[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [TLS] Document Action: 'TLS Elliptic Curve Cipher Suites with SHA-256/384 and AES Galois Counter Mode' to Informational RFC

To: Dan Harkins <dharkins@xxxxxxxxxx>
Subject: Re: [TLS] Document Action: 'TLS Elliptic Curve Cipher Suites with SHA-256/384 and AES Galois Counter Mode' to Informational RFC
From: Dean Anderson <dean@xxxxxxx>
Date: Mon, 30 Jun 2008 09:21:52 -0400 (EDT)
Cc: iesg@xxxxxxxx, tls@xxxxxxxx, rms@xxxxxxx
Delivered-to: tls@xxxxxxxxxxxxxx
In-reply-to: <e57b3413a1bc230b3ea3ebd498ebc381.squirrel@xxxxxxxxxxxxxxxxxx>
List-help: <mailto:tls-request@ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-post: <mailto:tls@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
Sender: tls-bounces@xxxxxxxx

On Sat, 28 Jun 2008, Dan Harkins wrote:

> 
> 
> On Sat, June 28, 2008 12:19 pm, Dean Anderson wrote:
> >                                                      There is no
> > disclosure for this draft, even though the authors knew the algorithms
> > were patented.
> 
>   What's the patent then? And please don't just regurgitate Certicom's
> list of patents it asserts are necessary. For you to make such a specific
> statement ("the algorithms were patented") you must know which specific
> claim in what specific patent applies. So, what is it?

There is already general agreement that the RFC4492 algorithms are
patented, and covered by 26 patents. The algorithms in the current draft
are derived from those in RFC4492.  Derived algorithms are covered by
the patent on the original algorithms.  It is up to you to prove that
these new algorithms are NOT derived from the patented algorithms. Given
the obvious derivation, you can't show the current algorithms to be
original, and thus have no reason to doubt their patent status.

I also note that Rescorla's 2001 TLS book has a paragraph on Elliptic
Curve cipher suites. In the book, Rescorla describes the patent status
as vague and notes the cipher itself may be patented. It seems that 7
years is plenty of time to get clarity. In fact, there seems to be some
greater clarity on the patent status since 2001. But in any case, one
can't pretend to be uncertain forever.  

		--Dean

-- 
Av8 Internet   Prepared to pay a premium for better service?
www.av8.net         faster, more reliable, better service
617 344 9000   

_______________________________________________
TLS mailing list
TLS@xxxxxxxx
https://www.ietf.org/mailman/listinfo/tls

Follow-Ups:
- Re: [TLS] Document Action: 'TLS Elliptic Curve Cipher Suites with
  - From: Martin Rex
- Re: [TLS] Document Action: 'TLS Elliptic Curve Cipher Suites with SHA-256/384 and AES Galois Counter Mode' to Informational RFC
  - From: Dean Anderson

References:
- Re: [TLS] Document Action: 'TLS Elliptic Curve Cipher Suites with SHA-256/384 and AES Galois Counter Mode' to Informational RFC
  - From: Dan Harkins

Prev by Date: Enlarge upsize and upgrade your organ
Next by Date: Re: [TLS] Document Action: 'TLS Elliptic Curve Cipher Suites with SHA-256/384 and AES Galois Counter Mode' to Informational RFC
Previous by thread: Re: [TLS] Document Action: 'TLS Elliptic Curve Cipher Suites with SHA-256/384 and AES Galois Counter Mode' to Informational RFC
Next by thread: Re: [TLS] Document Action: 'TLS Elliptic Curve Cipher Suites with SHA-256/384 and AES Galois Counter Mode' to Informational RFC
Index(es):
- Date
- Thread