Re: [secdir] [Cfrg] ISE seeks help with some crypto drafts
Aaron Zauner <azet@azet.org> Sat, 09 March 2019 15:25 UTC
Return-Path: <azet@azet.org>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ACA78127598 for <secdir@ietfa.amsl.com>; Sat, 9 Mar 2019 07:25:54 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=azet.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yMrtQtcs5Kv1 for <secdir@ietfa.amsl.com>; Sat, 9 Mar 2019 07:25:53 -0800 (PST)
Received: from mail-wr1-x443.google.com (mail-wr1-x443.google.com [IPv6:2a00:1450:4864:20::443]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5E16D12798C for <secdir@ietf.org>; Sat, 9 Mar 2019 07:25:51 -0800 (PST)
Received: by mail-wr1-x443.google.com with SMTP id d17so502142wre.10 for <secdir@ietf.org>; Sat, 09 Mar 2019 07:25:51 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=azet.org; s=gmail; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=CaMRmc0xmLAEyRqWJr2aEzuu1NWISA4CARC5CzYILN8=; b=GV5pobJr4SPfu1uyk0yJHkPCgAl53ROq7mFJeXx6L+WLZ53WOEqzYDewdB/YQxM0HR F+//IyzIzYmy57+P6y28umIctGpEYaOWVaUN7JWUioj9BvcflQxawl/HXs6VCjKygY5T l5droZo20G6HQfupgRv3dxZOc1q3WeiI4MSr8=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=CaMRmc0xmLAEyRqWJr2aEzuu1NWISA4CARC5CzYILN8=; b=LNBMFO8tzBw9YjxAUTxEYbXuTsMicyJ6xW9juACn67hXvKUgjjFEayvLgSa0iEoRJ+ DVrZL9+RvdKXjpJ9JUeI5+n7FhbRuCBSd8QsPfJfXsjbFnKRxbcxX+ICNDX3775AF98I 0IYO/7hZT42fqx5z/h6mNzlRh5LBF+zeWm0ot05R1NDpoC2kqRUOqnVpGQHnoajwoWRc RsFt10qP/H1TPzxwFWI5OtFr33etO4S0uezmYy3rPiDESPTk17rNR5AO3Lc6Dhu1yLYG HkbaD8PEWrvRFpobx+/n0WkCeFzpc57VnaFhbjei/tDF/rr8JOxngLa3ijbmSm4EiV29 FPVA==
X-Gm-Message-State: APjAAAUojcNdaDuC0fZsTz9aQhOJPk1u9o3x1I/9v/Xh5ckiw3ccRntq Z+ZkMDlaGHbU/nXSGOyW8Ps5vg==
X-Google-Smtp-Source: APXvYqzdvL8g1S1tpK+47SfZzL4mFIlis9Ma9AWBK0+9N5xl65gxPimR9UN6fx9VXJjQex+00A7wcQ==
X-Received: by 2002:adf:e304:: with SMTP id b4mr15195320wrj.123.1552145149705; Sat, 09 Mar 2019 07:25:49 -0800 (PST)
Received: from aarons-macbook.lan ([62.178.33.149]) by smtp.gmail.com with ESMTPSA id q5sm784883wrn.43.2019.03.09.07.25.48 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sat, 09 Mar 2019 07:25:49 -0800 (PST)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 12.2 \(3445.102.3\))
From: Aaron Zauner <azet@azet.org>
In-Reply-To: <768D0A7A-F365-4748-B3E2-06824715BC1F@cisco.com>
Date: Sat, 09 Mar 2019 16:25:47 +0100
Cc: Tony Arcieri <bascule@gmail.com>, "sec-ads@ietf.org" <sec-ads@ietf.org>, "secdir@ietf.org" <secdir@ietf.org>, "cfrg@irtf.org" <cfrg@irtf.org>, "rfc-ise@rfc-editor.org" <rfc-ise@rfc-editor.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <471653B0-C734-4C5F-905C-682646FE6387@azet.org>
References: <1d8de489fc976b63a911573300a431d4.squirrel@www.amsl.com> <EDCE0340-E79A-4464-B4A6-F539C694601C@akamai.com> <B536DE62-B202-4484-91AE-DDF7C3DD9503@gmail.com> <F5A25573-D7B5-4F0A-AE7A-7ACF9D613C9C@ericsson.com> <CAHOTMVJSazerng82T7LGZqQ9H5ODrLOacKKYMXrqGYJ42sDm+A@mail.gmail.com> <38FEBE5B-B60E-49DD-B048-A8A08EBF7FB4@azet.org> <768D0A7A-F365-4748-B3E2-06824715BC1F@cisco.com>
To: mcgrew <mcgrew@cisco.com>
X-Mailer: Apple Mail (2.3445.102.3)
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/FMKBHQz1R78t2VlQQxIY1YB6OH8>
Subject: Re: [secdir] [Cfrg] ISE seeks help with some crypto drafts
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 09 Mar 2019 15:25:55 -0000
Hi David, > On 09.03.2019, at 14:25, mcgrew <mcgrew@cisco.com> wrote: > > Hi Aaron, > > The IPR statements for your draft seem to only cover the use of OCB in TLS, and not its use outside that context. I am not a lawyer, but that is how I would understand the phrase “a royalty-free non-exclusive license to all claims of the referenced patents needed to realize a fully compliant implementation of TLS (Transport Layer Security) supporting AES-OCB (RFC 7253)”. This point might not matter to the implementers of your draft, but it might matter a lot to other people. That’s correct. My bad, the initial text was supposed to say "general IPR exemption for OCB(3) in TLS for IETF”. I wrote & edited that mail right after getting up and must have removed that editing this message and moving sentences around in an attempt to make it more coherent :) > > For anyone researching the IPR status of RFC 7253, please note that Phil submitted several IPR statements IPR statements related to (the draft version of) that specification, which can be found with this search: https://datatracker.ietf.org/ipr/search/?draft=&rfc=7253&submit=rfc&doctitle=&group=&holder=&iprtitle=&patent= Yes, you can find all of Rogaway’s IPR claims pertaining IETF documents via: https://datatracker.ietf.org/ipr/search/?draft=&rfc=&doctitle=&group=&holder=Phillip+Rogaway&submit=holder&iprtitle=&patent= > Aaron, let me also take the time to thank you for working with the patent holders to get the IPR statements issued for your draft (and thanks are due to the patent holders as well). It was quite an interesting experience and I hope that writing it up can serve others in the future. My impression is that it’s not difficult to get an IPR exemption if the people behind the original work are intrested in it being used. I think Rogaway had just the best intentions at heart with the original licensing, but may have missed that it’ll cause issues with standardization processes in the future/real world that may have an adverse impact on the use of OCB3. He’s granted free licenses to Open-source implementations and other projects and organizations since. OCB3 (and my draft) were also implemented in various libraries, among them OpenSSL (C), Botan (C++) and BouncyCastle (Java). Back when they optimized it OCB even beat GCM w.r.t. performance in OpenSSL on Haswell Intel x86_64 processors and has since kept up pretty well consindering AESNI is aimed at GCM/GHASH (see head comment on performance in https://github.com/openssl/openssl/blob/master/crypto/aes/asm/aesni-x86_64.pl) ``` *) Added support for OCB mode. OpenSSL has been granted a patent license compatible with the OpenSSL license for use of OCB. Details are available at https://www.openssl.org/source/OCB-patent-grant-OpenSSL.pdf. Support for OCB can be removed by calling config with no-ocb. [Matt Caswell] ``` — https://www.openssl.org/news/cl111.txt (in "Changes between 1.0.2h and 1.1.0 [25 Aug 2016]”) Aaron
