Forgot your password?
typodupeerror
News

Secure Shell Will Remain 'SSH' 141

Posted by michael
from the sanity-prevails dept.
cdlu sent in a follow-up to the SSH dispute - the IETF has rejected a request from SSH, the company, to change the name of SSH, the protocol. This will save a lot of people from typing 'ln -s /usr/bin/secsh /usr/bin/ssh'.
This discussion has been archived. No new comments can be posted.

Secure Shell Will Remain 'SSH'

Comments Filter:
  • by Delphis (11548)
    It's nice to see common sense prevail over corporate stupidity.

    Nice too for the folks at OpenSSH who did nothing wrong in basing their product after the name of the protocol and shouldn't have to suffer.

    --
    Delphis
  • by the_tsi (19767) on Thursday March 22, 2001 @06:30AM (#348114)
    This just in:

    Tatu Ylonnen was overheard after the decision saying "Oh sshit."

    -Chris
    ...More Powerful than Otto Preminger...
  • >"I'm very disappointed," Ylonnen said after the meeting. "What will I do next? Consult my lawyers." That's sad. Does that mean that we really cannot live without these paras^H^H^H^Hlawyers? How come that such a simple, reasonable request, clothed in polite terms, was rejected? Next will come the lawyers. They'll loose, of course (IANAL, so actual milage may vary), but it'll cost money and nervces, ultimately only feeding the vultures. Personally, that doesn't make the sun shine on my day. I thought this kind of thing only happened with large companies, not the OS community... (PS: No, I'm not affiliated. No, ultimately I don't care. I just don't like seeing lawyers whereever I turn)
    ---
    "What, I need a *reason* for everything?" -- Calvin
  • by Anoriymous Coward (257749) on Thursday March 22, 2001 @06:33AM (#348116) Journal
    IETF sued for trademark infringement.

    I wonder if International Paper have a trademark on their initials?

    --
  • Nothing to see here, move along now.

    The original ssh author should have been more cautious with the ssh name from the beggining, not after all the many years of typing ssh. At the minimum, it seemed to me like a very bad move (at least in terms of opensource reputation).
  • Heheheh..

    Yea, and the 'I'll contact my lawyers' quote at the end of the article too. Jeez.. lawyers lawyers lawyers.. that's all the computing world seems to be these days. :/

    --
    Delphis
  • Hopefully the lawyers will see sense too.

    And we're all reprieved from goat.secsh ;-)

  • michael, you forgot about
    'ln -s /usr/bin/secshd /usr/bin/sshd'!


    i was angry:1 with:2 my:4 friend - i told:3 4 wrath:5, 4 5 did end.
  • This will save a lot of people from typing 'ln -s /usr/bin/secsh /usr/bin/ssh'.

    Whew! I can't tell you how much that relieves me.

  • by dillon_rinker (17944) on Thursday March 22, 2001 @06:37AM (#348122) Homepage
    KlausBreuer,

    I'd like to ask you to change your login name. Your name infringes on my trademark. I know this is an inconvenience for you, but I would greatly appreciate it. Please?

    -----------------
    And I'll bet you wouldn't do it, no matter how nice the request.

    Why should the IETF inconvenience MILLIONS of users so that a single individual can profit?
  • by nate1138 (325593) on Thursday March 22, 2001 @06:38AM (#348123)
    Under the normal run of things my opinion would be: "good, screw the company that wants to trademark the name of an open protocol". But this is a little different. He WROTE the damn thing, then gave it away. I don't think keeping the name is too much to ask. Especially considering how widespread this product has become. Do you know any sysadmins who don't use it??
  • by Anonymous Coward
    No it's not.

    Once more a large international entity totally ignores the rights of a small corporation from a small country.

    If the owner of SSH trademark were bigger and from the U.S.A. a decision like this would have been completely out of the question.

  • Yes, but the point is he should have made that point clear from the beginning. You're not allowed to let tons of people use your trademark then go sueing each one after they get comfortable with it.
    --
  • by Anonymous Coward
    From http://www.ssh.com/legal/trademarks/

    Additionally, SSH Communications Security has no desire to cause any inconvenience to users or developers who have been accustomed to using the "ssh" command name with our products. Accordingly, we will provide, free of charge, a trademark license to use the term "ssh" as a command name with proper attribution. It is the use of the ssh® trademark in product names or in ways otherwise likely to cause confusion and infringe the ssh® trademark that the company desires to prevent.

    Can we not just use the name SSH and simply acknowledge the trademark (in the same way as e.g. Unix) ?

  • Consider, an old Windows TCP/IP stack vendor was FTP Software. What if they decided to assert trademark status on the FTP protocol?

    I think that SSH (the company, not the protocol) should do some marketing. Maybe they can call their product "SSH Classic" or "New SSH" (just like a beverage.).

    Actually, the whole thing about trademarking the protocol name is just silly.
    --

  • Do you know any sysadmins who don't use it??


    Unfortunately even to this day I find loads of sys admins crawling all over their DMZ-level servers with Telnet. I have to physically shout at some of them to start using ess-sh (casually avoids infringing trademark *grin*)

  • by hardaker (32597) on Thursday March 22, 2001 @06:45AM (#348129) Homepage
    They decided not to change the usage of the word SSH as the name of the protocol. What OpenSSH decides to call its binaries is an entirely different decision that the IETF has nothing to do with.

