Protocol
Internet-Draft · CFRG · QUIC WG · RAND-Z licensing · Helsinki HQ
Why open
You cannot be foundational without being open.
Every foundational protocol of the last forty years — TCP/IP, DNS, HTTP, TLS — became foundational by being implementable by anyone, free of royalty. Vendor-locked protocols become products. Open protocols become substrate.
The machine-to-machine authentication layer of the 2030s internet will follow the same pattern. An authentication mechanism for agentic AI, vehicle-to-infrastructure, satellite mesh and critical infrastructure cannot be the property of a single vendor. The ecosystem will not standardise on something it cannot freely implement, audit, or fork.
EdSSA is built on this premise from inception. The protocol is written as an Internet-Draft for the IETF, to be published royalty-free for conforming implementations under BCP 79 once the patent filings that underwrite that licence are on record. The reference implementation is open for independent audit. The formal verification work will be co-authored with academic cryptographers.
The patent portfolio that protects the company sits underneath all of that, active and expanding. The patents defend the company; the open protocol defends the ecosystem. Both have to be true at the same time.
Implementation
High-performance, commercial.
Platform
Enterprise-grade operations.
The trajectory
From draft to RFC, in the open.
Standardisation moves on its own clock, and we plan around the IETF’s cadence rather than against it. The trajectory below sequences the public standards work against the patent calendar so that nothing premature is disclosed, and so that the ecosystem can begin implementing on the same schedule the IETF itself moves on.
2027
Internet-Draft, individual submission.
draft-westerholm-quic-edssa-00Published as an individual submission once the continuation filings that underwrite the royalty-free licence are on record, then circulated on the CFRG mailing list for cryptographic review. Mandatory IPR disclosure filed under BCP 79 at submission.2027–2028
CFRG presentation, formal review.
H2 2027
QUIC WG adoption, Hackathon interop.
2028+
Working Group adoption, then RFC.
IPR posture
Royalty-free for conforming implementations. Unambiguous and committed.
The IETF requires disclosure of patents that read on a normative specification. The disclosure for EdSSA-over-QUIC will be filed at the time the Internet-Draft is published, identifying the relevant patent applications and stating an unambiguous licensing posture for implementers.
The posture is royalty-free for conforming implementations: anyone who implements the published specification, in software or hardware, for any purpose — commercial, open-source, academic, government — receives a royalty-free license to the patent claims that read on the specification. No per-deployment fee. No per-instance fee. No discriminatory terms.
Commercial rights are retained for non-conforming use cases, for accelerated proprietary implementations, and for the extension surfaces that will be specified in later documents. This is the same posture IETF member companies including Cisco, Mozilla, Cloudflare and Google have used to contribute patents to specifications they helped author.
What this means for you
Implement freely. Audit freely. Fork freely.
What this means for us
The commercial moat lives in implementation and operations.
Allies and process
The standards push is not a solo effort.
Academic cryptography partner.
Independent adversarial review.
Interop at IETF Hackathon.
Sovereign and European engagement.
Why this works
Patents defend the company. Standards open the ecosystem. Both have to be true.
Founders are often told the choice is binary: patent your invention and stay closed, or open-source it and lose the moat. The pattern that actually built foundational infrastructure — from IBM’s patent contributions to the Apache and Linux ecosystems, to Cisco’s contributions to IETF protocols, to Cloudflare’s patent pledges around QUIC — tells a different story.
Hold the patent portfolio deep and defensive. Publish the protocol open and royalty-free for conforming implementations. Build the commercial business on engineering excellence and operational depth, not on protocol exclusivity. The patents prevent a competitor from ambushing you with a parallel filing; the openness prevents the ecosystem from routing around you to a free alternative.
EdSSA is built explicitly on this model. The Internet-Draft, the CFRG presentation, the formal-verification paper, and the open reference implementation are not concessions; they are the distribution strategy.