Re: [Cfrg] RG Last Call - draft-irtf-cfrg-ocb-00

"Blumenthal, Uri - 0558 - MITLL" <uri@ll.mit.edu> Mon, 11 February 2013 16:33 UTC

Return-Path: <prvs=57544381d1=uri@ll.mit.edu>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 20B1621F885E for <cfrg@ietfa.amsl.com>; Mon, 11 Feb 2013 08:33:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.465
X-Spam-Level:
X-Spam-Status: No, score=-5.465 tagged_above=-999 required=5 tests=[AWL=0.335, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, SARE_SUB_RAND_LETTRS4=0.799, UNPARSEABLE_RELAY=0.001]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LC7s1eUVo75K for <cfrg@ietfa.amsl.com>; Mon, 11 Feb 2013 08:33:09 -0800 (PST)
Received: from mx2.ll.mit.edu (MX2.LL.MIT.EDU [129.55.12.46]) by ietfa.amsl.com (Postfix) with ESMTP id D15FB21F8848 for <cfrg@irtf.org>; Mon, 11 Feb 2013 08:33:08 -0800 (PST)
Received: from LLE2K7-HUB01.mitll.ad.local (LLE2K7-HUB01.mitll.ad.local) by mx2.ll.mit.edu (unknown) with ESMTP id r1BGX7I3002251; Mon, 11 Feb 2013 11:33:07 -0500
From: "Blumenthal, Uri - 0558 - MITLL" <uri@ll.mit.edu>
To: Ted Krovetz <ted@krovetz.net>, "cfrg@irtf.org" <cfrg@irtf.org>
Date: Mon, 11 Feb 2013 11:33:04 -0500
Thread-Topic: [Cfrg] RG Last Call - draft-irtf-cfrg-ocb-00
Thread-Index: Ac4IdXirkvua2ON9Qo2Ib2SXT2qK2Q==
Message-ID: <CD3E8671.EBD1%uri@ll.mit.edu>
In-Reply-To: <7B8030E4-6716-428D-8573-6B725FFCFB27@krovetz.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.2.5.121010
acceptlanguage: en-US
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha1; boundary="B_3443427184_1167190"
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.9.8327, 1.0.431, 0.0.0000 definitions=2013-02-11_03:2013-02-11, 2013-02-11, 1970-01-01 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 ipscore=0 suspectscore=8 phishscore=0 bulkscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=6.0.2-1211240000 definitions=main-1302110144
Subject: Re: [Cfrg] RG Last Call - draft-irtf-cfrg-ocb-00
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 11 Feb 2013 16:33:14 -0000

On 2/11/13 11:20 , "Ted Krovetz" <ted@krovetz.net> wrote:


>> "No Discrimination Against Fields of Endeavor"
>
>License 1 has no such restriction. Only License 2 does. Since you are
>free to choose which license you wish to abide by, I don't see any reason
>you couldn't use OCB under License 1 in your work.

I'd still like to see clarifications (answers to my example questions)
regarding License 1. To make it easier to track, here it is:

Let's consider (an updated) hypothetical case: company A adds an OCB
implementation
to OpenSSL (or Crypto++). Company X then uses that library/package in their
proprietary "SuperComm" software that they subsequently sell to Department
of Defense and to Department of Energy.

First - are they even allowed to to that under this license?

Second - how much of the source code do they have to make available to
satisfy the terms of "License 1"? Just the OCB code? The entire OpenSSL or
Crypto++? The entire "SuperComm" source?


Third - if there's a violation of the license terms in the above example,
which entity is considered responsible?