    For the record, the decision in the room was somewhat split, leaning about 2:1 towards not changing the name. It's still unclear if the name will be trademarked in the documents, which was the second (replaced?) request made to the IETF secure shell working group.
  • This actually introduces a new party into the mix over SSH. The previous todo was with OpenSSH, and now that the IETF (the people that work on networking standards) have said that they refuse to change SSH to anything else means that there's now two parties involved if a court case could result (And I suspect there will be, though we know who's going to lose it from the start...)
  • Oh yes. Europe is such a hell-hole, and the US is so perfect.

    So tell me, how does letting SSH (the company) suing to prevent the use of the term SSH (as a protocol, as part of the openSSH implementation, etc.) equate to letting the market figure it out?

    SSH was NOT just trying to make an honest buck--they were trying to use market restricting laws to unfairly quash (what has developed into) their competition.

    How free market, Ayn Rand is that?

    And for that matter, what's wrong with socialism?

  • My point exactly.
    Start trademarking protocol names and soon you can't write a whole sentence without ;D
  • by wiredog (43288) on Thursday March 22, 2001 @06:49AM (#348133) Journal
    "I'm very disappointed," Ylonnen said after the meeting. "What will I do next? Consult my lawyers."

    He could win. Several months ago (and I don't have time to find the link) a domain name had to be given up by its holder even though the ICANN arbitration held that he didn't. The person who wanted the name just sued in US court for trademark infringement, and won. You see, the IETF decisions are not binding in the courts. So Ylonnen could sue for trademark infringement. If he won, it would not matter what the IETF said.

  • ... lawyers lawyers lawyers.. that's all the computing world seems to be these days. :/

    Well, that must be the reason then that we hardly ever seem to win a lawsuit. All those lawyers know d*mn well that if GNU, OSS and co. get the upperhand there will be half the money to be made ;-)
  • by Admiral Llama (2826) on Thursday March 22, 2001 @06:50AM (#348135)
    So you're saying you would rather he had whipped out the lawyers from the beginning and fiercly protected his trademark? Honestly that's what he should have done, but he tried to be a nice guy and now he's screwed. Once would think the community would be more sympathetic to a simple request from someone who was generous and non-militant. The guy did everything that Slashdoters scream for and this is how he's repaid.
  • by Anonymous Coward
    I'm a flaming telepath, baby.

    Slashdot policy: Ontopic, Reconciling, Appropriate, Legal, or Inoffensive comments might be moderated. (You can read everything, even moderated posts, by adjusting your threshold on the User Preferences Page)

  • From http://www.ssh.com/legal/trademarks/ [ssh.com]
    ---
    The ssh® trademark is a significant asset of SSH Communications Security, and the company strives to protect its valuable rights in the SSH brand. SSH Communications Security has invested substantial resources in its ssh® mark, such that its customers have come to recognize that the mark represents SSH Communications Security as the source of the high quality products offered under this brand. This resulting goodwill is vital to SSH Communications Security.

    The SSH Secure Shell remote login product was created in 1995 by Tatu Ylönen, CTO and chairman of the company. Free versions of the Secure Shell remote login software have been distributed under the SSH brand since 1995. The latest version, ssh-2.4.0, is free for any use on the Linux, FreeBSD, NetBSD, and OpenBSD operating systems, as well as for universities and charity organizations, and for personal, hobby, and recreational use by individuals.

    Confusion has become widespread with respect to OpenSSH and its origin. OpenSSH is not a product of, and the OpenSSH group is not, in any way, related to, the SSH Communications Security company.

    The use of the SSH trademark by members of OpenBSD in the OpenSSH project name, products and associated merchandising violates the company's intellectual property rights, and is causing the company, its customers, and its products considerable financial and other damages. The company has requested the OpenSSH group to change the OpenSSH name so as not to infringe on the ssh® trademark, and to prevent further confusion in the industry.

    Similarly, the company is requesting other unauthorized users of the ssh® mark to refrain from infringing our valuable intellectual property rights.

    The company fully supports the IETF Secure Shell working group in its standardization efforts. Any developer may implement the IETF Secure Shell working group standard without requiring any special licenses from the SSH company. SSH Communications Security has always and will continue to support the efforts of all acknowledged standards bodies and the open development of Internet security products, especially for non-profit, education and personal use.

    Recognizing that the phrase "Secure Shell" is well-known within the community to describe the secure remote login protocol developed by Ylönen and SSH Communications Security, SSH has decided to abandon its trademark application for the name "Secure Shell" and dedicate it to public use. When developing and offering products implementing the Secure Shell remote login protocol, developers and integrators may use these words in product names, descriptions, etc., if they wish, without further designation.

    Additionally, SSH Communications Security has no desire to cause any inconvenience to users or developers who have been accustomed to using the "ssh" command name with our products. Accordingly, we will provide, free of charge, a trademark license to use the term "ssh" as a command name with proper attribution. It is the use of the ssh® trademark in product names or in ways otherwise likely to cause confusion and infringe the ssh® trademark that the company desires to prevent.

    All of SSH's products are marketed under the SSH brand name. SSH has become a widely known global brand to identify the company and the origin, quality and security associated with its offerings.

    SSH provides trademark guidelines (PDF, 96 kb) regarding usage and attribution.

    For more information on SSH trademarks, please refer to our Q&A document.
    ---

    Anyway, it sounds to me like he wrote the program years back, then kept the name because it got into such widespread use. Now, they want to be distinguishable. Bunk. If I went and formed a company called "telnet industries" then there is no way I'd be able to get the protocol name changed.

