Hifn policy on documentation

classic Classic list List threaded Threaded
56 messages Options
123
Reply | Threaded
Open this post in threaded view
|

Hifn policy on documentation

Hank Cohen
Folks,
There has been some discussion of late on this list about Hifn's policy
with respect to releasing documentation to the general public.  That
discussion lead to a great deal of uninformed speculation and
unflattering statement's about Hifn's unfriendliness towards the open
source community.  I would like to set the record straight.  

The simple fact is that anyone who wants access to Hifn's documentation
need only log on to our extranet site (http://extranet.hifn.com/home/)
to download as much as they like.  This is true of the 795x Algorithm
accelerator chips and the 7855 and 8155 HIPP chips.  Some more
restrictions may apply to our NP and flow through part documents.  

Specifically the documentation for 7954, 7955 and 7956 is available.
The other chips that are supported by the Open BSD Crypto drivers
hifn(4), lofn(4) and nofn(4)  (7751, 7811,7951, 9751, 6500, 7814, 7851
and 7854) are legacy parts that are not recommended for new designs.
The driver will also work for 7954 even though that is not listed.  

This does represent some liberalization of access in recent months.
Hifn is always monitoring its policy with respect to the confidentiality
of documentation and other business information.  Some information will
probably always require a non-disclosure agreement.  Information that
falls into that category is generally of a sensitive competitive nature,
contains trade secrets or is related to unanounced or unreleased
products.

Software licenses are generally restricted in the disclosure or source
code reproduction rights.  Hifn reserves the right to keep our source
code proprietary.   This should not affect the hifn(4) driver since that
driver is programmed directly to the hardware and does not use Hifn's
enablement software library.  

Registration at our extranet is required along with an email address
that can be confirmed.  We cannot support anonymous FTP or http
downloads.  The reason for this is that we are required by the
conditions of our US export licenses to know who and where our customers
are.  If anyone objects to registration then we could not sell them
chips anyway so it does not seem an unreasonable restriction to us.

I hope that this clears the air.

Best regards,
Hank Cohen
Product Line Manager
Hifn Inc.
750 University Ave
Los Gatos Ca. 95032
408-399-3593

Reply | Threaded
Open this post in threaded view
|

Re: Hifn policy on documentation

Theo de Raadt
>There has been some discussion of late on this list about Hifn's policy
>with respect to releasing documentation to the general public.  That
>discussion lead to a great deal of uninformed speculation and
>unflattering statement's about Hifn's unfriendliness towards the open
>source community.  I would like to set the record straight.  
>
>The simple fact is that anyone who wants access to Hifn's documentation
>need only log on to our extranet site (http://extranet.hifn.com/home/)
>to download as much as they like.

That URL is not a place where you can download data sheets.  That is a
registration site that requires anyone who wants data sheets to enter
approximately 50 personal questions.

I can get documentation for pretty much 99% of the chips in the
industry without supplying any private information.  I don't TRUST you
to keep my personal data private.

>Specifically the documentation for 7954, 7955 and 7956 is available.
>The other chips that are supported by the Open BSD Crypto drivers
>hifn(4), lofn(4) and nofn(4)  (7751, 7811,7951, 9751, 6500, 7814, 7851
>and 7854) are legacy parts that are not recommended for new designs.
>The driver will also work for 7954 even though that is not listed.  

All of this is irrelevant.  You require people to register.  Do you
understand what you are asking people to do?  You are saying "Please
give us all your private information, and then use the data sheets to
write code that will help sell our product".

>This does represent some liberalization of access in recent months.

No it does not.  8 years ago all the above data sheets were fully available
for download without any registration.  Then about 5 years ago hifn closed
up completely, and documentation was totally unavailable.  About 2 years ago
hifn went to this new model of "answer 50 personal questions".

"50 personal questions" is not open access.  Please don't lie about it.

Other crypto chip vendors make their data much more easily available.

>Hifn is always monitoring its policy with respect to the confidentiality
>of documentation and other business information.

No, hifn is not monitoring the effects of their policy at all.  Over
the last few years I have had extensive email conversations with hifn
employees (including you) on this issue, and absolutely nothing has
changed.  You still think it is OK to get this personal information
from people.  You tried to pacify me in private mail.

>Some information will
>probably always require a non-disclosure agreement.  Information that
>falls into that category is generally of a sensitive competitive nature,
>contains trade secrets or is related to unanounced or unreleased
>products.

But we don't care about that information.  We simply care about completely
unfettered access to data sheets that were freely available without registration
8 years ago.

>Software licenses are generally restricted in the disclosure or source
>code reproduction rights.  Hifn reserves the right to keep our source
>code proprietary.   This should not affect the hifn(4) driver since that
>driver is programmed directly to the hardware and does not use Hifn's
>enablement software library.  

The only person talking about hifn's proprietary code is you.  If you showed
it to us, we would not bother looking at it.