- [secdir] ISE seeks help with some crypto drafts RFC ISE (Adrian Farrel)
- Re: [secdir] ISE seeks help with some crypto draf… Paul Wouters
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Salz, Rich
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… David Wong
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Tony Arcieri
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Blumenthal, Uri - 0553 - MITLL
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Stephen Farrell
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Tony Arcieri
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… John Mattsson
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Tony Arcieri
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Aaron Zauner
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Aaron Zauner
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Aaron Zauner
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… mcgrew
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Aaron Zauner
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Tony Arcieri
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Ted Krovetz
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Paul Hoffman
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Tony Arcieri
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Blumenthal, Uri - 0553 - MITLL
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Paul Wouters
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Watson Ladd
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Blumenthal, Uri - 0553 - MITLL
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Paul Wouters
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Paul Hoffman
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… S Moonesamy
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Benjamin Kaduk
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Uri Blumenthal
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Ted Krovetz
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Benjamin Kaduk
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Tony Arcieri
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Uri Blumenthal
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Stephen Farrell
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Blumenthal, Uri - 0553 - MITLL
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Tony Arcieri
- [secdir] Time to recharter CFRG as a working grou… StJohns, Michael
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Tony Arcieri
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Blumenthal, Uri - 0553 - MITLL
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Peter Gutmann
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Salz, Rich
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Salz, Rich
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… John Mattsson
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Valery Smyslov
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Mathy Vanhoef
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Michael StJohns
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Richard Barnes
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Salz, Rich
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Stephen Farrell
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Michael StJohns
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… denis bider
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Blumenthal, Uri - 0553 - MITLL
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Richard Barnes
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Daniel Kahn Gillmor
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Michael StJohns
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Paterson Kenneth
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Paul Wouters
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Uri Blumenthal
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Tony Arcieri
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Tony Arcieri
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Paterson Kenneth
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… denis bider
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Watson Ladd
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Melinda Shore
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Uri Blumenthal
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… denis bider
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Peter Gutmann
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Melinda Shore
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… mcgrew
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… denis bider
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Watson Ladd
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Paul Wouters
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Donald Eastlake
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Michael StJohns
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Peter Gutmann
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… mcgrew
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Tero Kivinen
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Peter Gutmann
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Tero Kivinen
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Peter Gutmann
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… StJohns, Michael
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Stephen Farrell
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Blumenthal, Uri - 0553 - MITLL
- Re: [secdir] ISE seeks help with some crypto draf… Eric Rescorla
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Blumenthal, Uri - 0553 - MITLL
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Eric Rescorla
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… mcgrew
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Blumenthal, Uri - 0553 - MITLL
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… mcgrew
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Ted Krovetz
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Benjamin Kaduk