    If they didn't want the confusion regarding names, then they shouldn't have named their company after an existing product/protocol. And he can't claim he didn't know about it either, he wrote the damn thing in the first place!

    Good for the IETF!

    ---
  • " 'I'm very disappointed,' Ylonnen said after the meeting. 'What will I do next? Consult my lawyers.' "

    Is this what Open Source is coming to?

  • by ReconRich (64368) on Thursday March 22, 2001 @06:52AM (#348139) Homepage
    I know that we here as /. are against all things related to intellectual property, but perhaps its time to look at the other side. Trademarks (in the US) are *NOT* designed to protect companies... they are designed to protect consumers. What you say ? They exist (primarily) so that consumers know where a product actually came from. Tatu has been *VERY* liberal in his offer to allow usage of ssh (if he had been granted a trademark) and all he (seems) to have been concerned about is persons NOT his customers believing that they were. This is NOT a Bad Thing (tm). Trademarks and Trademark law DO serve a useful purpose in our society, and its sad that this community has its typical knee jerk reaction.

    -- Rich
  • It's got nothing to do with any American corporations. Ylonen's company is 'SSH Communications of Finland'.

    The fact is that only after several years of use by the public-at-large is he trying to defend his trademark. It's too late and the IETF made the right decision. Whether it's overturned by the courts remains to be seen.
  • Whoopie. The company still has to fight to regain precious name recognicion which it lost because it was trying to be nice. I definitly think the community should have yielded on this one.
  • He expressly gave the right for all to use ssh in his original headers many years ago.

    I wish he didn't desire to withdraw that now, as he's done a great job for all of us.

    At least the publicity, even in loosing, lets everybody know who started this and who sells it commercially.

  • by NetJunkie (56134) <<moc.liamg> <ta> <hsan.nosaj>> on Thursday March 22, 2001 @06:53AM (#348143)
    In his original license he said that if someone modified his code and it was compatible with the original, it HAD to be called ssh. The others are still compatible with his code and based on it..so they are just doing what he originally asked.
  • Unfortunately the last line in the article doesn't smack of common sense.

    "I'm very disappointed," Ylonnen said after the meeting. "What will I do next? Consult my lawyers."

    I hope his lawyers have a little more common sense than he seems to display - after all the protocol has been named for longer than SSH Communications Security has held the trademark there should be no legal reason why the standard should be renamed.

  • I see this as a grave problem. Now that "the OSS community" does not respect even one of its heroes request, the corporate drones have all the reason to recommend patenting and trademarking everything. All the lawyer drones have a reason to go crazy: "You see, they are like wolves, they eat even their own, (C) and (R) is our only protection agianst these commie-hippie-OSS-freaks."

    Would it be too much to ask that we give Tatu a hand for his great contribution?

    On the other hand, if Tatu hadn't wrote SSH, someone else would have figured it out sooner or later. Maybe a big corp, and you know what that would mean. Kerberos is already contaminated by a certain corporate...

    -P
    --
  • It's too much to ask simply because he already gave it away. He already let it become popular and common, and a protocol spec, and NOW he's trying to backpedal a couple years of computing and enforce trademark. The name means what it means because of what it is, not simply because of his product, that's the issue.
  • are ignorami that can't spell.
  • Ooohhhh, I don't know about that. I was reading recently that IETF are binding in courts.

    Dang, I don't have time to find the link...gotta run!

  • I still don't see how someone can confuse SSH with OpenSSH. There are OS versions of everything these days. It's not like OSSH is called S-SH or SSHOpen, which would be confusing. It's OpenFuckinSSH. Wait a sec, maybe I'm on to something there... :P
  • They invented, programmed, and gave away for free SSH. Now they want to sell enhanced versions, meanwhile, the IETF thinks their invention is so good it should be an Internet standard. SSH has had a trademark on their company name for some time. Now IETF comes in and says that they're going to call the standard the same thing as the product. The SSH people get mad, and for good reason -- they have something to sell using their hard-earned (and well-earned) brand, and the IETF wants to make it a generic term. Well, I hope they take the IETF to court and win for being such jackasses.
  • No, what I'm saying is he should have called the protocol and the application something different and kept up on protecting his trademark (on the application) from the get go, rather then going after people years later.
    --
  • While I can see where he's coming from, there is a price to pay for aggresively putting your name out to the public. I can't tell you how many times I've seen signs on buildings saying "No Roller Blades", and wondered why any other brand of inline skates were not prohibited. The problem is that SSH has become a generic term. If they were really intrested in protecting it, they prolly should have been more worried a while back.

    I'd look at is as a new PR spin. Like saying "We're the real SSH." or maybe "Aren't your servers important enough to to use the original SSH?", or better yet, set yourself apart from the others with a better product, rather than just a name... there's a concept!
  • I want to be sympathetic, but I can't help thinking that they should have been thinking about name recognition at the outset when they chose to name the product after the protocol. Actually, I'd go so far as to say that they were trying to ride on the inevitable popularity of the protocol's name, and that it came back to bite them in the ass. Now they're doing damage control.

    On another note, isn't this the same company that still hasn't implemented scp correctly? Maybe the IETF should have made them a deal in exchange for correctness.

  • Hi! My new company name and trademark is Hot Trailer Trash Products (TM), HTTP(TM) for short and I'm suing this Web site and all the others that use my company's initials in their URLs!!

    Muahahahahah!!!

    Oh yeah, don't forget my other division, Uniquely Raunchy Lingerie... I'm suiding for the use of those initials too! (oops, guess I have to sue myself!! :)

  • For the record, the decision in the room was somewhat split, leaning about 2:1...