>Registration at our extranet is required along with an email address
>that can be confirmed.  We cannot support anonymous FTP or http
>downloads.  The reason for this is that we are required by the
>conditions of our US export licenses to know who and where our customers
>are.  If anyone objects to registration then we could not sell them
>chips anyway so it does not seem an unreasonable restriction to us.

So the personal information you ask for in the registration process
will be given to the US government if they ask?  Without court
documents demanding the information?

We are not your customers.  YOU ARE OUR CUSTOMER.  Our driver sells
your chips.

I know that our hifn driver has some problems.  But because I cannot
get data sheets without giving you private information, I will not
spend even one moment more of my time to improve support for your
products.  Jason and I spent a lot of time writing that code in the
past, but because your policies are privacy invasive towards us, and
thus completely thankless for the sales that we have given you in the
past -- we will not spend any more time on your crummy products.

And if you continue baiting me, I will delete the driver from our
source tree.

I stand by my statement that HIFN is not open.

Reply | Threaded
Open this post in threaded view
|

Re: Hifn policy on documentation

Wijnand Wiersma
In reply to this post by Hank Cohen
2006/6/13, Hank Cohen <[hidden email]>:
> Folks,
> There has been some discussion of late on this list about Hifn's policy
> with respect to releasing documentation to the general public.  That
> discussion lead to a great deal of uninformed speculation and
> unflattering statement's about Hifn's unfriendliness towards the open
> source community.  I would like to set the record straight.

If you guys would stop talking out of your ass and spend your time
usefull (read: releasing FREE docs) you would see a increase of sales.

Wijnand

Reply | Threaded
Open this post in threaded view
|

Re: Hifn policy on documentation

Constantine A. Murenin
In reply to this post by Theo de Raadt
On 13/06/06, Theo de Raadt <[hidden email]> wrote:

> >The simple fact is that anyone who wants access to Hifn's documentation
> >need only log on to our extranet site (http://extranet.hifn.com/home/)
> >to download as much as they like.
>
> That URL is not a place where you can download data sheets.  That is a
> registration site that requires anyone who wants data sheets to enter
> approximately 50 personal questions.
>
> I can get documentation for pretty much 99% of the chips in the
> industry without supplying any private information.  I don't TRUST you
> to keep my personal data private.

As soon as one submits one's private information to Hifn, the
submitted data indeed no longer could be considered private. Look at
Hifn's HTML on the registration page:

        <form action="http://extranet.hifn.com/home/anonymous/Default.asp"
method="post" name="userEdit" onSubmit="return validate(this);">

Is Hifn running low on supplies of cryptography hardware accelerators?
Or do these accelerators no longer work in recent operating systems
due to the lack of documentation?

Reply | Threaded
Open this post in threaded view
|

Re: Hifn policy on documentation

Spruell, Darren-Perot
In reply to this post by Hank Cohen
From: [hidden email]
> There has been some discussion of late on this list about
> Hifn's policy
> with respect to releasing documentation to the general public.  That
> discussion lead to a great deal of uninformed speculation and
> unflattering statement's about Hifn's unfriendliness towards the open
> source community.  I would like to set the record straight.

I'm not sure the explanation sets anything *straight*. Hifn wishes to try to
open things up to be what they think is open enough for the open source
community to use, but they can't commit to do it right. Is Hifn "open" or
not? There is no "mostly open" or "kind of open" or "open under conditions A
B and C, and be sure to give us personal information."

> Software licenses are generally restricted in the disclosure or source
> code reproduction rights.  Hifn reserves the right to keep our source
> code proprietary.   This should not affect the hifn(4) driver
> since that driver is programmed directly to the hardware and does not
> use Hifn's enablement software library.

Software license? Code? You, like many vendors before you, make the mistake
of thinking that it is your source code that is wanted.

NO ONE WANTS YOUR SOURCES.

Specifications and documentation on how to interface with the hardware is
what is useful.
 
> Registration at our extranet is required along with an email address
> that can be confirmed.  We cannot support anonymous FTP or http
> downloads.  The reason for this is that we are required by the
> conditions of our US export licenses to know who and where
> our customers
> are.  If anyone objects to registration then we could not sell them
> chips anyway so it does not seem an unreasonable restriction to us.

Weak. Docs and specifications != product.

Look. I am an example of somebody who purchased a Hifn product because at
the time I had some idea that the card would be well supported by the OS
that I would use it in. I've since lost that warm fuzzy. If the required
documentation can't be opened up, correctly, to the developers who would
write OS drivers for it, then I have no need to buy more (or even continue
using my existing half-supported card.)

I am an example of someone who could very well no longer purchase Hifn, nor
recommend that others purchase it for their own use, based on the fact that
my OS vendors of choice cannot adequately support it. I have other choices.

DS

Reply | Threaded
Open this post in threaded view
|

Re: Hifn policy on documentation

Breen Ouellette
In reply to this post by Hank Cohen
Hank Cohen wrote:
> I hope that this clears the air.
>
>  

I was hopeful too, at the beginning of your message. As I neared the end
I was becoming skeptical, and by the time I clicked through to the
registration page I was fairly certain where this was heading. Several
posts later and it looks like I was right. I'm not the only person who
puts a great deal of value on personal data. Your company's personnel
seems to do so as well - I have tried fairly hard over the last week to
find contact information for your executives with no success. Hmmm,
imagine that!

