Re: [openpgp] Proposal to include AEAD OCB mode to 4880bis

Derek Atkins <> Wed, 01 November 2017 14:36 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id DF4BE13FC37 for <>; Wed, 1 Nov 2017 07:36:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.989
X-Spam-Status: No, score=-1.989 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, T_SPF_PERMERROR=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id TxB-SFBZzvsy for <>; Wed, 1 Nov 2017 07:36:34 -0700 (PDT)
Received: from (MAIL2.IHTFP.ORG []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 0420C13FC55 for <>; Wed, 1 Nov 2017 07:36:34 -0700 (PDT)
Received: from localhost (localhost []) by (Postfix) with ESMTP id 99418E2065; Wed, 1 Nov 2017 10:36:02 -0400 (EDT)
Received: from ([]) by localhost ( []) (amavisd-maia, port 10024) with ESMTP id 28258-09; Wed, 1 Nov 2017 10:36:00 -0400 (EDT)
Received: from (unknown [IPv6:fe80::530:248d:f760:bb62]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "", Issuer "IHTFP Consulting Certification Authority" (verified OK)) by (Postfix) with ESMTPS id 1BE65E2038; Wed, 1 Nov 2017 10:36:00 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=default; t=1509546960; bh=LVsjDEi+AAgH8KRUKhi9eStMQZqIUWXpKHpgzCvlXW0=; h=From:To:Cc:Subject:References:Date:In-Reply-To; b=JrQFOCMqXYCNVCTlc/0qmrJe70vwcvM9WtOHcNLRBPwNj8GB9/9RBkwmHh3B9gwZq LfDACWAbPs3WYM85oam7I7M4whs68xkS0JNnFUgX+MZDGlJE648JkcLh3sJIhpjlGs FFhrjRLyHEeNr0RSgVui4PMdGpIeEGFBe3WgurA0=
Received: (from warlord@localhost) by (8.15.2/8.15.2/Submit) id vA1EZxm5024807; Wed, 1 Nov 2017 10:35:59 -0400
From: Derek Atkins <>
To: "brian m. carlson" <>
Cc: Ronald Tse <>, "openpgp\" <>
References: <> <> <> <> <> <> <> <> <> <>
Date: Wed, 01 Nov 2017 10:35:59 -0400
In-Reply-To: <> (brian m. carlson's message of "Wed, 1 Nov 2017 00:26:28 +0000")
Message-ID: <>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.3 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Virus-Scanned: Maia Mailguard 1.0.2a
Archived-At: <>
Subject: Re: [openpgp] Proposal to include AEAD OCB mode to 4880bis
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 01 Nov 2017 14:36:37 -0000

"brian m. carlson" <> writes:

> On Tue, Oct 31, 2017 at 04:44:23PM +0100, Werner Koch wrote:
>> > I remain wholly opposed to including OCB in the OpenPGP specification,
>> Do you prefer that we put a "2 - reserved for OCB" into the specs and
>> have an I-D to specify the oue of OCB in OpenPGP?  This would make the
>> life for implementors and auditors harder.
> Yes, I would much prefer that we let OCB happen in a separate draft.
> Then all the patent problems occur in a separate specification that
> doesn't affect the core OpenPGP.

I don't think you understand the relationship between the specification
and IP.  Specifically, whether OCB is in the main spec or a secondard
spec does not affect any IP/patent "problems".  Put another way,
IP/patent "problems" occur for anyone who wants to implement OCB,
regardless of where it is specified.  However having it in the main
draft makes it easier to implement and audit, as Werner suggested.  The
more places you have to reference, the more likely you'll make a

Note that just because OCB is in the spec does not mean you must
implement it -- it's not going in as a MUST.  If you don't implement it,
then there is no IP/patent worry on your part.


       Derek Atkins                 617-623-3745   
       Computer and Internet Security Consultant