IETF Logo Mail Archive

Re: [Cfrg] New Version Notification for draft-whyte-select-pkc-qsh-00.txt

"Blumenthal, Uri - 0553 - MITLL" <uri@ll.mit.edu> Tue, 22 September 2015 13:39 UTC

Return-Path: <prvs=670795a046=uri@ll.mit.edu>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BD0721A854B for <cfrg@ietfa.amsl.com>; Tue, 22 Sep 2015 06:39:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.209
X-Spam-Level:
X-Spam-Status: No, score=-4.209 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, T_RP_MATCHES_RCVD=-0.01, UNPARSEABLE_RELAY=0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bNl32Klw6pUV for <cfrg@ietfa.amsl.com>; Tue, 22 Sep 2015 06:39:08 -0700 (PDT)
Received: from mx1.ll.mit.edu (MX1.LL.MIT.EDU [129.55.12.45]) by ietfa.amsl.com (Postfix) with ESMTP id 8C8B81A86FF for <cfrg@irtf.org>; Tue, 22 Sep 2015 06:38:58 -0700 (PDT)
Received: from LLE2K10-HUB02.mitll.ad.local (LLE2K10-HUB02.mitll.ad.local) by mx1.ll.mit.edu (unknown) with ESMTP id t8MDcq82012471; Tue, 22 Sep 2015 09:38:52 -0400
From: "Blumenthal, Uri - 0553 - MITLL" <uri@ll.mit.edu>
To: Simon Josefsson <simon@josefsson.org>, Peter Gutmann <pgut001@cs.auckland.ac.nz>
Thread-Topic: New Version Notification for draft-whyte-select-pkc-qsh-00.txt
Thread-Index: AQHQ9QwDvlduoNAqLkGv0P4PD+Aijp5I0QkA
Date: Tue, 22 Sep 2015 13:38:51 +0000
Message-ID: <20150922133900.17789008.7169.24365@ll.mit.edu>
References: <D225E3A1.1F4FD%uri@ll.mit.edu> <87k2rj4gjw.fsf@latte.josefsson.org> <9A043F3CF02CD34C8E74AC1594475C73F4B1953C@uxcn10-5.UoA.auckland.ac.nz> <8737y651nh.fsf@latte.josefsson.org>
In-Reply-To: <8737y651nh.fsf@latte.josefsson.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg="pgp-sha256"; boundary="===============0627365718=="
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.14.151, 1.0.33, 0.0.0000 definitions=2015-09-22_04:2015-09-22,2015-09-22,1970-01-01 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 suspectscore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=7.0.1-1508030000 definitions=main-1509220201
Archived-At: <http://mailarchive.ietf.org/arch/msg/cfrg/55C96jPCd0jj7IrR_VJE6L765BQ>
Cc: CFRG <cfrg@irtf.org>
Subject: Re: [Cfrg] New Version Notification for draft-whyte-select-pkc-qsh-00.txt
X-BeenThere: cfrg@mail.ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.mail.ietf.org>
List-Unsubscribe: <https://mail.ietf.org/mailman/options/cfrg>, <mailto:cfrg-request@mail.ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@mail.ietf.org>
List-Help: <mailto:cfrg-request@mail.ietf.org?subject=help>
List-Subscribe: <https://mail.ietf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@mail.ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 22 Sep 2015 13:39:09 -0000

Simon, I'm not sure I understand. 

For the sake of the argument, assume company A allows free use of their patented algorithm B in TLS. ‎OpenSSL project notifies A that it's about to include B in the codebase. In which case A can answer "Go ahead", "No way", or "Pay us". In the two latter cases, the algorithm simply won't end up included. Ideally, this exchange happens before the TLS WG standardizes/accepts B. 

Sent from my BlackBerry 10 smartphone on the Verizon Wireless 4G LTE network.
  Original Message  
From: Simon Josefsson
Sent: Tuesday, September 22, 2015 03:55
To: Peter Gutmann
Cc: Blumenthal, Uri - 0553 - MITLL; CFRG
Subject: Re: New Version Notification for draft-whyte-select-pkc-qsh-00.txt

Peter Gutmann <pgut001@cs.auckland.ac.nz> writes:

> Simon Josefsson <simon@josefsson.org> writes:
>
>>That is not consistent with my view or experience. If you publish a library
>>that implements a patented algorithm, and your library is popular enough to
>>attract attention from the patent holder, you will have a hard time.
>
> Only if you're using someone else's patented algorithm inappropriately. My
> code had IDEA (for PGP 2.x support) in it, I included Ascom Tech's patent
> statement in the docs as they requested giving the T&C under which it could be
> used, and sent them a courtesy note about it. I got a reply from them that
> said something like "thanks for the note, and all the best with your work". So
> provided you play by the rules (whether you agree with them or not), things
> should be OK.

They realized they couldn't charge you, and that having IDEA in your
product would allow them to charge others. Others ended up paying for
IDEA, or refused to work with it (like libgcrypt). This is what I refer
to by "having a hard time".

Going back to the original topic: I don't think what you are describing
is a workable approach for a general patent rule when considering which
algorithms to consider here.

/Simon

v2.23.0 | Report a Bug | By Email