I think that you may have misunderstood your target market, or at least
a portion of it. Users of OpenBSD tend to be the most cynical type of
person you are going to encounter. Many of us have gravitated towards
OpenBSD because we have been burnt in the past. We tend to guard our
data jealously. I haven't input my personal data on a website request
form for years, and I am not about to start. And I'm nowhere near as
hardcore as some of the people here. We have good reason not to trust
corporations - look at Enron. If shareholders cannot trust their
executives to fulfill the highest duty of a corporation - to maximize
shareholder profit - then how can we trust any company (which we do not
even have a financial interest in) to protect personal data which we
supply? We might as well be done with it and just post it to a website
for all the world to see.

Why this should matter to you is that we (OpenBSD users) drive sales of
your product. Hifn, on the other hand, does not drive sales of OpenBSD.
The dynamic of this relationship puts the onus on Hifn to cater to
OpenBSD's requirements if Hifn wishes to continue to benefit from the
relationship. OpenBSD requires unrestricted access to documentation,
which doesn't create a conflict with the export controls of the USA.
Theo will pull Hifn from the source tree if push comes to shove, and at
this point I could not care less. My Soekris vpn1411 is sitting on the
shelf next to my machine rather than inside of it. This is due to the
fact that it does not work the way it should. I would prefer to see
something good come of all of this, but if I have to trash my vpn1411
then it really doesn't make the situation any worse than it already is.
At least for me. It will definitely make it worse for Hifn.

If this situation does not resolve itself for the better then I will not
buy any further Hifn technology. But it gets even worse: I will not
recommend Hifn technology. In fact, I will speak very openly and very
negatively about the company and their products. This might not seem
like a big loss until you look deeper at who I know. My friends all work
in the IT industry. We talk about work all the time. Several of them
work for the federal and provincial governments and crown corporations
of Canada. They will certainly be seeing Hifn products in a new light.
One of them works for one of Canada's largest cities in the emergency
preparedness department. These guys take their security seriously
because they are on the front line of terrorism prevention. He will
definitely listen with great interest to what I have to say about Hifn,
and he will be sure to pass it up the chain. My wife works for one of
the big four global accounting firms. The national IT personnel will
hear all about Hifn next month at the company BBQ. My uncle owns several
oil and mining companies in Canada. My other uncle was in the military
and is well connected. Other relatives and friends work in government,
law, accounting, and engineering all across the country. The subject of
Hifn is likely to come up the next time I see each of  them, as well.

Now multiply my contacts by the number of OpenBSD users who take this
stuff seriously (which just so happens to be the majority of them). It's
not a pretty picture.

I'm behind Theo 100%. The average person might consider him to be
over-reacting. I would counter that the average person will never be
involved in the purchase of a Hifn product. I strongly suggest that you
consider who you are about to alienate before you go and do it. There is
still an opportunity to make this into a positive situation for Hifn and
OpenBSD.

Breen Ouellette

Reply | Threaded
Open this post in threaded view
|

Re: Hifn policy on documentation

Daniel Ouellet
In reply to this post by Wijnand Wiersma
2006/6/13, Hank Cohen <[hidden email]>:
> Folks,
> There has been some discussion of late on this list about Hifn's policy
> with respect to releasing documentation to the general public.  That
> discussion lead to a great deal of uninformed speculation and
> unflattering statement's about Hifn's unfriendliness towards the open
> source community.  I would like to set the record straight.

For me it goes like this.

I use OpenBSD because it is stable and secure and well documented. I
don't need to register to read the wonderful man page and know how it
work and what's supported or not.

Adaptec got substantial sale drop last year and don't take my word for
it. Just look at the public results they need to release for the stock
market. They don't respect their possible users to make the
documentations available to great developers to make sure their hardware
works well on my OS of choice that is NOT Microsoft thank you!

The results, simple, I have no more Adaptec what so ever in my business,
NONE and trust me, I do have plenty of servers. See I have the choice
like may here to buy of recommend hardware we see as good and well
supported. I wouldn't recommend to any of my customers any hardware that
is not working properly because a company do not see the light and
restrict my choice by not allowing their chips to be well supported, so
I go else where to get what I need and yes, I do look at specs and buy
what I see as good and supported for me.

Hifn's is not on my list and join the same dead beat, not look at list
as Adaptec did.

See, it's great out there, we have choice to pick what we want to use
and my choice is to pick well supported hardware by MY OS of choice and
the well supported come to no price to you what so ever, other then
providing a place to download documentation to write good drivers for
your hardware.

You don't even have to write the code, even the cost of distributing
your well written drive ( if it even come to that) is not even yours!

So, I will return that to you and say, yes, "That discussion lead to a
great deal of uninformed speculation..." you try to tell people that you
respect their choice and you think they are allow to make their own
choice. I guess not.