    The article states that: Ultimately, the working group voted 3 to 1 to reject Ylonnen's request. Do you have a source for your 'somewhat split' assertion?
    --
    "In the land of the brave and the free, we defend our freedom with the GNU GPL."

  • "ftp" was around before "FTP Software", IIRC.

    So they were using a commonly-used term in their title. No problem there. They just couldn't then go back and try and trademark "ftp". "FTP software", that's trademarkable.

    In this case, the person who started using the acronym, as I understand, LATER decided to trademark it... Making it much muddier than your example, but I think its too late to undo the "commonly-used" of ssh.

    Addison

  • Here the case seems more complicated, because the IETF is the one using the name, not a third party. A question this brings up, is whether IETF has an agreement like other bodies do concerning intellectual property, i.e., if you make a proposal, you have to say what you are planning on claiming as your own in patents, copyrights, etc. Wouldn't trademarks fall under that same category?
  • Make that 'ln -s /usr/sbin/secshd /usr/sbin/sshd'!


    --

  • So, how does one force an international loosly-organized volunteer organization to do anything?

    Exactly what punishment would a US court enact? A fine? Who do you send the bill to? What if they just issue an order that the IETF do something, and then at the next IETF meeting (in London), they just ignore the order? Will the judge hold the IETF in contempt and order it arrested? Maybe its assets should be seized. (What assets does the IETF have? The only one I can think of, ironically, is the 'IETF' name.)
  • >> This will save a lot of people from typing 'ln -s /usr/bin/secsh /usr/bin/ssh'.
    > Whew! I can't tell you how much that relieves me.

    Well, 'ln -s secsh /usr/bin/ssh' is enough. Now, the IETF should probably reconsider its decision, as the trouble have been vastly overestimated...

    Cheers,

    --fred
  • Somehow this reminds me of the patents problem [slashdot.org]. It seems that open source developers care more about the technology than about politics, which is quite understandable. So for patents there are institutions coming who help OSS people, but how about names, and other political stuff? The FSF and ASF have some lawyers people I guess, but who can a simple, small open source team talk to if someone wants to "steal" their name?
  • Funny, if it's such a hellhole, why do some American crypto companies operate in Finland? Because their government permits honest cryptographers to try to make a buck.

    But then again, Slashdot trolls have a history preferring legalistic control by fascistic governmental regulations. They should let the market sort it out. This sort of intervention is what make America such a hell hole these days with rampant regulations and diseased lawyers everywhere.

    Boss of nothin. Big deal.
    Son, go get daddy's hard plastic eyes.

  • This kind of stuff always puts me of two minds, because I agree in general with your position on lawyers, but my sister is one and she's marrried to one. Of course, she one of the good kind.
    Still, I suppose I'll have to rescue my niece and nephew before they become "irreversably contaminated". I mean, my sister won't let my nephew near the computer, and he's over two years old!
    -----------------
  • You obviously don't know what you're talking about - Tatu wrote the standard for the IETF SECSH working group (most, if not all). HE originally referred to the whole 'ball-o-wax' as SSH - the program, the protocol, _and_ his company. After the fact, he's trying to claim trademark infringement. I have no intention of denying him revenue if he wants to sell his product, but he's just trying to take successful competition out of the running by using a trademark to keep them out of "his" domain.
    _____
  • How many times do you find yourself typing sshd???
  • That is what you get for releasing software into the public domain under a free license (I may be wrong here) and several years later decide you want to the trademark to it. If you want a trademark to something, apply for it at the beginning or during product development. If you're denied, then you have the chance to change the name of your project to something else.

    Amigori
    -------------
    Patents and trademarks are a double-edged sword.

  • > Unfortunately even to this day I find loads of sys admins crawling all over their DMZ-level servers with Telnet

    Would you be kind enough to give us more information about those individuals, please ? I'd love to have them as friends, we could do great things together...

    Cheers,

    --fred
  • Which American crypto companies operate in Finland? I live in Finland and I can't think of one.

    SSH is founded by a finn (Tatu Ylönen) and it is stationed here. It may have offices elsewhere but it's a finnish company. F-Secure is a finnish company and is stationed here, but it too may have offices elsewhere. It's still a 100% finnish company.
  • No one's trying to pass OpenSSH off as the "official" SSH implementation, you'll note. Besides, trademarks in the US are a "use or lose" commodity - if you don't enforce them, you don't get to keep them.

    According to Tatu & co., he'd had this trademark for some time. Yet only recently has he decided to enforce that trademark. Also, naming the product, the protocol, and his company with the same name (a supposedly standardized protocol, no less) was an extremely poor choice on his part, IMO.

    He really should've considered this a long time ago. The barn door's open, and the stock's already gone, as it were.
    _____
  • He WROTE the damn thing, then gave it away. I don't think keeping the name is too much to ask.

