browse comments: WIPO RFC-2

WIPO RFC-2
Velok Laszlo (process@wipo2.wipo.int)
Fri, 6 Nov 1998 13:34:46 -0500

Browse by: [ date ][ subject ][ author ]
Next message: daiken@ford.com: "WIPO RFC-2"
Previous message: peterc@iia.net.au: "WIPO RFC-2"

Attachment: http://arbiter.wipo.int/processes/process1/rfc/dns_attachments/rfc2/attach910550086.dat

File notes: Digital signature smime.p7s

Mr. Klaus-Peter Wittig & Mr. David Muls
WIPO

Dear Mr. Wittig, Mr Muls,

I would like asking your help to forward my message to the section working on domain names discussion inside WIPO. Forgive me that I do not use the discussion "server" http wipo2 . wipo . int to forward my message but I would like defend both WIPO and myself against spamming. The second reason, that I do not use this forum, that my e-mail describing another challenge to electronic commerce and Internet infringements. My comments are on the WIPO RFC-2 connecting to Introductory Remarks, Section B (Dispute Resolution) and Section C (Process for the Protection of Famous and Well-Known Marks in the Generic Top Level Domains).

This time electronic business identifiers mean only domain names. I would like to focus your attention to another - but not so old and not everyday used - technique of Internet. As the secured, trusted connections are rising in electronic commerce / transactions the importance of digital signature is increasing. Today work only few commercial digital signature providers. They are accessible by word wide public.

Today there is some executory act on digital signature and some are in codification of law. These acts are not regulating the strings involved to the digital signature. (Please look my digital signature containing "
Velok Laci " string. This string could be any string like any other
character string, so it could be a well-known trade / service mark.) The
digital signature providers are not checking this string, any bad faith
person could apply signatures containing third party's business
identifying names / character strings.

(The digital signature is not belonging to any domain name, or IP address through the domain name. The digital signature belongs to only one browser software, but freely exportable / importable to any other machine [with or without IP address!] or browser depending on user / owner decision. Any applied person could have digital signature. The registry process always using secured trusted connection between trusting server and applicant, working with - special - security protocols to transfer data. This protocols working with permanent IP addresses and dynamic / server assigned IP addresses too. The fee of a digital signature registration is from about 10 USD / year, depending on business policy of the provider. The trusting server - the server generating the digital signature itself - storing the database of assigned digital signatures and some personal data relating to the applicant. [The digital signature containing key for encryption of messages too.] Checking the valid status of any digital signature on
the trusting server, you will have only information on status - valid, invalid, revoked, expired etc. - of signature but the personal data of applicants are closed to public. The personal data are so closed to public that the user having valid digital signature have no access to its own personal data stored on the trusting server. The digital signature owner / user is able to administer its own personal data through the signature management on the trusting server. This management is secured and trusted connection too!)

My opinion is that technique would be another challenge to the industrial properties (trade / service marks) on the Internet.

So please think about that situation: let you have a message digitally signed. The sender identifying character string involved in this digital
signature containing a wide registered trade / service mark. (Let it be a famous or well-known mark.) Your browser does not alert you because the signature is valid; the message was not broken by any third party. (The bad faith owner of this signature applied for this signature to mislead the public with a trusting element! This business could be another electronic business like the domain names are today!) Looking first this message seems that the sender is the trademark owner itself. The signature checking at the "authority" (on the trusting server) will show that the signature is valid and associated with an e-mail address containing a domain name given by the applicant. (As we are working on the Domain Name Process this time, the domain name incorporated to digital signature could be any string! But it could be a misleading "electronic slavish imitation" of a really existing domain name too.) The sequence of digital signature distribution is based on "first to file".

On the base of trusting, the described case would be more dangerous to electronic business and its identifiers than a simple " domain name infringement of trade marks" or "infringement of strings". The bad faith "Cyber Man" is living in a domain. This is not means that all members belonging to the domain name having bad faiths. But the bad faith "Cyber Man" could misleading the public by "trusting" personal identifier. This is "Cyber Mans" digital signature!

I think that today is not late to incorporate the described challenging
problem to WIPOs Domain Name Process.

Thank you for your attention.

Yours sincerely:
Velok Laszlo
patent attorney
H 4024 Debrecen
Kossuth u. 23.
Hungary

 -- Posted automatically from Process Web site