Just learn from other mistakes and wins. Hardware buy goes to well open
hardware makers and looks like most of them are not from the US these
days, but they do see me as a valuable customers and they do want me to
have well working servers as they make sure their product is well
supported on my choice of hardware, not by writing BLOB, but by
providing documentations and let the one that know best how to support
their hardware do it on my OS of choice!

Do you understand what I am saying and trying to make you understand!?

And the bottom line is simple.

If Theo said "I don't TRUST you to keep my personal data private.", nor
do I. And as express to you, "We are not your customers.  YOU ARE OUR
CUSTOMER.". So may be it's time you understand this and bring it up the
food chain in your business too!

Also, "And if you continue baiting me, I will delete the driver from our
source tree.", I wouldn't push it really. He did remove Adaptec from
OpenBSD last year and that was great as I didn't even have to question
if it was working well or not. It wasn't there, so no time waisting to
even try!

So, you want sales, just make the documentation !!!FREELY!!! available
and you would be surprise of what it does, plus you really have nothing
to loose! It doesn't cost you anything!

So, instead of hiring many more sales guys, or even PR guys to preach
the good of Hifn, let us do it fro you! How, well simple...


Open the documentation and then watch the list where everyone ready it
and see your chips working well on OpenBSD and then working well on ALL
other project over time!

I think you forget the most important things here. All Open Source
project do exchange with each other, some more then others, but they all
know what they other is doing!

Do the right thing and see everyone looks favorably to you in the end!

ISn't it what you spend lots of money in marketing to have users look
favorably to your chips so they use them?

Plus see this as an improvement, you increase your sales and you reduce
your costs!

Yes you do. No more needs to have servers keeping all that private
informations, and people looks at it and some more classifying it, and
some more communicating it to others, etc.

See, in the end, that increase your profit from day one!

Don't you like it?

Best,

Daniel

PS: I wish you the best in your future, what ever your choice might be.
Your call if that's going to be UP or DOWN.

Reply | Threaded
Open this post in threaded view
|

Re: Hifn policy on documentation

Raja Subramanian-2
In reply to this post by Breen Ouellette
On 6/13/06, Breen Ouellette <[hidden email]> wrote:
> I'm behind Theo 100%. The average person might consider him to be
> over-reacting. I would counter that the average person will never be
> involved in the purchase of a Hifn product.

Adding to your statement:  I would be what you call "the average
person", and heaven forbid, I would never purchase any hardware that
the OpenBSD Gods did not bless.  The simple reason behind it
is that I'm totally reliant on the OpenBSD developers for support and
whatever is good for them is the only thing that's good for me.

- Raja

Reply | Threaded
Open this post in threaded view
|

Re: Hifn policy on documentation

Michael Scheliga-2
In reply to this post by Hank Cohen
> -----Original Message-----
> From: [hidden email] [mailto:[hidden email]] On Behalf
Of
> Hank Cohen
> Sent: Monday, June 12, 2006 9:10 PM
> To: [hidden email]
> Subject: Hifn policy on documentation
>
> Folks,
> There has been some discussion of late on this list about Hifn's
policy
> with respect to releasing documentation to the general public.  That
> discussion lead to a great deal of uninformed speculation and
> unflattering statement's about Hifn's unfriendliness towards the open
> source community.  I would like to set the record straight.

Mr. Cohen,

Perhaps you can talk to your legal counsel and actually break out the
documentation needed for these open source drivers into a separate and
truly open to the "general public" anonymous download site.   I doubt
that the documentation that is being requested by developers is putting
you in violation of US Export Regulations.  Your customer's locations
can be tracked through the distribution network of your chips and
devices that you already have in place.  OpenBSD is not selling,
reselling, or modifying your products.  Nor is OpenBSD asking to
download drivers or other source code that you may provide to others.  I
understand it's very easy these days for attorneys to just say put
everything behind your registration only access extranet to be safe.
This is not acceptable and, in my opinion, is not open to the general
public like you stated.    

It might take some effort on your part and that of your legal counsel
and compliance officers to keep the open source community happy and the
US Government off your back, but I think you'll find it will be worth it
in the end.  You obviously care how the people reading this list
perceive your company and products or you wouldn't have written that
letter; now please take it a step further in the right direction.


Regards,

Michael Scheliga

Reply | Threaded
Open this post in threaded view
|

Re: Hifn policy on documentation

Marc Balmer-2
* Michael Scheliga wrote:
> truly open to the "general public" anonymous download site.   I doubt
> that the documentation that is being requested by developers is putting
> you in violation of US Export Regulations.  Your customer's locations

I live in Switzerland.  Do I give a fuckin' rats ass for US Export
Regulations?

Reply | Threaded
Open this post in threaded view
|

Re: Hifn policy on documentation

Dag Richards
Marc Balmer wrote:
> * Michael Scheliga wrote:
>> truly open to the "general public" anonymous download site.   I doubt
>> that the documentation that is being requested by developers is putting
>> you in violation of US Export Regulations.  Your customer's locations
>
> I live in Switzerland.  Do I give a fuckin' rats ass for US Export
> Regulations?
>


Not care about US Export Regs?