    That's the whole point. HE GAVE IT AWAY. Now he wants it back. Asking for "the name" *is* too much to ask. "Name" is everything in today's world. Imagine if companies or open source efforts couldn't use "telnet" or "ftp" in their names.
  • Read the license for Tatu's company's SSH2. IMHO, that doesn't qualify as open source anymore (and I doubt it meets the "Open Source Definition").
    _____
  • Well, if he had, ssh would never have taken off, nobody would have used it, he would have no company and the protocol would be relegated to the heaps of wannabe proprietary secure protocols.
  • by TBone (5692) on Thursday March 22, 2001 @07:23AM (#348173) Homepage

    • Coke - For cola, or in some places, any soda
    • Kleenex - for a facial tissue
    • Saran Wrap - for cellophane
    • Roller Blade- for inline roller skates
    • UNIX - for any OS that looks like the work done by AT&T/Bell Labs

    While Tatu may have intended to keep his Trademark from public use, the fact of the matter is, like many popular brand names, it's become a generic term. You don't see the Trademark Police descending on little Mom&Pop sandwich stores in Tennessee when a conversation like this happens:

    Me: I'll Have a Coke.
    Them: What kind of Coke?
    Me: (sarcastically) Well, what kind of Coke do you have?
    Them: Pepsi, Diet Pepsi, 7-up and root beer.
    ...do you? Tatu needs to get over himself and be glad that he's created something that has become so pervasive that it is being used as a generic term.
  • Sweet jeebus /.ers love to whine. I'm sorry, y'all. I can be as hardcore a free software advocate as you'll find and in general I think patents and trademarks are bad things. In this case, though, it's not like he's threatening to try and revoke all licencing privledges to any ssh related code (which of course, he can't, but stuipider things have been done by big corporations). He wants a name change so that, god forbid, he *may* make some money.

    Oh, the inconveniece of typing once "ln -s /bin/newname /bin/ssh". I just can't take it. Most of us probly have 19 shell scripts on our boxen whose sole purpose it is to save us from typing out full commands (i.e. "sc.sh" which reads "cd /windows/games/Starcraft;sudo wine starcraft.exe").

    I seem to be alone on this among fellow /. fanatics, but I say fucking relax and let a man have a few bucks for a product which everyone with a brain uses and loves.

    -k
  • by doctrbl (306815) on Thursday March 22, 2001 @07:29AM (#348175)
    ...excerpt from SSH website...

    Q: Many programs today use "ssh" as a command name in competitive and freeware products. Does SSH intend to require programmers to rewrite their programs to eliminate this naming convention?
    A: No. SSH has no desire to cause any inconvenience to users or developers who have been accustomed to using the "ssh" command name with our products. Accordingly, we will provide, free of charge, a trademark license to use the command name "ssh" with proper attribution.

    From what I've seen (IANAL), "proper attribution" means you have to say "ssh was made by these guys, not us" when you decide to roll your own. Their real beef seems to be with companies putting SSL in their names, and as part of their corporate identities. Look at the chip market; how funny would it be if AMD were called BetterIntel, or Intellium, or ByeByeIntel? OK, the Intel thing is slightly off-topic, but I think my point is clear.

  • No one's trying to pass OpenSSH off as the "official" SSH implementation, you'll note. Besides, trademarks in the US are a "use or lose" commodity - if you don't enforce them, you don't get to keep them.

    Absolutely, however, Tatu has stated (complained ?) in the past that some users of OpenSSH were confusing that product with his.

    According to Tatu & co., he'd had this trademark for some time. Yet only recently has he decided to enforce that trademark.

    His bad for sure. I'm not ranting about the relative merits of his claim, I'm ranting about the immediate condemnation by the /. community. His position is certainly less than optimal for a trademark claim.

    He really should've considered this a long time ago.

    Absolutely. But we must remember, that this guy GAVE us something good (that I and a lot of other people use). We shouldn't vilify him because he's trying to make a couple of bucks off of it. (And I'm pretty sure its just a couple).

    -- Rich
  • Nah. It's not a matter of being against intellectual property. Most of the objections I've seen aren't saying that Tatu doesn't have the right to trademark the name of his company -- they're saying that SSH is the name of the protocol as well. Trademarking SSH would be as ridiculous as trademarking TCP or "Telephone."

    All three are generic terms, and have been for years. Tatu wants the benefit of having his company share a name with the protocol, without having to take the downside of the protocol sharing a name with the company.

    Schiller says we should "be nice," but I don't see a way to do so without inconveniencing or confusing hundreds of thousands of people.

    --Brian
  • by Erasmus Darwin (183180) on Thursday March 22, 2001 @07:31AM (#348178)
    How come that such a simple, reasonable request, clothed in polite terms, was rejected?

    Simple? Yes. Polite terms? Yes. Reasonable? Not even close, if my understanding of the situation is correct. As I understand it, the guy who doesn't want them to use his SSH trademark anymore is the same guy who was involved in the development of the protocol/standard in the first place. At best, he's guilty of deciding way after the fact that he didn't want them using SSH as a name. At worst, he's trying to delibrately use a "submarine trademark" to monopolize the name recognition SSH has gained, in no small part due to the standard itself.

  • And through that giving away of ssh under opensource terms it became a popular protocol. They used ssh as a generic term, it became popular enough to be a generic term... and then decide to revert to semi-proprietary status and try to keep a trademark on a, by then, generic term.

    IANAL, but: Trademark law 101: You must enforce your trademark from the start. If you ever allow it in any way to become a generic term it is no longer a trademark. Maybe Kleenex and Xerox will sympathize, but a court is unlikely to.
  • Oh yeah, except Tatu claims that, well, gee, those WERE the licensing terms, way back when, but since he got that trademark, that doesn't apply anymore, and you better not use the letters 'SSH' or ELSE.
    _____
  • Whatever. He _gave_ it away. Have you read the licensing terms of the SSH release that OpenSSH is based on? Go read them, then try to tell me that we should stop using the term 'SSH' and just let Tatu do whatever he likes.

