Tällä hetkellä haetaan:

• Microsoft julkisti Windows 7:n beetaversion kuluttajille
• Avoin lähdekoodi vyöryy Vietnamin ministeriöihin
• Facebook on Venäjää kansoitetumpi
• Väärennetyt iPhone Nanot ehtineet Eurooppaankin
• Wikipedia varmisti rahoituksensa kesäkuuhun 2009 asti
• Symbian S60 -puhelimissa tekstiviesteihin perustuva palvelunestohaavoittuvuus
• Windows 7 beta karkasi Internetiin etuajassa
• Nokia myy tietoturvalaiteliiketoimintansa Check Pointille
• Lähes 700 000 ruotsalaista käyttää vertaisverkkoja
• Nvidia mukaan netbook-bisnekseen
• Uutisarkisto

Rekisteröidy Sektoriin ja tilaa itsellesi joko aamuisin tai iltaisin ilmestyvä uutiskirje sähköpostiisi.

Torstai, 15.2.2001

Tatu Ylönen syyttää OpenSSH:ta tavaramerkkirikkomuksesta

SSH-protokollastaan tunnetun SSH Communications Security Oy:n toimitusjohtaja Tatu Ylönen on kirjoittanut OpenSSH:n kehittäjien postituslistalle pitkän viestin, jossa hän väittää OpenSSH:n rikkovan SSH Communications Securityn tavaramerkkioikeutta termeihin SSH ja Secure Shell. Ylönen vaatii OpenSSH-projektia muuttamaan nimensä. Kirjainlyhenne SSH on esiintynyt SSH Communications Securityn nimessä ja tuotteissa firman perustamisesta lähtien vuonna 1995. OpenSSH on täysin SSH Communications Securityn tuotteista erillinen ilmainen SSH-protokollaa hyödyntävä apuohjelmapaketti, jota kehitetään pääasiallisesti OpenBSD-projektin alaisuudessa. OpenSSH:n kehittäminen alkoi vuonna 1999.

Tatun viesti:

From: Tatu Ylonen
To: openssh-unix-dev@mindrot.org
Subject: SSH trademarks and the OpenSSH product name
Organization: SSH Communications Security, Finland
Sender: owner-openssh-unix-dev@mindrot.org

Friends,

Sorry to write this to a developer mailing list. I have already approached some OpenSSH/OpenBSD core members on this, including Markus Friedl, Theo de Raadt, and Niels Provos, but they have chosen not to bring the issue up on the mailing list. I am not aware of any other forum where I would reach the OpenSSH developers, so I will post this here.

As you know, I have been using the SSH trademark as the brand name of my SSH (Secure Shell) secure remote login product and related technology ever since I released the first version in July 1995. I have explicitly claimed them as trademarks at least from early 1996.

In December 1995, I started SSH Communications Security Corp to support and further develop the SSH (Secure Shell) secure remote login products and to develop other network security solutions (especially in the IPSEC and PKI areas). SSH Communications Security Corp is now publicly listed in the Helsinki Exchange, employs 180 people working in various areas of cryptographic network security, and our products are distributed directly and indirectly by hundreds of licensed distributors and OEMs worldwide using the SSH brand name. There are several million users of products that we have licensed under the SSH brand.

To protect the SSH trademark I (or SSH Communications Security Corp., to be more accurate) registered the SSH mark in the United States and European Union in 1996 (others pending). We also have a registration pending on the Secure Shell mark.

The SSH mark is a significant asset of SSH Communications Security and the company strives to protect its valuable rights in the SSH® name and mark. SSH Communications Security has made a substantial investment in time and money in its SSH mark, such that end users have come to recognize that the mark represents SSH Communications Security as the source of the high quality products offered under the mark. This resulting goodwill is of vital importance to SSH Communications Security Corp. We have also been distributing free versions of SSH Secure Shell under the SSH brand since 1995. The latest version, ssh-2.4.0, is free for any use on the Linux, FreeBSD, NetBSD, and OpenBSD operating systems, as well as for universities and charity organizations, and for personal hobby/recreational use by individuals.

We have been including trademark markings in SSH distributions, on the www.ssh.fi, www.ssh.com, and www.ssh.org web sites, IETF standards documents, license/readme files and product packaging long before the OpenSSH group was formed. Accordingly, we would like you to understand the importance of the SSH mark to us, and, by necessity, our need to protect the trademark against the unauthorized use by others.

Many of you are (and the initiators of the OpenSSH group certainly should have been) well aware of the existence of the trademark. Some of the OpenBSD/OpenSSH developers/sponsors have also received a formal legal notice about the infringement earlier.

I have started receiving a significant amount of e-mail where people are confusing OpenSSH as either my product or my company's product, or are confusing or misrepresenting the meaning of the SSH and Secure Shell trademarks. I have also been informed of several recent press articles and outright advertisements that are further confusing the origin and meaning of the trademark.

The confusion is made even worse by the fact that OpenSSH is also a derivative of my original SSH Secure Shell product, and it still looks very much like my product (without my approval for any of it, by the way). The old SSH1 protocol and implementation are known to have fundamental security problems, some of which have been described in recent CERT vulnerability notices and various conference papers. OpenSSH is doing a disservice to the whole Internet security community by lengthening the life cycle of the fundamentally broken SSH1 protocols.

The use of the SSH trademark by OpenSSH is in violation of my company's intellectual property rights, and is causing me, my company, our licensees, and our products considerable financial and other damage.

I would thus like to ask you to change the name OpenSSH to something else that doesn't infringe the SSH or Secure Shell trademarks, basically to something that is clearly different and doesn't cause confusion.

Also, please understand that I have nothing against independent implementations of the SSH Secure Shell protocols. I started and fully support the IETF SECSH working group in its standardization efforts, and we have offered certain licenses to use the SSH mark to refer to the protocol and to indicate that a product complies with the standard. Anyone can implement the IETF SECSH working group standard without requiring any special licenses from us. It is the use of the "SSH" and "Secure Shell" trademarks in product names or in otherwise confusing manner that we wish to prevent.

Please also try to look at this from my viewpoint. I developed SSH (Secure Shell), started using the name for it, established a company using the name, all of our products are marketed using the SSH brand, and we have created a fairly widely known global brand using the name. Unauthorized use of the SSH mark by the OpenSSH group is threathening to destroy everything I have built on it during the last several years. I want to be able to continue using the SSH and Secure Shell names as identifying my own and my company's products and technologies, which the unlawful use of the SSH name by OpenSSH is making very hard.

Therefore, I am asking you to please choose another name for the OpenSSH product and stop using the SSH mark in your product name and in otherwise confusing manner.

Regards,

Tatu Ylonen

SSH Communications Security http://www.ssh.com/
SSH IPSEC Toolkit http://www.ipsec.com/
SSH(R) Secure Shell(TM) http://www.ssh.com/products/ssh

Muita aiheeseen liittyviä uutisia