But that just means you want the terrorists to win.
After all our President is your President right?

Sleep, Consume, Follow Orders.  It's the American way.

Reply | Threaded
Open this post in threaded view
|

Re: Hifn policy on documentation

Marcus Watts
In reply to this post by Marc Balmer-2
From: Marc Balmer <[hidden email]> writes:

> Date: Wed, 14 Jun 2006 00:22:12 +0200
> From: Marc Balmer <[hidden email]>
> To: Michael Scheliga <[hidden email]>
> Cc: Hank Cohen <[hidden email]>, [hidden email]
> Subject: Re: Hifn policy on documentation
>
> * Michael Scheliga wrote:
> > truly open to the "general public" anonymous download site.   I doubt
> > that the documentation that is being requested by developers is putting
> > you in violation of US Export Regulations.  Your customer's locations
>
> I live in Switzerland.  Do I give a fuckin' rats ass for US Export
> Regulations?
>
>

Clearly you don't.  The vendor probably does.
        [ I do know somebody who once seriously inquired into the procedure
        to send in partial dead rat corpses to city hall.  Seems the
        state had a bounty program on the books from a century ago ... ]

In this case, the vendor appears to be talking about documentation,
which means they're actually confused.  EAR covers chips but not
documentation.  By US law they *have* to care about the chips.
Otherwise they're not in business.  However the same law and a bunch of
court cases also makes a big thing about "free speech".  For quite a
number of years, when cryptography was considered a munition and not
allowed to be exported without special license, people were writing
books and talking about cryptography almost entirely without problems.
Somebody needs to point this out to them; there's simply no defensible
US export legal reason for them to make people fill out web forms of
any form to acquire human readable documentation.

If the purpose of their web registration was to satisfy US export
purposes, it would still be different.  Such a form would mainly be
concerned with issues like "where do you live" - "can you prove you are
a US citizen" - and nothing more.  The MIT folks distributed kerberos
source via http with just such a registration system for a number of
years.

If they're asking 50 nosey personal questions, that's not US export
law.  That's business accounting and marketing think, 100% (or possibly
a *really* bad lawyer.)  They want to know where to send the next load
of junk mail so they can spend their advertising dollars "most
effectively".  They may want to resell that information to other people
in similar businesses.  Their sales people want to know if you call
with questions after that whether you're going to buy enough of their
product to make it worth their time to answer your questions.  Maybe
they're imagining they can reduce product liability claims - although I
don't know of very many product liability cases that were won by
failing to disclose problems.  Seems like they're more likely to
succeed at reducing product liability by reducing customer interest and
usage.  It's conceivable they think their competitors are actually
stupid enough that this form will stop them from learning about what
they're doing or coming up with better ways to do it.  In any event,
however justifiable they think they are in their business practices, it
still stinks, and it bodes ill for their long-term business health.
I wish their competition the best of luck.

                                -Marcus Watts

Reply | Threaded
Open this post in threaded view
|

Re: Hifn policy on documentation

Michael Scheliga-2
In reply to this post by Hank Cohen
-----Original Message-----
From: Michael Scheliga
Sent: Tuesday, June 13, 2006 4:21 PM
To: 'Dag Richards'
Subject: RE: Hifn policy on documentation



> -----Original Message-----
> From: [hidden email] [mailto:[hidden email]] On Behalf
Of
> Dag Richards
> Sent: Tuesday, June 13, 2006 3:49 PM
> To: [hidden email]
> Subject: Re: Hifn policy on documentation
>
> Marc Balmer wrote:
> > * Michael Scheliga wrote:
> >> truly open to the "general public" anonymous download site.   I
doubt
> >> that the documentation that is being requested by developers is
putting
> >> you in violation of US Export Regulations.  Your customer's
locations

> >
> > I live in Switzerland.  Do I give a fuckin' rats ass for US Export
> > Regulations?
> >
>
>
> Not care about US Export Regs?
>
> But that just means you want the terrorists to win.
> After all our President is your President right?
>
> Sleep, Consume, Follow Orders.  It's the American way.


Sorry, but when the company is in America, these are the
current laws.  I don't see how hi-jacking the thread to
show that you don't like America or it's laws is going
to help with getting drivers for a Hifn card working better.

And I don't recall being asked what country I wanted to be
born into.  Perhaps you were.  

Trying to get something changed for the better, not trying to
push US laws down anybodies throat.  If changing US law was as
simple as bitching about it in here, you wouldn't be able to
keep up with the volume of mail.

Michael

Reply | Threaded
Open this post in threaded view
|

Re: Hifn policy on documentation

Andrew Dalgleish
In reply to this post by Theo de Raadt
On Tue, Jun 13, 2006 at 08:43:16AM -0600, Theo de Raadt wrote:
[snip]
> And if you continue baiting me, I will delete the driver from our
> source tree.