    Yes, he did a good thing by releasing SSH to the public. But he can't make something, let it get popular, THEN try to exercise trademark control over the name after the fact. It doesn't work that way.
    _____
  • I hope his lawyers have a little more common sense than he seems to display - after all the protocol has been named for longer than SSH Communications Security has held the trademark there should be no legal reason why the standard should be renamed.

    You might want to look a little further back in this before making statements like that, because the reverse is in fact true. SSH was invented by Ylonnen, trademarked by Ylonnen, and released in a freeware version by Ylonnen. AFTER it was released, it was adopted as a standard by the IETF.

    To put it more succinctly, IFF Ylonnen's company chooses to sue the IETF for trademark enfringement, the IETF has a single legal leg to stand on, and that's dilution of trademark. Unfortunately for them, since Ylonnen would be making a legal effort to enforce his trademark and prevent dilution at this relatively early stage, and can argue (successfully, IMHO) that the only reason he hasn't acted legally before this because (a) he's been in negotiations (that failed), and (b) he's a nice guy. The result is a pretty strong counter to the dilution defence.

    I hate to see something like this, but IMHO IETF is going to get whomped on for being stupid, and again IMHO, they deserve it.

  • Only my memory of seeing the hands in the room. It was quite possible 3 to 1 or so instead, I don't remember exactly. I probably shouldn't have tried to guess a ratio as I'm sure I'd be off by some factor or another ;-)
  • by Zeinfeld (263942) on Thursday March 22, 2001 @07:39AM (#348184) Homepage
    Ob. Disclaimer, I am not a lawyer. I just get pestered about this issue by our lawyers.

    I would see two possible barriers to an attempt to recapture the use of the SSH trademark.

    The first is that it appears that the trademark holder gave an explicit license to use the term SSH for independent implementations of the software.

    The evidence for this includes (1) the original program documentation and (2) the IP submission to the IETF

    The other track would be dilution. SSH communications did not take steps to protect their trademark. In fact they took positive steps to encourage the use of the name 'ssh' as a generic term to refer to a secure shell. These steps included submitting standards proposals to the IETF that used the name SSH.

    The purpose of the dilution clause in trademark law is expressly to prevent companies from locking competitors out of a market by first encouraging them to use a term, then restricting its use. The problem with the SSH corp behavior is that it appears to fit exactly that pattern.

    That is not to say that the SSH folk were necessarily doing anything calculated in advance. The project started off as an open source hobbyist type hack. Then it became an income for the developer, then a company. Problem with a company is that you have to meet payroll each month, you have responsibilities to your employees and shareholders.

    The lesson for open source projects is that they need to be careful anout the names they use and make sure they establish their own brand independent of the 'open' generic brand.

    These issues were almost certainly raised at the IETF meeting and the IETF hs no shortage of competent legal advice when it needs it. If the SSH people wanted to make a fight of it then they would have to go to the IESG in any case.

  • in case you didnt RTPFA

    P as in previous!

    In his original license he clearly states that you may make derivatives of ssh and use the 'ssh' name. Later he changed it and registered the trademark.

    So anybody who is using the sourcecode distributed with the old license may use the name ssh. So it is not a reasonable request

    Jeroen

  • You forgot the biggest one -- Xerox. "Will you please Xerox this?" However, if I were Xerox, I wouldn't be 100% upset over this -- it's generally a clear sign that I am dominating the market. I prefer to drink Pepsi, but I generally just ask for a "coke" because it's the de facto 'standard'.

    Still, when a Canon photocopier blows up, I would suddenly change my position on it being called a "Xerox." (Not to imply that Canon photocopiers explode often... Just a random example.)
    ________________________________________________

  • Are you sure about that? Where's the documentation? From what I remember it was the other way around. If someone built something that wasn't compatible with the original it couldn't be called SSH.

  • If you've followed the case, you'll know that the command name was to remain ssh. Only the protocol was to be changed.

    So no symlinking would have been necessary anyway.
  • Whatever happens, I just hope I don't have to type:

    % /usr/local/bin/ssh®

    My keyboard doesn't have an ® key...

    Jim in Tokyo

  • My point exactly.

    Start trademarking protocol names and soon you can't write a whole sentence without ;D

    Prior art, Snuffie. FTP exists/existed as prior art before FTP Systems existed, and it's relatively trivial to prove that FTP Systems was named as such because of that pre-existing protocol. SSH exists because Ylonnen created it. He doesn't have a prior art claim to defend against.

  • His bad for sure. I'm not ranting about the relative merits of his claim, I'm ranting about the immediate condemnation by the /. community. His position is certainly less than optimal for a trademark claim.

    That's the problem. He's put himself into a bad situation, and now he's pointing fingers at us because we're infringing on his trademark (which is long since diluted, IMO). (Us as in the global us, the Free Software and Open Source world.)

    Absolutely. But we must remember, that this guy GAVE us something good (that I and a lot of other people use). We shouldn't vilify him because he's trying to make a couple of bucks off of it. (And I'm pretty sure its just a couple).

    I'm not trying to vilify him. I use ssh (ok, OpenSSH) regularly. It's a great tool, and I thank him profusely for providing it to us. And I have no intention of denying him revenues, if someone chooses to buy his commercial version. But just because he did a good thing (gifting the community with SSH), why should we just quietly ignore his trying to do something stupid (trying to assert a diluted trademark on the thing he gave us)?
    _____
  • In his original license he said that if someone modified his code and it was compatible with the original, it HAD to be called ssh. The others are still compatible with his code and based on it..so they are just doing what he originally asked.

