Re: [TLS] Inclusion of OCB mode in TLS 1.3

Matt Caswell <frodo@baggins.org> Tue, 13 January 2015 18:13 UTC

Return-Path: <frodo@baggins.org>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 777CF1A9029 for <tls@ietfa.amsl.com>; Tue, 13 Jan 2015 10:13:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RUz4qI6bmOj3 for <tls@ietfa.amsl.com>; Tue, 13 Jan 2015 10:13:35 -0800 (PST)
Received: from ns3.dns-engine.com (ns3.dns-engine.com [87.106.189.53]) by ietfa.amsl.com (Postfix) with ESMTP id 6B9BD1A8FD7 for <tls@ietf.org>; Tue, 13 Jan 2015 10:13:35 -0800 (PST)
Received: from [192.168.2.64] (host86-154-35-48.range86-154.btcentralplus.com [86.154.35.48]) by ns3.dns-engine.com (Postfix) with ESMTPA id 808C31800730 for <tls@ietf.org>; Tue, 13 Jan 2015 18:13:33 +0000 (GMT)
Message-ID: <54B5604D.3050105@baggins.org>
Date: Tue, 13 Jan 2015 18:13:33 +0000
From: Matt Caswell <frodo@baggins.org>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.3.0
MIME-Version: 1.0
To: tls@ietf.org
References: <54B5501A.4070402@azet.org> <CABkgnnWoyDHndgARGLVv0PV3SDr-FCyq_PiiG=knKtz6fEbjXA@mail.gmail.com> <2A0EFB9C05D0164E98F19BB0AF3708C71D55AEC364@USMBX1.msg.corp.akamai.com>
In-Reply-To: <2A0EFB9C05D0164E98F19BB0AF3708C71D55AEC364@USMBX1.msg.corp.akamai.com>
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/1uZfiav3Z_d281T5k61AaHDEDng>
Subject: Re: [TLS] Inclusion of OCB mode in TLS 1.3
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Jan 2015 18:13:37 -0000


On 13/01/15 17:28, Salz, Rich wrote:
>> There are, of course, reasons why people would not want to accept a
>> proposal like that.  More cipher suites isn't strictly a good thing.
>> Of course, if OCB is demonstrably better in some fashion (speed, security,
>> whatever it happens to be), then that makes the case easier.
> 
> That "no military use" being particularly problematic.  Does anyone know if the IETF has other IPR grants with similar field-of-use limitations?

For the record, the "no military use" clause only applies to the generic
OSI licence. It was that restriction that prevented OCB's inclusion in
OpenSSL for some while. The OpenSSL implementation uses a different licence:
https://www.openssl.org/docs/misc/OCB-patent-grant-OpenSSL.pdf

This is not encumbered by the no military use restriction.

Matt