You may as well. By the time Hifn release the documentation the speed
of cheap processors will have increased enough to make their current
products marginal.

I've had this happen with add-on DSP boards before.


Regards,
Andrew Dalgleish

Reply | Threaded
Open this post in threaded view
|

Re: Hifn policy on documentation

Breen Ouellette
In reply to this post by Dag Richards
Dag Richards wrote:

> Marc Balmer wrote:
>> I live in Switzerland.  Do I give a fuckin' rats ass for US Export
>> Regulations?
>>
>
>
> Not care about US Export Regs?
>
> But that just means you want the terrorists to win.
> After all our President is your President right?


I think nearly everyone here is fully aware of how American influence
affects the rest of the world. Using American laws as a scape goat to
try and pump personal information out of developers steps right into the
deep end of unreasonable legal wrangling. Hifn should realize that their
target market is interested in keeping information safe and private,
rather than exploiting developers for private information and using
inapplicable law as a sort of defacto shield against trouble with their
government. It only diminishes their reputation and perceived
trustworthiness in the eyes of customers, many of whom are making or
influencing the purchasing decisions for large foreign or multinational
organizations.

This is just another symptom of the US slide towards isolationism.
External competitive pressures are increasing every year and many
American institutions, both in government and private sector, are
seeking to restrict the trade of goods and ideas as a band aid to fix
the problem. The terrorist attacks of 2001 merely provided the powers
that be the excuse they needed to push isolationism further down the
throats of the American people.

Anyone who has been paying attention to China in the last ten years will
have a very good idea of where this type of policy is going to lead the
US economy. The sickest part is how China uses it's excess foreign
currency to buy American debt instruments, thereby encouraging low
interest rates in the US so that the American people can buy more
Chinese goods at Wal-Mart. We may soon see the last remaining super
power of the previous century decline into obscurity. Another decade
will tell us for sure.

Ahem. Sorry about that. Slightly off topic. :)

Breeno

Reply | Threaded
Open this post in threaded view
|

Re: Hifn policy on documentation

NetNeanderthal
In reply to this post by Hank Cohen
On 6/13/06, Hank Cohen <[hidden email]> wrote:
> Folks,
> There has been some discussion of late on this list about Hifn's policy
> with respect to releasing documentation to the general public.  That
> discussion lead to a great deal of uninformed speculation and
> unflattering statement's about Hifn's unfriendliness towards the open
> source community.  I would like to set the record straight.
I agree with others, the tone was correct at this point.

> The simple fact is that anyone who wants access to Hifn's documentation
> need only log on to our extranet site (http://extranet.hifn.com/home/)
The word simple implies no such thing in this instance.  I went to the
site and it asked for me to register.  What is that about?

> to download as much as they like.  This is true of the 795x Algorithm
> accelerator chips and the 7855 and 8155 HIPP chips.  Some more
> restrictions may apply to our NP and flow through part documents.
>
> Specifically the documentation for 7954, 7955 and 7956 is available.
> The other chips that are supported by the Open BSD Crypto drivers
> hifn(4), lofn(4) and nofn(4)  (7751, 7811,7951, 9751, 6500, 7814, 7851
> and 7854) are legacy parts that are not recommended for new designs.
> The driver will also work for 7954 even though that is not listed.
>
> This does represent some liberalization of access in recent months.
'some liberalization' means that you must compromise personal
information to gain access to docmentation used to sell your product?
Do you realize hifn's target industry?

> Hifn is always monitoring its policy with respect to the confidentiality
> of documentation and other business information.  Some information will
> probably always require a non-disclosure agreement.  Information that
> falls into that category is generally of a sensitive competitive nature,
> contains trade secrets or is related to unanounced or unreleased
> products.
Noone is asking for this information, why classify the other stuff
like it is ultra-secretive?  The only thing gained (lost) is a
community that supports and sells your products for you.

> Software licenses are generally restricted in the disclosure or source
> code reproduction rights.  Hifn reserves the right to keep our source
> code proprietary.   This should not affect the hifn(4) driver since that
> driver is programmed directly to the hardware and does not use Hifn's
> enablement software library.
Well, as you stated, it doesn't affect the hifn(4) driver, so why
limit the disclosure of information?

> Registration at our extranet is required along with an email address
> that can be confirmed.  We cannot support anonymous FTP or http
> downloads.  The reason for this is that we are required by the
> conditions of our US export licenses to know who and where our customers
> are.  If anyone objects to registration then we could not sell them
> chips anyway so it does not seem an unreasonable restriction to us.
What terms must be agreed upon when 'logging in' to this site or even
for registration?
It clearly asks when 'registering' for access 'Does your company
currently have an NDA/CDA with Hifn?'

No.  Luckily, it's not required, or so it says.

After logging in, guess what is shown:
"Welcome new user. It normally requires several hours for our staff to
receive your new user registration and assign the appropriate
permissions to you. You will be unable to browse folders or access
files until we upgrade your access. You will be notified via email as
soon as your permissions have been set. Thank you for your patience.

