[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
FW from NAI: CommonLine purchase of 4.0 Toolkit

To: "cl-elec-exch@lists. glhec. org (E-mail)" <cl-elec-exch@lists.glhec.org>, "Jon Kroehler (E-mail)" <JKROEHLE@usagroup.com>, "Karen Haney (E-mail)" <khaney@nchelp.org>, "Paul Jansen (E-mail)" <pjansen@usagroup.com>, "Linda Laub (E-mail)" <llaub@pheaa.org>, "Russ Judd (E-mail)" <rjudd@glhec.org>
Subject: FW from NAI: CommonLine purchase of 4.0 Toolkit
From: Scott Fullerton <sfullerton@glhec.org>
Date: Tue, 31 Mar 1998 10:49:50 -0600
Sender: owner-cl-elec-exch@lists.glhec.org

The last shoe has dropped.  I talked with Jeff Platon late yesterday and Rich 
Hornstein this morning.  They have no satisfactory explanation why we are 
finding out at this late date.  The kindest construction I can make of this is 
that internal communications are critically inadequate.  Most of the time these 
days I am not inclined to be kind.

I will talk with RSA to see if there is any room for negotiation with them to 
use the PGP toolkit with RSA for our particular case.  It's a long shot but 
worth a try.

We should cease work on license terms.
Scott

-----Original Message-----
From:	"Hornstein  Rich" <Rich_Hornstein@NAI.com>
Sent:	Monday, March 30, 1998 7:55 PM
To:	Scott Fullerton
Cc:	"Platon Jeff" <Jeff_Platon@NAI.com>; "Jackman Brian" 
<Brian_Jackman@NAI.com>
Subject:	FW: CommonLine purchase of 4.0 Toolkit

Dear Mr. Fullerton,

I am sorry to inform you that we are not permitted to sell the 4.0 toolkit to 
CommonLine.  To summarize, Network Associates purchased PGP in December, 1997. 
 Along with the acquisition, we acquired litigation with a company called RSA 
Data Security.  The essence of the litigation is whether PGP (and therefore 
NAI) has the right to use the RSA algorithm in the PGP products.
NAI has determined that we cannot continue to support RSA in the wake of this 
litigation.  Therefore, the PGP toolkits currently sold do not include the RSA 
algorithm in the products.  Additionally, we have discontinued selling the old 
products for the same reasons.
We would be very happy to sell CommonLine the 4.0 toolkit, but are not 
permitted by RSA.
I am very sorry to apprise you of this.  I also apologize if it has 
inconvenienced the students.
We are offering PGP sdk with D-H; however, based on your e:mail, this is not 
enough.  Hopefully, by working together with Brian, you could transition from 
being RSA dependent to using the new product.
I hope that Brian can make CommonLine a favorable arrangement to facilitate 
this transition.  Perhaps he could also provide favorable terms on other 
technology (e.g., Virusscan or Nuts & Bolts) to make up for the inconvenience.
Please contact me if you have any questions at my mobile at 415-990-7202.
Thank you.
Rich Hornstein
V.P. of Legal Affairs



