[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [TLS] Document Action: 'TLS Elliptic Curve Cipher Suites with SHA-256/384 and AES Galois Counter Mode' to Informational RFC

To: dean@xxxxxxx, ynir@xxxxxxxxxxxxxx
Subject: Re: [TLS] Document Action: 'TLS Elliptic Curve Cipher Suites with SHA-256/384 and AES Galois Counter Mode' to Informational RFC
From: pgut001@xxxxxxxxxxxxxxxxx (Peter Gutmann)
Date: Thu, 26 Jun 2008 17:22:09 +1200
Cc: tls@xxxxxxxx
Delivered-to: tls@xxxxxxxxxxxxxx
In-reply-to: <Pine.LNX.4.44.0806251617430.17162-100000@xxxxxxxxxxxxxxxxx>
List-help: <mailto:tls-request@ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-post: <mailto:tls@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
Sender: tls-bounces@xxxxxxxx

Dean Anderson <dean@xxxxxxx> writes:

>As for the Certicom licence grant on its remaining patents, that grant
>identifies specific drafts and doesn't include this draft. The grant in '750
>you mention specifically restricts the grant to the drafts listed: "The
>licence granted does not extend, either explicitly or implicitly, to other
>IETF protocols".

Another issue with the various patents is that there is sufficient FUD
surrounding them that users (at least in my experience) are unwilling to go
near them because it's easier to just use unencumbered RSA (or whatever).
Specifically, given the choice between having lawyers spend forever trying to
ensure they won't get sued and just going ahead and using the de facto method,
they've all gone for the de facto one (the EKE patent mess is another example
of this in action).  So there are really two issues, whether there is
technically an issue and whether there is legally an issue, i.e. whether
people are going to be happy using this with the threat of lawsuits hanging
over them.  Without a clear and unambigous statement from any patent
stakeholders saying that nothing will happen to you for implementing this, I
can't see customers going for it, it's all risk and no benefit.

Peter.

_______________________________________________
TLS mailing list
TLS@xxxxxxxx
https://www.ietf.org/mailman/listinfo/tls

Follow-Ups:
- Re: [TLS] Document Action: 'TLS Elliptic Curve Cipher Suites with SHA-256/384 and AES Galois Counter Mode' to Informational RFC
  - From: Blumenthal, Uri

References:
- Re: [TLS] Document Action: 'TLS Elliptic Curve Cipher Suites with SHA-256/384 and AES Galois Counter Mode' to Informational RFC
  - From: Dean Anderson

Prev by Date: Re: [TLS] draft-urien-tls-keygen-00.txt
Next by Date: Re: [TLS] Document Action: 'TLS Elliptic Curve Cipher Suites with SHA-256/384 and AES Galois Counter Mode' to Informational RFC
Previous by thread: Re: [TLS] Document Action: 'TLS Elliptic Curve Cipher Suites with SHA-256/384 and AES Galois Counter Mode' to Informational RFC
Next by thread: Re: [TLS] Document Action: 'TLS Elliptic Curve Cipher Suites with SHA-256/384 and AES Galois Counter Mode' to Informational RFC
Index(es):
- Date
- Thread