1 |
On Sun, Sep 26, 2021 at 1:09 PM Peter Stuge <peter@×××××.se> wrote: |
2 |
> |
3 |
> There's not neccessarily a conflict between a patented idea and a |
4 |
> public domain implementation of that idea. |
5 |
|
6 |
It kind of depends on what you mean by "conflict." |
7 |
|
8 |
> |
9 |
> Take a fictional example: |
10 |
> |
11 |
> You and I independently invent the same thing. You patent it, then |
12 |
> write and publish an LGPL implementation. I, ignorant of your |
13 |
> accomplishment, later write and publish a different implementation, |
14 |
> placing it in the public domain. |
15 |
> |
16 |
> You having a patent doesn't neccessarily matter to me publishing my |
17 |
> implementation. |
18 |
|
19 |
Sure it does. Depending on the claims of the patent, your publication |
20 |
of the completely independent implementation is basically a public |
21 |
confession that you violated the original patent. Now, if you didn't |
22 |
obtain any commercial value from it and were ignorant it is pretty |
23 |
unlikely that somebody would actually go after you for it or get |
24 |
damages, but you can infringe on a patent while being completely |
25 |
ignorant of it and doing all your own independent work. The patent |
26 |
covers the idea, no matter how many times it is independently |
27 |
invented. |
28 |
|
29 |
> What users have to do is determined by the terms set forth in the |
30 |
> patent. E.g.: the QR-code patent has (I believe) not expired yet but |
31 |
> has always permitted using the idea without any explicit license under |
32 |
> the condition that all use is actually spec conformant. |
33 |
|
34 |
Generally patents, like copyright registrations, do not have "terms" |
35 |
for how you are allowed to use the patented technology. The patent |
36 |
just makes claims as to what is covered. For something completely new |
37 |
those claims often are pretty broad covering anything somebody could |
38 |
imagine the technology being used for. For something repurposed the |
39 |
claims tend to be narrow, as the inventor didn't actually come up with |
40 |
the original idea but claims the new application of it is novel in |
41 |
some way, and if you use it for anything else you're more likely to be |
42 |
free and clear. |
43 |
|
44 |
What you are talking about is a patent license, which is similar to a |
45 |
software license. You don't "copyright software under the GPL" - you |
46 |
just copyright the software full stop. Then, as a separate act, you |
47 |
issue however many licenses you wish to anybody you wish allowing them |
48 |
to do things that would otherwise infringe on the copyright. In the |
49 |
same way all a patent does is stake a claim on an idea, and then any |
50 |
licenses are a completely separate matter. If a patent holder wants |
51 |
to sue somebody they would point to what they're doing and then to the |
52 |
patent, and the court would determine if the action infringed, but the |
53 |
defense would be free to provide any license they believe they |
54 |
legitimately have from the patent holder that makes the action legal. |
55 |
|
56 |
> You seem to expect some due diligence from libtomcrypt authors before |
57 |
> having decided to publish their work and I don't find that reasonable. |
58 |
> I hope I've managed to explain why? |
59 |
|
60 |
So, I can't speak for libcrypt at all specifically, but I wouldn't |
61 |
assume that somebody has actually done due diligence before publishing |
62 |
anything. For all you know the authors of some random piece of |
63 |
software live someplace the patent is unenforceable and don't even |
64 |
care if it infringes, or they're protected by anonymity online. Back |
65 |
in the PGP ITAR days I believe somebody went through some loopholes to |
66 |
publish the software outside the US, and it is probably debatable |
67 |
whether that was legal under US law, but presumably the people who did |
68 |
it didn't care, and enforcement was unlikely at all, and especially |
69 |
unlikely if you didn't have plans to visit the US after bragging about |
70 |
distributing it. |
71 |
|
72 |
Really the same is true of software patents in general. For random |
73 |
individuals other than your own conscience it is pretty unlikely for |
74 |
there to be any kind of enforcement. For a business or concern of any |
75 |
size though it obviously is a risk that is probably not worth taking. |
76 |
This is arguably one of the value-adds a commercial distro could add: |
77 |
providing an assurance that anything in the distro is systematically |
78 |
and competently screened. Whether commercial distros actually due |
79 |
this in practice is something I don't know, though if they make |
80 |
promises and have the appearance of a decent program it might |
81 |
accomplish the CYA needs of due diligence for most companies... |
82 |
|
83 |
-- |
84 |
Rich |