Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 8FBA69D for ; Fri, 14 Oct 2016 10:58:04 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from outmail149095.authsmtp.com (outmail149095.authsmtp.com [62.13.149.95]) by smtp1.linuxfoundation.org (Postfix) with ESMTP id 92F97D5 for ; Fri, 14 Oct 2016 10:58:03 +0000 (UTC) Received: from mail-c232.authsmtp.com (mail-c232.authsmtp.com [62.13.128.232]) by punt24.authsmtp.com (8.14.2/8.14.2/) with ESMTP id u9EAw1Kd038858; Fri, 14 Oct 2016 11:58:01 +0100 (BST) Received: from petertodd.org (ec2-52-5-185-120.compute-1.amazonaws.com [52.5.185.120]) (authenticated bits=0) by mail.authsmtp.com (8.14.2/8.14.2/) with ESMTP id u9EAvxM1062713 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 14 Oct 2016 11:58:00 +0100 (BST) Received: from [127.0.0.1] (localhost [127.0.0.1]) by petertodd.org (Postfix) with ESMTPSA id 8DD824013C; Fri, 14 Oct 2016 10:53:51 +0000 (UTC) Received: by localhost (Postfix, from userid 1000) id 4CE2220732; Fri, 14 Oct 2016 06:57:57 -0400 (EDT) Date: Fri, 14 Oct 2016 06:57:57 -0400 From: Peter Todd To: Sergio Demian Lerner , Bitcoin Protocol Discussion Message-ID: <20161014105757.GA8049@fedora-21-dvm> References: MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="DocE+STaALJfprDB" Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.23 (2014-03-12) X-Server-Quench: 12917c79-91fd-11e6-829e-00151795d556 X-AuthReport-Spam: If SPAM / abuse - report it at: http://www.authsmtp.com/abuse X-AuthRoute: OCd2Yg0TA1ZNQRgX IjsJECJaVQIpKltL GxAVKBZePFsRUQkR aAdMdwYUF1YAAgsB AmAbWlVeVVV7WWM7 bghPaBtcak9QXgdq T0pMXVMcUQwdcFpJ ex8eVBt1dgYIeX9y bUYsX3JSXUMpck9g S08CQXAHZDJmdWgd WRVFdwNVdQJNdxoR b1V5GhFYa3VsNCMk FAgyOXU9MCtqYAht ZkkMNhoURlpDGTg4 VlgEGilnEEsCWioz a1QsN0JUFlwQNEop eUYnV1UFNRMfBm8W FEZLDi5VKl8KSmI3 CktwXFIVFzxbCTpH DwczSgCI X-Authentic-SMTP: 61633532353630.1037:706 X-AuthFastPath: 0 (Was 255) X-AuthSMTP-Origin: 52.5.185.120/25 X-AuthVirus-Status: No virus detected - but ensure you scan with your own anti-virus system. X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_LOW autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Subject: Re: [bitcoin-dev] DPL is not only not enough, but brings unfounded confidence to Bitcoin users X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 14 Oct 2016 10:58:04 -0000 --DocE+STaALJfprDB Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Oct 14, 2016 at 07:38:07AM -0300, Sergio Demian Lerner via bitcoin-= dev wrote: > I read the DPL v1.1 and I find it dangerous for Bitcoin users. Current > users may be confident they are protected but in fact they are not, as the > future generations of users can be attacked, making Bitcoin technology > fully proprietary and less valuable. Glad to hear you're taking a conservative approach. So I assume Rootstock is going to do something stronger then, like Blockstream's DPL + binding patent pledge to only use patents defensively? https://www.blockstream.com/about/patent_pledge/ Because if not, the DPL is still better than the status quo. > If you read the DPL v1.1 you will see that companies that join DPL can > enforce their patents against anyone who has chosen not to join the DPL. > (http://defensivepatentlicense.org/content/defensive-patent-license) >=20 > So basically most users of Bitcoin could be currently under threat of bei= ng > sued by Bitcoin companies and individuals that joined DPL in the same way > they might be under threat by the remaining companies. And even if they > joined DPL, they may be asked to pay royalties for the use of the > inventions prior joining DPL. >=20 > DPL changes nothing for most individuals that cannot and will not hire > patent attorneys to advise them on what the DPL benefits are and what > rights they are resigning. Remember that patten attorneys fees may be > prohibitive for individuals in under-developed countries. >=20 > Also DPL is revocable by the signers (with only a 180-day notice), so if > Bitcoin Core ends up using ANY DPL covered patent, the company owning the > patent can later force all new Bitcoin users to pay royalties. Indeed. However, you're also free to adopt the DPL irrevocably by additiona= lly stating that you will never invoke that 180-day notice provision (or more humorously, make it a 100 year notice period to ensure any patents expire!). If you're concerned about this problem, I'd suggest that Rootstock do exact= ly that. > Because Bitcoin user base grows all the time with new individuals, the so= le > existence of DPL licensed patents in Bitcoin represents a danger to Bitco= in > future almost the same as the existence of non-DPL license patents. To be clear, modulo the revocability provision, it's a danger mainly to tho= se who are unwilling to adopt the DPL themselves, perhaps because they support software patents. > If you're publishing all your ideas and code (public disclosure), you > cannot later go and file a patent in most of the world except the US, whe= re > you have a 1 year grace period. So we need to do something specific to > prevent the publishers filing a US patent. Again, lets remember that you personally proposed a BIP[1] that had the eff= ect of aiding your ASICBOOST patent[2] without disclosing that fact in your BIP= nor your pull-req[3]. The simple fact is we can't rely solely on voluntary disclosure - your own behavior is a perfect example of why not. [1]: BIP: https://github.com/BlockheaderNonce2/bitcoin/wiki [2]: ASICBOOST PATENT https://www.google.com/patents/WO2015077378A1?cl=3Den [3]: Extra nonce pull request: https://github.com/bitcoin/bitcoin/pull/5102 > What we need much more than DPL, we need that every BIP and proposal to t= he > Bitcoin mailing list contains a note that grants all Bitcoin users a > worldwide, royalty-free, no-charge, non-exclusive, irrevocable license for > the content of the e-mail or BIP. A serious problem here is the definition of "Bitcoin users". Does Bitcoin Classic count? Bitcoin Unlimited? What if Bitcoin forks? Better to grant _everyone_ a irrevocable license. Along those lines, it'd be reasonable to consider changing the Bitcoin Core license to something like an Apache2/LGPL3 dual license to ensure the copyr= ight license also has anti-patent protections. --=20 https://petertodd.org 'peter'[:-1]@petertodd.org --DocE+STaALJfprDB Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature -----BEGIN PGP SIGNATURE----- iQEcBAEBCAAGBQJYALoyAAoJEGOZARBE6K+yf+EH/0YPBCb1poEiV+UJeCdVyYjl SLh4Z8lDgHS6JbL7mb6t9B9dT5JnVjFpgq1D8K50KaEyxuufmXiIpRlnylJZOr4s IAmm9XFfbO0jXwMw04z49V3ZyA7rABuue5JrQo0tS841udyaV9stS/vx4vgwl81u r4r2OblJ3iXB04D1GDHE0NYRP37CHX8HR540gBFS+GMSEoRRQuzPJwSGrpE5zrgq Hx9/7+LaH0Q2XJzYnzdwj+btPcW8iHC4PGUyl5ia+7dr+t8JRgRHvMtZy+rfTI7P IFIGFnjdCwetGlewWgdBXjcGafx9+Sc4Ngktas0O04gEYR9q0wVry7lrYVeaGvU= =zUJV -----END PGP SIGNATURE----- --DocE+STaALJfprDB--