IETF Logo Mail Archive

Re: [Cfrg] Fwd: New Version Notification for draft-whyte-select-pkc-qsh-00.txt

Stephen Farrell <stephen.farrell@cs.tcd.ie> Mon, 21 September 2015 12:50 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9CF0C1B3169 for <cfrg@ietfa.amsl.com>; Mon, 21 Sep 2015 05:50:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.311
X-Spam-Level:
X-Spam-Status: No, score=-4.311 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id p45tV40vndsG for <cfrg@ietfa.amsl.com>; Mon, 21 Sep 2015 05:50:12 -0700 (PDT)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A42881B3168 for <cfrg@irtf.org>; Mon, 21 Sep 2015 05:50:12 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id C453DBE3E; Mon, 21 Sep 2015 13:50:10 +0100 (IST)
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8NrxuYcGLov7; Mon, 21 Sep 2015 13:50:10 +0100 (IST)
Received: from [134.226.36.180] (stephen-think.dsg.cs.tcd.ie [134.226.36.180]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id A1B71BE49; Mon, 21 Sep 2015 13:50:07 +0100 (IST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1442839810; bh=55a3Gu1eqrDcIPCesO7qPpSCFlM2I7tL5h2LeBRPIXs=; h=Subject:To:References:From:Date:In-Reply-To:From; b=EfUDzz9MMYB4ZZWCtG8wgA4OUo0jZ95sy/51k5Tm6K0bWsiZB/C7Pj+JZhzmpK192 dRuCY/CXOQrbiSoNng3Ywd/EDxQ0bDLDBfXpdv1zhEUq3z5JGWCYeNrIeEOc6XIU5K zugzpE4Jn1yCOBlLqsTaCT+09N6VIyS4N9wFla9E=
To: William Whyte <wwhyte@securityinnovation.com>, CFRG <cfrg@irtf.org>
References: <20150921024203.25496.60357.idtracker@ietfa.amsl.com> <CACz1E9pBAx1OROWoAJdoTViat48SE6UYcR+=E-Ejn_wBjhnZSQ@mail.gmail.com>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Openpgp: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url=
X-Enigmail-Draft-Status: N1110
Message-ID: <55FFFCFF.3060206@cs.tcd.ie>
Date: Mon, 21 Sep 2015 13:50:07 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.2.0
MIME-Version: 1.0
In-Reply-To: <CACz1E9pBAx1OROWoAJdoTViat48SE6UYcR+=E-Ejn_wBjhnZSQ@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/cfrg/srffQwspg2PyXVz1QYlVMqMcWLM>
Subject: Re: [Cfrg] Fwd: New Version Notification for draft-whyte-select-pkc-qsh-00.txt
X-BeenThere: cfrg@mail.ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.mail.ietf.org>
List-Unsubscribe: <https://mail.ietf.org/mailman/options/cfrg>, <mailto:cfrg-request@mail.ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@mail.ietf.org>
List-Help: <mailto:cfrg-request@mail.ietf.org?subject=help>
List-Subscribe: <https://mail.ietf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@mail.ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 21 Sep 2015 12:50:14 -0000

Hi William,

On 21/09/15 03:52, William Whyte wrote:
>    The candidate algorithm MAY be either non-patented or patented but
>    with FRAND (Free or Reasonable and Non-Discriminatory) licensing
>    statement made and all relevant IETF IP declarations provided.

That's a good statement of a what I figure may be a formally
acceptable (if novel) IPR condition. However,...

In the real world, I would confidently predict that any algorithm
that is in practice encumbered will not be widely deployed. I think
we've seen plenty of evidence for that opinion.

My personal conclusion from all of that is that anyone spending time
here on developing or reviewing proposals that involve encumbered
crypto algorithms is simply wasting that time. I do get that others
can validly have different opinions on that, but wearing an IETF hat,
I'd argue that this RG is far more useful the more it deals with
what might get widespread deployment at "Internet scale" (or some
such phrasing).

So, I'd suggest instead to adopt the IPR goals that this RG set for
itself when considering new curves. IIRC, that boils down to saying
that only things believed to be in practice unencumbered should ever
be considered in any detail.

One could also perhaps add a condition that only things with IPR
declarations likely to be acceptable by today's most common open-source
crypto libraries should be considered.

Cheers,
S.

PS: Note that I'm not arguing the pros and cons of patenting algorithms
above - if someone has some patent there is nothing to stop them from
making their algorithm freely usable. (Hence the "in practice" phrase
above.)

v2.23.0 | Report a Bug | By Email