[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [TLS] Document Action: 'TLS Elliptic Curve Cipher Suites with

To: rms@xxxxxxx, tls mailing list <tls@xxxxxxxx>
Subject: Re: [TLS] Document Action: 'TLS Elliptic Curve Cipher Suites with
From: Yoav Nir <ynir@xxxxxxxxxxxxxx>
Date: Tue, 1 Jul 2008 09:10:18 +0300
Cc: iesg@xxxxxxxx
Delivered-to: tls@xxxxxxxxxxxxxx
In-reply-to: <E1KDSPJ-0004XB-TT@xxxxxxxxxxxxxxxxx>
List-help: <mailto:tls-request@ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-post: <mailto:tls@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
References: <200806301701.m5UH1rdm023287@xxxxxxxxxxxxxxxxxxx> <E1KDSPJ-0004XB-TT@xxxxxxxxxxxxxxxxx>
Sender: tls-bounces@xxxxxxxx

OK, but Martin is correct about patent issues as well. We can discusspatent issue on and on, but we can't really get to any solidconclusions.

None of us on the TLS mailing list is a lawyer, definitely not apatent lawyer, and even if we were, the discussion about whether ornot a patent applies will usually never terminate. The only way toreally know is to implement, wait for the lawsuit, and see who wins.Unfortunately, most implementers, especially commercial ones are notwilling to take this route.

Looking for unencumbered alternatives is even more tricky. We know(or think) that TLS-SRP is encumbered. Suppose we took these guys'proposal to create an unencumbered alternative:

http://www.lightbluetouchpaper.org/2008/05/29/j-pake/

They claim that JPAKE is unencumbered, so TLS-JPAKE should beunencumbered, no? Well, we don't really know - it's hard to prove anegative. If we go ahead and specify and implement TLS-JPAKE, somebodymight come out of the woodwork and claim we are infringing. All thediscussion on the TLS or IESG mailing lists is not going to change that.



On Jul 1, 2008, at 2:03 AM, Richard M Stallman wrote:

Discussing IPR issues burns a whole lot of resources in a uselessfashion.


Since "IPR" refers to a congeries of different laws, any general
statement about "IPR issues" is almost always an overgeneralization.
Your statement is one.

Copyright issues and trademark issues generally do NOT cause serious
problems for a proposed technique, because it is easy enough to work
around them.  To discuss them here at length would probably be
superfluous.

By contrast, patent problems are often fatal, and there is no remedy
except to wait as much as 20 years.  Thus, discussing whether a
proposed technique is patented is absolutely crucial.

Lumping together things which are so different in their effects is
encouraging confusion.  Thus, using the term "IPR" does only harm.
Avoiding it is easy, so let's avoid it.  When referring to patent
issues, let's call them "patent issues".
_______________________________________________
TLS mailing list
TLS@xxxxxxxx
https://www.ietf.org/mailman/listinfo/tls

Scanned by Check Point Total Security Gateway.


_______________________________________________
TLS mailing list
TLS@xxxxxxxx
https://www.ietf.org/mailman/listinfo/tls

Follow-Ups:
- Re: [TLS] Document Action: 'TLS Elliptic Curve Cipher Suites with
  - From: Richard M Stallman

References:
- Re: [TLS] Document Action: 'TLS Elliptic Curve Cipher Suites with
  - From: Martin Rex
- Re: [TLS] Document Action: 'TLS Elliptic Curve Cipher Suites with
  - From: Richard M Stallman

Prev by Date: Re: [TLS] Document Action: 'TLS Elliptic Curve Cipher Suites with
Next by Date: Re: [TLS] Document Action: 'TLS Elliptic Curve Cipher Suites with
Previous by thread: Re: [TLS] Document Action: 'TLS Elliptic Curve Cipher Suites with
Next by thread: Re: [TLS] Document Action: 'TLS Elliptic Curve Cipher Suites with
Index(es):
- Date
- Thread