    You're ... wrong.

    He sais:

    Any derived versions of this software must be clearly marked as such, and if the derived work is incompatible with the protocol description in the RFC file, it must be called by a name other than "ssh" or "Secure Shell".

    Since the various SSH's out there are compatible with the protocol description, they can be called SSH but don't have to.

    In any way, my opinion on that matter is, that it's not really him, who wants the name change, but his lawyers, execs, shareholders, and so on. Poor guy.

  • What would've stopped me from renaming /usr/bin/whatever_they_forced_the_binary_to_be_nam ed to /usr/bin/ssh? The only way to tell if I have something on my PC which breaks the law is to break the law (hack into it) and find out...

    - A.P.

    --
    * CmdrTaco is an idiot.

  • Ask for a "Coke" in Pizza Hut (with their fat Pepsi contract). They are, by policy, supposed to say something to the effect of "We don't have Coke, will Pepsi be okay"?

    You can use any of these in informal writing and talking, but you can't sell generic cotton-tipped-swabs and call them "Q-Tips." Or Vaseline, Band-Aids, KY, or Hoovers (in England, generic for vacuum).

    But all this doesn't apply to SSH since that is the name of the product as given out freely way back when.

  • Look at the chip market; how funny would it be if AMD were called BetterIntel, or Intellium, or ByeByeIntel?

    How funny would it be if AMD were called "FastX86"? How funny would it still be if Intel sued them for it?
  • Actually, the Coca-Cola company has been known to sue restaurants that serve Pepsi to customers who ask for a "Coke" in order to protect their trademark. (Their trademark on "Cola" was already ruled to be too diluted, so Pepsi-Cola was allowed to keep its name.) This happened to the local "Wendy's" franchise in Little Rock, and afterwards all the workers were trained to come back with "Would Pepsi be O.K.?"

    I think that Kleenex is still trying to protect their trademark, as well. In both of these cases, I'd agree that common usage indicates that the trademark is diluted, but the courts haven't seen it that way thus far.

    Bayer tried to protect its trademark on "aspirin" too late in the U.S., so here we have a huge generic market. In Europe, it's still in vigor (in several forms -- Aspirin, Aspirina, etc.), making it harder for the competition, which must bill themselves as acetylsalicylic acid.... This also has the result that aspirin is more of a "big deal" in Europe -- more packaging, bigger tablets, etc.

    So it is possible to get a court to rule dilution of a trademark, but it would seem to be difficult to get them to do so, based on the widespread use of the examples cited above.

  • This will save a lot of people from typing 'ln -s /usr/bin/secsh /usr/bin/ssh'.

    Please use relative symlinks! i.e. "ln -s secsh /usr/bin/ssh" This way your links do not break if you mount that filesystem elsewhere, or if you move that directory (though not too likely to happen in the case of /usr/bin). The same reasoning is why you should use relative links in html.

  • Actually, the whole thing about trademarking the protocol name is just silly

    No joke. IIRC, If a company fails to act on a trademark infringment (i.e. sue the pants off the infringer), it loses the right to sue for further trademark infringment. Can someone explain how the SSH(tm) lawyers think they have a leg to stand on considering this "trademark" has been used as if it were public domain for YEARS now?

    IANAL and other silly disclaimers apply...
  • * Coke - For cola, or in some places, any soda
    * Kleenex - for a facial tissue
    * Saran Wrap - for cellophane
    * Roller Blade- for inline roller skates
    * UNIX - for any OS that looks like the work done by AT&T/Bell Labs

    Sure, that's fine, and nobody's going to complain if you use the term ssh generically in conversation, as with each of the examples you listed. However, if an independant product was created whose name was clearly derived from "Kleenex", that would be a trademark violation. The same holds true for SSH.

    However, SSH wasn't trademarked originally, and even once it was it was never defended. Until now. But by not defending it from the outset, the trademark holder loses the ability to make future claims.

    Imagine John Postel deciding, well after SMTP had acheived widespread acceptance, to trademark the term. Then a couple years later he decides to make claims of violations against all the SMTP-talking mail servers out there. (I know John Postel is dead...I couldn't come up with a better example off hand)

    noah

  • Yes, it's the classic move that should be thusly named 'Doing a Unisys'.

    --
    Delphis
  • How Sean Connery says "Sex"?
  • Could the little Windows key work in a pinch?
  • Someone please explain: What would be the point of having a company called "SSH Communications Security" if the technology is not called "ssh" anymore. A couple of months of all the sys admins using "secsh" or whatever the acronym is changed to, and "SSH Commun..." won't mean much.

    Let me try and rephrase this: is the acronym is changed from "ssh" there will be nothing tying "SSH Communications Security" to the technology in the public's mind. Even if he does go to court and win, it seems like a Phyrric victory.

  • Can you tell me how to soft link the embroidery on my OpenSSH shirt to the new name?

    There's a lot more to this argument then a name change. I wish it would be that easy. Unfortunately it has a sort of domino effect to many other things as well. I'm not incredulous enough to believe that people would work past the name change but I do think that he should have thought about this years ago.

    LiNT

  • So if I create a product and call it, let's say, FrogSSHit, then I am using the SSH trademark. How does OpenSSH differ from FrogSSHit.

    I must be living in the dark but until recently I though SSH was ONLY a protocol. There is a company called SSH, that is news to me.