Regards,
Brian Sparks
(408) 399-3520
[hidden email] "

Is this the link that you refer to for the documentation?
http://extranet.hifn.com/home/content/documents/?id=1736

If so, why not just make it publicly available?  There was NO
information submitted that is verified other than eMail address, nor
any agreements signed that bind anyone to anything.

If anything, why not PROVIDE these 7956 Reference kits to developers?
Hifn owes THEM that much for all the hard work they do.

This is 'available documentation'?  Are you seriously defending this
on a public mailing list?

Yes, free available documentation.  What else lurks under these
proprietary PDF formats strewn about the site?  And if they're
accessible by normal means, sans agreement, why can't they just be
posted without regard to registration or agreement?  There is no
purpose for the compromise of personal information.

> I hope that this clears the air.
It doesn't.  You're asking for the OpenBSD community, and especially
developers, to compromise the very values that have made OpenBSD what
it is today.  I used to buy hifn products because they were
supported..and they 'just worked'.  Now, I have no choice but to look
elsewhere.  Don't think for a second that for ever person who posts a
complaint, there won't be a hundred thousand others who will read this
thread at some point and wonder if hifn is really the right choice for
their application.

Hank, did you really think that the legalese was in hifn's best
interests?  Hifn's customers' interests?  Congratulations, you've now
paid your attorneys to decrease support, and consequently, business.

Instead of removing the driver from the kernel, why not rename it to byefn(4)?

Reply | Threaded
Open this post in threaded view
|

Re: Hifn policy on documentation

Jacob Yocom-Piatt
In reply to this post by Hank Cohen
>This is just another symptom of the US slide towards isolationism.
>External competitive pressures are increasing every year and many
>American institutions, both in government and private sector, are
>seeking to restrict the trade of goods and ideas as a band aid to fix
>the problem.

i have wondered why companies like hifn want to keep their device design under
an NDA on many occasions. it seems to me to be mostly about a company's lack of
confidence in its competitive edge and their ability to maintain it. if you're
opening your drivers up, you had best be ready to "raise your skills", something
many amUricans are unwilling to do.

the whole idea of keeping the device docs under an NDA is silly to me. if anyone
REALLY wants those specs, e.g. your competitor, they can certainly get them
without too much additional trouble.

Reply | Threaded
Open this post in threaded view
|

Re: Hifn policy on documentation

Eliah Kagan
In reply to this post by Marcus Watts
On 6/13/06, Marcus Watts wrote:

> In this case, the vendor appears to be talking about documentation,
> which means they're actually confused.  EAR covers chips but not
> documentation.  By US law they *have* to care about the chips.
> Otherwise they're not in business.  However the same law and a bunch of
> court cases also makes a big thing about "free speech".  For quite a
> number of years, when cryptography was considered a munition and not
> allowed to be exported without special license, people were writing
> books and talking about cryptography almost entirely without problems.
> Somebody needs to point this out to them; there's simply no defensible
> US export legal reason for them to make people fill out web forms of
> any form to acquire human readable documentation.

As one example, Phil Zimmerman was not permitted to export the source
code to PGP electronically, so he published a print book containing it
in a character set particularly conducive to OCR (in the state of that
technology at that time). The issue there was that people in the NSA
and other anti-public-crypto goons in the US government were
comfortable and secure in their authority to obtain censorship of
electronic communications, but it was totally out of their league (at
least in that particular instance) to extend the censorious
regulations to the print medium.

So that issue is very real, but it is totally separate from what is
going on here, because:

(1) the materials in question are being distributed in an electronic form
(2) the materials in question are not actually subject to any US
export restrictions of any kind, and Mr. Cohen is either lying to us
or is quite misled.

The issue of the US government not being permitted to restrict speech
does not appear to me to be the applicable one here, because the only
organization that is acting against the interests of freedom in this
case is Hifn. They can blame the US government all they want--they're
lying (or severely and inexcusably mistaken).

-Eliah

Reply | Threaded
Open this post in threaded view
|

Re: Hifn policy on documentation

Nick Guenther
In reply to this post by Theo de Raadt
On 6/13/06, Theo de Raadt <[hidden email]> wrote:

> >There has been some discussion of late on this list about Hifn's policy
> >with respect to releasing documentation to the general public.  That
> >discussion lead to a great deal of uninformed speculation and
> >unflattering statement's about Hifn's unfriendliness towards the open
> >source community.  I would like to set the record straight.
> >
> <snip>
> I know that our hifn driver has some problems.  But because I cannot
> get data sheets without giving you private information, I will not
> spend even one moment more of my time to improve support for your
> products.  Jason and I spent a lot of time writing that code in the
> past, but because your policies are privacy invasive towards us, and
> thus completely thankless for the sales that we have given you in the
> past -- we will not spend any more time on your crummy products.
>
> And if you continue baiting me, I will delete the driver from our
> source tree.
>
> I stand by my statement that HIFN is not open.

