Re: [TLS] Inclusion of OCB mode in TLS 1.3
Jacob Appelbaum <jacob@appelbaum.net> Wed, 14 January 2015 01:01 UTC
Return-Path: <jacob@appelbaum.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 699531ACD46 for <tls@ietfa.amsl.com>; Tue, 13 Jan 2015 17:01:29 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.978
X-Spam-Level:
X-Spam-Status: No, score=-1.978 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9e97NAPRO-JP for <tls@ietfa.amsl.com>; Tue, 13 Jan 2015 17:01:27 -0800 (PST)
Received: from mail-qc0-f179.google.com (mail-qc0-f179.google.com [209.85.216.179]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6445C1ACE20 for <tls@ietf.org>; Tue, 13 Jan 2015 17:01:27 -0800 (PST)
Received: by mail-qc0-f179.google.com with SMTP id c9so5162303qcz.10 for <tls@ietf.org>; Tue, 13 Jan 2015 17:01:26 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=Tpco4GxK8hL32nKde00q+gmziqfCAPXqqZSYnw7bgYM=; b=OfxWfAsfU5k9wiIdVwGVQfz1d7kH26cOy5A2zMoYgTBnBGV+qACvyOWxgjSaoxl34P yriTN4kzgPzoQ5EnhyEyDwYxDHQqp3LGMuoJuNI49OyCyTqYyIpIsRkqbSOI4e9VR+Jb XgPSlz92V0A6nqEzo1ixQznAm7tFZwcOxQ6wkOnL1W2qvudWS/jPXdEJReZwDcdr+tFK 5Zz8UNnsjLAVsKTO3fXEZXhG73cr9EG2DFmmRwAIWpeyEUecHhHoY1O+TNs1LGtJK+Pp tg6t6sw4EUSurQPrlOCgLqgvEyWaQjpV37b5QGysdKX1bZjr+GQiFbv9GT8rZS5hVHGx xQjg==
X-Gm-Message-State: ALoCoQkaOx5CzaaLiPBPFkNarAkx0JoOWnUbsN65+NpSjHwxCPiC9hGsqZT1xvkHDmcr7vpJWKXd
MIME-Version: 1.0
X-Received: by 10.224.137.2 with SMTP id u2mr2507626qat.70.1421197286713; Tue, 13 Jan 2015 17:01:26 -0800 (PST)
Received: by 10.140.89.241 with HTTP; Tue, 13 Jan 2015 17:01:26 -0800 (PST)
X-Originating-IP: [178.16.220.162]
In-Reply-To: <2A0EFB9C05D0164E98F19BB0AF3708C71D55AEC364@USMBX1.msg.corp.akamai.com>
References: <54B5501A.4070402@azet.org> <CABkgnnWoyDHndgARGLVv0PV3SDr-FCyq_PiiG=knKtz6fEbjXA@mail.gmail.com> <2A0EFB9C05D0164E98F19BB0AF3708C71D55AEC364@USMBX1.msg.corp.akamai.com>
Date: Wed, 14 Jan 2015 01:01:26 +0000
Message-ID: <CAFggDF36OUq=aOxd6QVKCDaBjkauJAx1gMAspzo31R45q_DXBg@mail.gmail.com>
From: Jacob Appelbaum <jacob@appelbaum.net>
To: "Salz, Rich" <rsalz@akamai.com>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/a_KcI2Luyhb2FRRm8vNS0ftH-ic>
Cc: TLS Mailing List <tls@ietf.org>
Subject: Re: [TLS] Inclusion of OCB mode in TLS 1.3
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Jan 2015 01:01:29 -0000
On 1/13/15, Salz, Rich <rsalz@akamai.com> wrote: >> There are, of course, reasons why people would not want to accept a >> proposal like that. More cipher suites isn't strictly a good thing. >> Of course, if OCB is demonstrably better in some fashion (speed, >> security, >> whatever it happens to be), then that makes the case easier. > > That "no military use" being particularly problematic. Does anyone know if > the IETF has other IPR grants with similar field-of-use limitations? > I don't see it as problematic at all. It is his right and also his responsibility. I think it is fantastic that Phil Rogaway is aware of his power and uses it. It sounds like he willing to talk about it too. This discussion even comes up because of that reasonable use of power. The concern trolling and endorsement of the military is much more problematic, frankly. Especially since we know that they run people as part of the BULLRUN[0] programs to influence standards bodies - such as the IETF specifically! Hopefully OCB will be included in TLS 1.3 without a separate RFC. It seems like Phil's page has specific licenses that are very reasonable[1]: "That said, I have freely licensed any IP I own over a very large space: there is one license grant for open-source software; one for non-military software; and a third done just for OpenSSL. All the best, Jacob [0] https://en.wikipedia.org/wiki/Bullrun_(decryption_program) [1] http://web.cs.ucdavis.edu/~rogaway/ocb/ocb-faq.htm#patent:phil
- [TLS] Inclusion of OCB mode in TLS 1.3 Aaron Zauner
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Martin Thomson
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Salz, Rich
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Aaron Zauner
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Aaron Zauner
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Russ Housley
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Aaron Zauner
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Watson Ladd
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Matt Caswell
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Matt Caswell
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Salz, Rich
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Aaron Zauner
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Matt Caswell
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Aaron Zauner
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Paul Lambert
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Stephen Farrell
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Viktor Dukhovni
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Blumenthal, Uri - 0558 - MITLL
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Brian Smith
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Jacob Appelbaum
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Joachim Strömbergson
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Aaron Zauner
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Aaron Zauner
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Salz, Rich
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Aaron Zauner
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Nikos Mavrogiannopoulos
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Aaron Zauner
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Nikos Mavrogiannopoulos
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Aaron Zauner
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Eric Rescorla
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Aaron Zauner
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Aaron Zauner
- [TLS] Inclusion of OCB mode in TLS 1.3 Phillip Rogaway
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Manuel Pégourié-Gonnard
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Aaron Zauner
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Peter Gutmann
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Blumenthal, Uri - 0558 - MITLL
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Alex Elsayed
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Aaron Zauner
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Nikos Mavrogiannopoulos
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Nikos Mavrogiannopoulos
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Aaron Zauner
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Aaron Zauner
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Nikos Mavrogiannopoulos
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Jack Lloyd
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Aaron Zauner
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Aaron Zauner
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Martin Thomson
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Aaron Zauner
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Martin Thomson
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Aaron Zauner
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Aaron Zauner
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Eric Rescorla
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Salz, Rich
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Watson Ladd
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Salz, Rich
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Nico Williams
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Henrik Grubbström
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Nico Williams
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Nico Williams
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Aaron Zauner
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Salz, Rich
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Nico Williams
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Dmitry Belyavsky
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Aaron Zauner
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Jack Lloyd
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Aaron Zauner
- [TLS] GOST in TLS (Re: Inclusion of OCB mode in T… Martin Rex
- Re: [TLS] GOST in TLS (Re: Inclusion of OCB mode … Dmitry Belyavsky
- Re: [TLS] GOST in TLS (Re: Inclusion of OCB mode … Martin Rex
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Peter Gutmann
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Nikos Mavrogiannopoulos
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Aaron Zauner
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Aaron Zauner
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Nikos Mavrogiannopoulos
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Aaron Zauner
- [TLS] PSK [was: Re: Inclusion of OCB mode in TLS … Daniel Kahn Gillmor
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Peter Gutmann
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Jack Lloyd
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Aaron Zauner
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Aaron Zauner
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Peter Gutmann
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Jack Lloyd
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Roland Zink
- Re: [TLS] Inclusion of OCB mode in TLS 1.3 Aaron Zauner