> -----Original Message-----
> From:	Abbott, Steve
> Sent:	Monday, March 30, 1998 4:22 PM
> To:	Platon, Jeff
> Cc:	Hornstein, Rich
> Subject:	RE: CommonLine purchase of 4.0 Toolkit
>
> >- -----Original Message-----
> >From:	Scott Fullerton [SMTP:sfullerton@glhec.org]
> >Sent:	Friday, March 27, 1998 9:12 AM
> >To:	Hornstein, Rich; Platon, Jeff
> >Cc:	Jackman, Brian; Karen Haney (E-mail); Jon Kroehler (E-mail)
> >Subject:	CommonLine purchase of 4.0 Toolkit
> >
> >Mr. Hornstein and Mr. Platon:
> >
> >I am writing on behalf of the CommonLine Electronic Exchange
> >Subcommittee to
> >express my shock and dismay upon hearing you may withdraw the offer
> to
> >sell the
> >PGP/Viacrypt 4.0 toolkit.  This places us in a very bad position, as
> >many
> >schools and guarantors have already done extensive work to release
> >products
> >using the RSA algorithm.   Over the course of the winter during your
> >merger,
> >our dealings with PGP/NAI became very problematic due to poor
> internal
> >
> >communication among NAI/PGP.  This was bad enough.  But now, after we
> >have
> >proceeded assiduously and in good faith for another one and a half
> >months
> >toward final closure of a deal, this presents a much larger problem.
> >You must
> >understand, this is not only costing ten to twenty student loan
> >guaranty
> >agencies as much as six months of development time.  At this late
> >date, it
> >jeopardizes student loan processing nationwide. We are hoping,
> >therefore, the
> >information we received-that you have withdrawn this offer-is
> >unfounded,
> >or if it is true, that the decision can be revisited and reversed.
> >
> >Should it be true, we would be left with meager options, as we move
> >toward the
> >summer, a time when colleges are at their busiest processing
> >applications for
> >fall semester loans.  CompuServe/AOL wants to move its users from
> >their
> >proprietary mail system and do not at this point guarantee continued
> >service on
> >that system. We set up procedures in a timely fashion to migrate
> users
> >to POP3
> >and included specifications therein for encryption and authentication
> >through
> >the use of PGP.  We have delayed our migration first because of
> >members'
> >inability to negotiate contracts with your representatives over the
> >course of
> >January and February, and now because we are attempting to complete
> >the
> >purchase on the offer that was extended to us.  To retract that offer
> >now would
> >leave us with very high exposure to disruption of service to colleges
> >and
> >students across the country.
> >
> >By waiting until now to inform us, you have left us in a vulnerable
> >position,
> >as we are running out of time.  After the problems experienced
> >following the
> >merger, we were prepared to look elsewhere for encryption technology
> >when there
> >was still sufficient time to do so.  But, because of the very
> >attractive offer
> >extended by Brian Jackman, we chose to stay with NAI.  The offer
> >included
> >software and licensing for the toolkit and the corresponding end-user
> >software
> >along with technical support of sufficient duration to allow a
> >transition to
> >32-bit Windows after the peak processing period.   Now, having waited
> >this
> >long, we have run out of effective alternatives.  We cannot count on
> >the
> >continued availability of the existing proprietary CompuServe system.
> >
> >The offer Brian made was attractive to us, because it provided us
> with
> >
> >RSA-based software for end-use AND development.  We need RSA, because
> >it is the
> >only algorithm that allows compatibility across our entire group of
> >colleges,
> >lenders, and guarantors.  Mutual compatibility is essential because
> of
> >the
> >many-to-many nature of the communications.   RSA and Diffie-Hellman
> >are
> >mutually incompatible, and you have not provided the necessary
> >"bridge"
> >technology.   The most recent release of the development toolset (the
> >SDK) does
> >not support RSA, only Diffie-Hellman, and Diffie-Hellman is not
> >available for
> >16-bit end-use or development. Our options are determined by the
> >lowest common
> >denominator.   Since many SBS products are still 16-bit Windows, our
> >entire
> >network must settle on an algorithm that is available to that
> platform
> >and
> >compatible with the rest.
> >
> >We have been working hard to complete the arrangements Brian
> proposed,
> >but
> >there have been delays in the entire process largely caused by delays
> >obtaining
> >information from NAI staff.  For example, we have been attempting for
> >three
> >weeks to learn the specifics of technical support, one of the
> >conditions of the
> >agreement. Often calls were not answered. Essential points have yet
> to
> >be
> >answered.  There have also been delays also in setting up the
> >licensing terms.
> > It took us until March 16 to get sample documents we could use as a
> >basis for
> >negotiation.   Our team met with Dave Tauber (of NAI legal) and Brian
> >Jackman
> >on March 20 to set up a common agreement for all CommonLine members.
> >Since
> >then, we have been working hard to craft terms that would be
> >acceptable to both
> >sides.  (Interestingly, Dave Tauber sent me more information to
> >further our
> >joint effort AFTER we heard the offer was possibly withdrawn!).
> While
> >working
> >through issues of support and licensing, we have proceeded to get
> >participation
> >from our members.   We kept them apprised of developments, and when,
> >because of
> >these delays, it looked as if we may not make the March 31 deadline,
> >we
> >circulated a "letter of intent" form,  which they are now using to
> >inform NAI
> >of quantities to purchases when the license terms are completed.
> >
> >CommonLine is a standards-setting body under the auspices of National
> >Council
> >of Higher Education Loan Programs (NCHELP www.nchelp.org).  Its
> >members consist
> >of guaranty agencies, secondary markets, lenders, servicers,
> >collection
> >agencies, schools, and other organizations involved in the
> >administration of
> >the Federal Family Education Loan Program.    Examples include USA
> >Group,
> >Edfund, SLMA, Nellie Mae, AFSA,  The Access Group, TGSLC, PHEAA,
> Great
> >Lakes,
> >NYHESC, Citibank Student Loan Corp, Signet Bank, Penn State, US Bank,
> >Bank One,
> >UC Berkeley to name but a few.  Some of the agencies develop software
> >they
> >freely give to school financial aid offices.  The rest in the group
> >are
> >end-users or develop for their own in-house use.
> >
> >Should CommonLine use PGP software as we had planned, NAI would enjoy
> >high
> >visibility as part of a national standard in an attractive market
> >niche
> >intersecting higher education, finance, and the Department of
> >Education.   This
> >would be widely publicized and provide ready entree into lending
> >institutions
> > and the administrative branch of colleges and universities.  We have
> >included
> >plans to utilize your encryption software in our presentations at
> >seminars and
> >conferences attended by hundreds of representatives from educational
> >institutions during the past nine months.  It will be embarrassing
> for
> >us, but
> >more so for you, if we are forced to retract those plans.
> >
> >Please review the issues and respond immediately.
> >
> >Scott Fullerton
> >Chair CommonLine Electronic Exchange Subcommittee
> >608.246.1779
> >sfullerton@glhec.org
> >
> >
> >
> >
> >
> >
> >-----BEGIN PGP SIGNATURE-----
> >Version: PGP for Business Security 5.5.2
> >
> >iQA/AwUBNRvEb1XUk62nZ4qEEQIpGQCgiPQJR0TBzn+y/KHdA1p3JfO72Z0AoNAO
> >zg9fJ9zglz9z4ju6pySVqd9E
> >=wGrT
> >-----END PGP SIGNATURE-----
> >
> >
> Brian Jackman
> Manager, OEM Sales
> Pretty Good Privacy, Inc.
> (415) 524-6205
>
> My PGP public key can be found at:
> http://keys.pgp.com:11371/pks/lookup?op=get&exact=on&search=0x9CFCBDAD
>
> -----BEGIN PGP SIGNATURE-----
> Version: PGP for Business Security 5.5.2
>
> iQA/AwUBNSBFnlXUk62nZ4qEEQJz6wCfbuyd2WI04SUSelEyKuHpb5TLe+oAoMHX
> x59nUNOoEOtzg5cVlDU2xEYS
> 'bt
> -----END PGP SIGNATURE-----
Prev by Date: RE: Choose your poison
Next by Date: Encyption Software
Prev by thread: Send in those Letters of Intent
Next by thread: Encyption Software
Index(es):
- Date
- Thread