Replied: Thu, 01 Feb 2001 04:03:33 -0700 Replied: "Tatu Ylonen Markus Friedl , Replied: Theo de Raadt " Return-Path: ylo@mystery.acr.fi Delivery-Date: Thu Feb 1 00:41:11 2001 Received: from openbsd.cs.colorado.edu (openbsd.cs.colorado.edu [128.138.192.83]) by cvs.openbsd.org (8.10.1/8.10.1) with ESMTP id f117f8b15362 for ; Thu, 1 Feb 2001 00:41:09 -0700 (MST) Received: from mystery.acr.fi (ip212-226-160-97.adsl.kpnqwest.fi [212.226.160.97]) by openbsd.cs.colorado.edu (8.10.1/8.10.1) with ESMTP id f117gaa04130 for ; Thu, 1 Feb 2001 00:42:37 -0700 (MST) Received: (from ylo@localhost) by mystery.acr.fi (8.9.3/8.9.3) id JAA11697; Thu, 1 Feb 2001 09:40:12 +0200 Date: Thu, 1 Feb 2001 09:40:12 +0200 Message-Id: <200102010740.JAA11697@mystery.acr.fi> X-Authentication-Warning: mystery.acr.fi: ylo set sender to ylo@mystery.acr.fi using -f From: Tatu Ylonen To: Markus Friedl CC: Theo de Raadt Subject: OpenSSH & the SSH trademark Organization: SSH Communications Security, Finland Markus & others, As you should well know, SSH is a registered trademark and Secure Shell is a trademark of SSH Communications Security Corp both in the United States and in the European Union. I have been using these trademarks as the name of my product since 1995, and have explicitly claimed them as trademarks from at least early 1996. SSH Communications Security Corp is the company that I started in 1995 around my "SSH" product. It is now publicly listed at the Helsinki Exchange, and employs 180 people working in various areas of cryptographic network security. Our SSH Secure Shell product is being used by an estimated several million users, and is being sold under a license from us by hundreds of distributors and OEMs in virtually every country in the world. I have recently started receiving a significant amount of e-mail where people are confusing OpenSSH as either my product or my company's product. I have also recently seen promotional press articles intentionally confusing the meaning of our SSH trademark, associating it with your competing "OpenSSH" product, and intentionally distorting e.g. the public conception about our licensing terms against the fact. The confusion is made even worse by the fact that OpenSSH is based on and looks like an old non-commercial version of my product (without my approval, by the way), and the old SSH1 protocol and implementation are known to have security problems (see e.g. the recent CERT vulnerability notices). Your use of the trademark is clearly in violation of the law, and is causing me, my company, our licensees, and our products considerable financial and other damage. I am thus asking you to stop using the SSH or the Secure Shell trademarks in the name of your product, or in any other confusing or infringing manner. You will also receive a formal notice about this from our lawyers in the next few days. I hope you understand that it is necessary for me to ask you to do this. We cannot allow you to continue to jeopardize and damage our trademark. Since we are both also working on the upcoming IETF working group standard, I want to emphasize that I want to support other compatible implementations of the standard, but I cannot allow the use of our trademarks or other intellectual property in inappropriate and damaging ways. Regards, Tatu -- SSH Communications Security http://www.ssh.com/ SSH IPSEC Toolkit http://www.ipsec.com/ SSH(R) Secure Shell(TM) http://www.ssh.com/ssh