    They should change their name like Helix Code had to do. I have a suggestion... FrogSSHit. I won't sue, I promise! Hey they could even get frogsshit.com. It is avaliable.

  • Personally, I think they will look at the letter of the law, which clearly states the requirement that the offender must be using the name for commercial purposes. Last I saw, the OpenBSD and OpenSSH projects were not commercial. While the courts do have and are not afraid to exercise their liberty to "interpret" written law, they do so only when the language of the law is not clear. Here, trademark law clearly states "commercial."
    Furthermore, a trademark (under US law) must be promptly and vigorously defended against all comers. ftp.openbsd.org shows an OpenSSH patch dated October 26, 1999. Slashdot posted the story about Tatu crying foul on February 14, 2001. That's over a year.

    Maybe if he had said something when things were first staring, it might have been different. But whining now that OpenSSH has been out over a year, time enough to become (IMHO) the superior product.... well, it smacks of the follies we've seen Rambus commit of late. Letting someone else develop a product that's better than yours and then attempting to co-opt its IP is, frankly, childish. Certainly Tatu's case has a lot less grounding in law and reality than Rambus v. JEDEC... I hope for Theo's sake Tatu's lawyers are smart enough to tell Tatu to stick it. It will be much more expensive for everybody if Theo's have to.... and if I know Theo, he's liable to serve up Tatu au brochette.

    --
    "[Linux is really cool - not for the technology, but because] none of those open source guys stick hot needles under my fingernails during negotiations."
    -- Michael Dell, LinuxWorld show, August, 2000

  • Is it just me, or are there a lot of stories lately with the theme of ...

    We'll {Trademark,Patent,etc} it secretly and encourage widespread acceptance, then when the name/usage is commonplace we'll start to enforce our {Trademark,Patent,etc} and take over the world.

    Are They All Mad!

    <sigh>

    I wonder about the legality of all of this. Isn't it the case that if you don't enforce patents or trademarks that they become void. What were they living in their mothers basement all of this time? Participating in cryogenic freezing experiments. Excessing earwax buildup?
  • I feel bad for the guy, I really do. He wrote the product and protocol that's used by everybody, maintained it for years, and now he's getting marginalized by people who just showed up.

    But that's the way free markets work. It's time for Tatu Ylonnen to accept the fact that he's losing control and market share of SSH. The way to gain that back is with new and better products, not a sackful of lawyers.

    His trademark arguments have some merit, but hassling free software authors any further can only result in bad relations between SSH, Inc. and the rest of the *nix world, which should instead be courted as potential customers.
    --

  • So if I create a product and call it, let's say, FrogSSHit, then I am using the SSH trademark. How does OpenSSH differ from FrogSSHit.

    If your product implements a secure remote login capability, then yes, you could get sued. Actually, the way trademark law seem to apply to computers, if your product is at all related to computers you could probably get sued (and lose). Otherwise it's fine. That's why Microsoft isn't about to sue Ford for the "Explorer" or Netscape sue Lincoln for the "Navigator".

    I must be living in the dark but until recently I though SSH was ONLY a protocol. There is a company called SSH, that is news to me.

    I guess you've been living in the dark then. Check out www.ssh.com [ssh.com] and their commercial SSH product.

    noah

  • The IETF made the right decision.

    I'm in a similar situation. My "Nagle algorithm", developed under DoD contract in the 1980s, is in every mainstream TCP stack in the world and in almost every machine on the net. But I wouldn't try to use a trademark on that. It was released to the public via an RFC approved by the IETF, and now anyone can use it. That's fine with me.

    John Nagle

  • by StenD (34260)
    You might want to look a little further back in this before making statements like that, because the reverse is in fact true. SSH was invented by Ylonnen, trademarked by Ylonnen, and released in a freeware version by Ylonnen. AFTER it was released, it was adopted as a standard by the IETF.
    You might want to take your own advice. SSH was invented by released as freeware by Ylonnen, proposed [free.lp.se] as a standard by Ylonnen (identifying himself as being associated with Helsinki University of Technology), then SSH Communications Security applied for a trademark [tavaramerkki.prh.fi]. Note that, contrary to the claim in the SSH Trademark Q&A [ssh.com], the Internet Draft that Ylonnen submitted to the IETF, and that he included in the SSH distributions as RFC through at least 29 April 1999 (ssh-1.2.27) includes no mention of any assertion of trademark.
  • It is interesting to see two moments in this case. First it is how ssh came into life. As far as I remember Ylonen started things much as freelancer. It seems that some of the very first ssh's were even licensed in a BSD form. But later, on version 2, Ylonen opened a company, changed the license to more restrictive terms and started a process that became what we see.

    However, it is interesting to note how this process started to become a scandal. For some time, since version 2.1, ssh has been plagued by several bugs. Only 2.4 seems to be realtively free of them, but still it doesn't work too good. This series of problems coincide with the moment when Ylonen started to push ssh as SSH(TM) and restricted some aspects of the license even more.

    Frankly it's a pitty. I think that OpenSSH is more weak that the traditional one. Sincerly I do prefer Ylonen's ssh, even in cases when it's uite buggy. OpenSSH has a lot of drawbacks in performance and stability.

    However the growing path of bugs and this (TM) hype forces us to think if we really want to continue to use it. Two years ago a bug was solved in hours. Today SSH and whoever is inside of it, take nearly half a month to solve it. If this trend continues, then we surely will go for an option: OpenSSH. And all these (TM)s, (R)s and hype will be of less importance.

Is a person who blows up banks an econoclast?

Working...