| 1 |
On Sun, Sep 26, 2021 at 1:09 PM Peter Stuge <peter@×××××.se> wrote: |
| 2 |
> |
| 3 |
> There's not neccessarily a conflict between a patented idea and a |
| 4 |
> public domain implementation of that idea. |
| 5 |
|
| 6 |
It kind of depends on what you mean by "conflict." |
| 7 |
|
| 8 |
> |
| 9 |
> Take a fictional example: |
| 10 |
> |
| 11 |
> You and I independently invent the same thing. You patent it, then |
| 12 |
> write and publish an LGPL implementation. I, ignorant of your |
| 13 |
> accomplishment, later write and publish a different implementation, |
| 14 |
> placing it in the public domain. |
| 15 |
> |
| 16 |
> You having a patent doesn't neccessarily matter to me publishing my |
| 17 |
> implementation. |
| 18 |
|
| 19 |
Sure it does. Depending on the claims of the patent, your publication |
| 20 |
of the completely independent implementation is basically a public |
| 21 |
confession that you violated the original patent. Now, if you didn't |
| 22 |
obtain any commercial value from it and were ignorant it is pretty |
| 23 |
unlikely that somebody would actually go after you for it or get |
| 24 |
damages, but you can infringe on a patent while being completely |
| 25 |
ignorant of it and doing all your own independent work. The patent |
| 26 |
covers the idea, no matter how many times it is independently |
| 27 |
invented. |
| 28 |
|
| 29 |
> What users have to do is determined by the terms set forth in the |
| 30 |
> patent. E.g.: the QR-code patent has (I believe) not expired yet but |
| 31 |
> has always permitted using the idea without any explicit license under |
| 32 |
> the condition that all use is actually spec conformant. |
| 33 |
|
| 34 |
Generally patents, like copyright registrations, do not have "terms" |
| 35 |
for how you are allowed to use the patented technology. The patent |
| 36 |
just makes claims as to what is covered. For something completely new |
| 37 |
those claims often are pretty broad covering anything somebody could |
| 38 |
imagine the technology being used for. For something repurposed the |
| 39 |
claims tend to be narrow, as the inventor didn't actually come up with |
| 40 |
the original idea but claims the new application of it is novel in |
| 41 |
some way, and if you use it for anything else you're more likely to be |
| 42 |
free and clear. |
| 43 |
|
| 44 |
What you are talking about is a patent license, which is similar to a |
| 45 |
software license. You don't "copyright software under the GPL" - you |
| 46 |
just copyright the software full stop. Then, as a separate act, you |
| 47 |
issue however many licenses you wish to anybody you wish allowing them |
| 48 |
to do things that would otherwise infringe on the copyright. In the |
| 49 |
same way all a patent does is stake a claim on an idea, and then any |
| 50 |
licenses are a completely separate matter. If a patent holder wants |
| 51 |
to sue somebody they would point to what they're doing and then to the |
| 52 |
patent, and the court would determine if the action infringed, but the |
| 53 |
defense would be free to provide any license they believe they |
| 54 |
legitimately have from the patent holder that makes the action legal. |
| 55 |
|
| 56 |
> You seem to expect some due diligence from libtomcrypt authors before |
| 57 |
> having decided to publish their work and I don't find that reasonable. |
| 58 |
> I hope I've managed to explain why? |
| 59 |
|
| 60 |
So, I can't speak for libcrypt at all specifically, but I wouldn't |
| 61 |
assume that somebody has actually done due diligence before publishing |
| 62 |
anything. For all you know the authors of some random piece of |
| 63 |
software live someplace the patent is unenforceable and don't even |
| 64 |
care if it infringes, or they're protected by anonymity online. Back |
| 65 |
in the PGP ITAR days I believe somebody went through some loopholes to |
| 66 |
publish the software outside the US, and it is probably debatable |
| 67 |
whether that was legal under US law, but presumably the people who did |
| 68 |
it didn't care, and enforcement was unlikely at all, and especially |
| 69 |
unlikely if you didn't have plans to visit the US after bragging about |
| 70 |
distributing it. |
| 71 |
|
| 72 |
Really the same is true of software patents in general. For random |
| 73 |
individuals other than your own conscience it is pretty unlikely for |
| 74 |
there to be any kind of enforcement. For a business or concern of any |
| 75 |
size though it obviously is a risk that is probably not worth taking. |
| 76 |
This is arguably one of the value-adds a commercial distro could add: |
| 77 |
providing an assurance that anything in the distro is systematically |
| 78 |
and competently screened. Whether commercial distros actually due |
| 79 |
this in practice is something I don't know, though if they make |
| 80 |
promises and have the appearance of a decent program it might |
| 81 |
accomplish the CYA needs of due diligence for most companies... |
| 82 |
|
| 83 |
-- |
| 84 |
Rich |
Archives