Unit #1821) TD> I'm testing you back but you need to get my new key and delete the one TD> that you have now. Well, it works. I just checked your signature and it's good, and Spot also removed the signature from the message. Nifty ay? Well this is as good a time as any to release my key to the public. -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6 Comment: PGP & Amiga, a forever winning combination! mQBNAi5Jb0EAAAECAJVqiDfZs+sbpQl1Nw9NzkYQW1nUfBoZAlxHfh1Wm0C5wqDm mjD8/q6ZkjkDIKrqd/1/i4ltBsd1CZxG01fW46EABRG0C1J5YW4gV2F0c29uiQBV AwUQLqAuzAmcRtNX1uOhAQEiEgH/UUqVq5ZC9SUnahG5LsJc2zuiSAlmemYrvqf+ FIDHqhmOBloalBtzQ/mq7aluld+a1HRbXynqGJAculKRRjNVerQjUi4gTWF0dGhl dyBXYXRzb24gKEJWRkQgVW5pdCAjMTgyMSmJAJUDBRAue9mDNEKKWH+SSC0BAbpB A/9bbj0CZewi4lIIMFKfYr2ChmVXgKM3bMN0SNlRbY0/IBvpRB8Qs76Pi5df71NR SWcOUvTy7Kge3mq0CqgtQLFmIyw3jYAYp7V3izgBXyQ187BhNCyt95e2dhRiUbas z70KKJ9tI4i2kC9r3NTBG1d8UMUsNHnRPoNCh6n5veD1YokAVQMFEC572SgJnEbT V9bjoQEBrmECAIL4G3zAOIJVESaaX6Qq1zcqp0kFlzSlKtmltYVFQWUYhHXwutmj EB+7mEV6oBhnNyJ9f6LcEmJYKPocDYaFUsSJAJUCBRAuYBCmZAP8KE0Lhu0BAUEs A/kBxd1n7bM2PoHIvKjP/Gjhj/Yo8qScYEwMQvJYBaMMWrTlPkuDLb85pot2u2FK Mr+8F94jhJ3TmFbEJnOqOEgvADnwRqPRp8lrUjZ0d0epeFK99Ox1WeKuEqXK2Rik OTuBFiNIOpHLEy4uSGsAX6rI6Cgk6sdo0v5n/XMUKk/5d4kAdQIFEC5gEDkptxGf 3XV+nQEBNcsC/0ys4qOlEsrdWivkQSFeKhEPyd6mzCxI1+Qve3dboCSCKS5rW/Zp 05AAZg3HEBVuMIWri/duPqRh1exvTwQp5nssOtoGKk0Keb8VV+oVOTJAJfWSa88x h2YIvzZ2DaQ88bQ8Ui4gTWF0dGhldyBXYXRzb24gPHJ5YW4ud2F0c29uQHAxLmYx ODAubjI0NDAuejEuZmlkb25ldC5vcmc+ =O7Tp -----END PGP PUBLIC KEY BLOCK----- R. Matthew Watson (BVFD Unit #1821) 201434369420143436942014343694201434369420143436942014343694718 From: Jim Grubs, W8GRT Area: Public Key Encryption To: Rob Szarka 15 Oct 94 16:31:00 Subject: News from PRZ UpdReq > I'm sure you meant well by posting this message, but > since it wasn't > signed surely none of use will lend it the full weight > of Mr. > Zimmerman's authority... :( Suit yourself. Oh, did I mention Phil's host doesn't carry alt. newsgroups and his two-way link to alt.security.pgp is via e-mail through my system? So, there's no doubt in MY mind it's "authoritative." By the way, Phil doesn't sign every little thing. He's one of those odd people who think that beyond a certain point concern for security turns into paranoia. Sincerely, Jim Grubs, W8GRT 201434369420143436942014343694201434369420143436942014343694718 From: Nancy Feldman Area: Public Key Encryption To: Brian Ehrler 16 Oct 94 22:00:00 Subject: PGP and Blue Wave UpdReq You can FREQ PGPBLU30.zip from me if you are at high speeds. I can be reached at 1:152/53 if you have the mos recent nodelist. Nancy 201434369420143436942014343694201434369420143436942014343694718