I don't use crypto accelerators, and none of this discussion applies
to me, so this is just noise... but I have to say this: this is
_AWESOME_. The project has not only scared the execs at this
corporation, now they are being torn to pieces by their previous
customers. I especially like Breen's response. A lot of other
communities would just be excited to be noticed, but not you guys. I
am not an OpenBSDer because I've been burned (not enough experience
for that) but because I recognized the philosophy as the only one that
is going to save humanity from itself.

Now, Hank Cohen, please come back and respond to some of these
replies. Stand up for your tribe. For the ones you missed, here's the
full thread (hosted somewhere that provides information for free,
perhaps you could learn from them):
http://marc.theaimsgroup.com/?l=openbsd-misc&m=115017551512719&w=2

-Nick

Reply | Threaded
Open this post in threaded view
|

Re: Hifn policy on documentation

chris barry
In reply to this post by Hank Cohen
> -----Original Message-----
> From: [hidden email] [mailto:[hidden email]]
> On Behalf Of Hank Cohen
> Sent: Tuesday, June 13, 2006 12:10 AM
> To: [hidden email]
> Subject: Hifn policy on documentation
>
> Folks,
> There has been some discussion of late on this list about
> Hifn's policy
> with respect to releasing documentation to the general public.  That
> discussion lead to a great deal of uninformed speculation and
> unflattering statement's about Hifn's unfriendliness towards the open
> source community.  I would like to set the record straight.  
>
> The simple fact is that anyone who wants access to Hifn's
> documentation
> need only log on to our extranet site (http://extranet.hifn.com/home/)
> to download as much as they like.  This is true of the 795x Algorithm
> accelerator chips and the 7855 and 8155 HIPP chips.  Some more
> restrictions may apply to our NP and flow through part documents.  
>
> Specifically the documentation for 7954, 7955 and 7956 is available.
> The other chips that are supported by the Open BSD Crypto drivers
> hifn(4), lofn(4) and nofn(4)  (7751, 7811,7951, 9751, 6500, 7814, 7851
> and 7854) are legacy parts that are not recommended for new designs.
> The driver will also work for 7954 even though that is not listed.  
>
> This does represent some liberalization of access in recent months.
> Hifn is always monitoring its policy with respect to the
> confidentiality
> of documentation and other business information.  Some
> information will
> probably always require a non-disclosure agreement.  Information that
> falls into that category is generally of a sensitive
> competitive nature,
> contains trade secrets or is related to unanounced or unreleased
> products.
>
> Software licenses are generally restricted in the disclosure or source
> code reproduction rights.  Hifn reserves the right to keep our source
> code proprietary.   This should not affect the hifn(4) driver
> since that
> driver is programmed directly to the hardware and does not use Hifn's
> enablement software library.  
>
> Registration at our extranet is required along with an email address
> that can be confirmed.  We cannot support anonymous FTP or http
> downloads.  The reason for this is that we are required by the
> conditions of our US export licenses to know who and where
> our customers
> are.  If anyone objects to registration then we could not sell them
> chips anyway so it does not seem an unreasonable restriction to us.
>
> I hope that this clears the air.
>
> Best regards,
> Hank Cohen
> Product Line Manager
> Hifn Inc.
> 750 University Ave
> Los Gatos Ca. 95032
> 408-399-3593
>
>

Actually, it's just ignorance on Hifn Marketing's part. It's really that
simple. Ignorance and stubborn misunderstanding, and it's incredibly
frustrating. It's not stupidity - there's a difference. Ya don't know
what ya don't know... They simply do not understand.

Hank, certainly you can see the relationship between driver support on
more platforms and increased product sales. It's just logical. More
chips sold, and you get a bigger bonus! You can also understand the need
for security and privacy - hence your product. Security is one of the
main reasons people gravitate toward OpenBSD. You really have a lot in
common. Check it out - OpenBSD people are writing code to support your
products, and not only is it not costing your company a penny, but it is
actively increasing the sale of your product. It's a total Win-Win. Do
the numbers.

When you look at the security minded bent of the OpenBSD community, what
I would say is a fierce loyalty to those vendors that 'get it', and the
fact that this thread will be available for all the World to see when
they Google 'hifn openbsd', and you should start seeing that by
stubbornly adhering to your policy, you are really just shooting
yourself in the foot.

What you *could* be doing is running as fast and hard as you can in the
*other* direction - by actively helping Open Source developers as much
as possible - and that means support with docs, dev kits, test hardware,
and maybe even a little financial support. That's the savvy, New World
MBA thing to do.

I see this all the time, most big vendors are clueless, and frankly my
company is guilty of it. What your company - and mine - need is to
employ the perspective and wisdom of those deeply into open source to
help them leverage the energy of those committed to providing quality,
free software. For hardware vendors, there is no better way. But doing
that correctly requires a real understanding of the culture, respect for
why these developers do what they do, and a cultivation of trust in the
community.

I hope that decrypts the air a bit more.

Regards,
-C

123