Re: [TLS] Inclusion of OCB mode in TLS 1.3

Peter Gutmann <pgut001@cs.auckland.ac.nz> Sun, 18 January 2015 03:20 UTC

Return-Path: <pgut001@cs.auckland.ac.nz>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 930651ACE6E for <tls@ietfa.amsl.com>; Sat, 17 Jan 2015 19:20:30 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.21
X-Spam-Level:
X-Spam-Status: No, score=-4.21 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_MED=-2.3, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Bq7_91WJ17hj for <tls@ietfa.amsl.com>; Sat, 17 Jan 2015 19:20:28 -0800 (PST)
Received: from mx2.auckland.ac.nz (mx2.auckland.ac.nz [130.216.125.245]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2F23E1ACE73 for <tls@ietf.org>; Sat, 17 Jan 2015 19:20:28 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=auckland.ac.nz; i=@auckland.ac.nz; q=dns/txt; s=uoa; t=1421551228; x=1453087228; h=from:to:subject:date:message-id: content-transfer-encoding:mime-version; bh=G6fpCksdKEFPzJm92rNM10ScetrGpt/9Ya1jSNGxGFU=; b=PPD82LPxoDNllNzK0ql4ohRm/6n/HJOou7iaOznNVKY6uzep1Dx2gfZ7 jwGJWfArc3zx5QUo4YjbukBmwvBuKCbHAva6SGvm3OpE44F5eBNG/1nPk bSywcnRkHmLyKC0Id2crURm/gm1zX3e25z5YSvYYnxUgqjD5fXR2zHVcx 8=;
X-IronPort-AV: E=Sophos;i="5.04,630,1406548800"; d="scan'208";a="301952785"
X-Ironport-HAT: MAIL-SERVERS - $RELAYED
X-Ironport-Source: 130.216.4.125 - Outgoing - Outgoing
Received: from uxchange10-fe3.uoa.auckland.ac.nz ([130.216.4.125]) by mx2-int.auckland.ac.nz with ESMTP/TLS/AES256-SHA; 18 Jan 2015 16:20:22 +1300
Received: from UXCN10-TDC05.UoA.auckland.ac.nz ([169.254.9.148]) by uxchange10-fe3.UoA.auckland.ac.nz ([169.254.143.234]) with mapi id 14.03.0174.001; Sun, 18 Jan 2015 16:20:22 +1300
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: "<tls@ietf.org>" <tls@ietf.org>
Thread-Topic: [TLS] Inclusion of OCB mode in TLS 1.3
Thread-Index: AdAyzbELWoWAOy+tSTOVpMKJ9RZ1Sg==
Date: Sun, 18 Jan 2015 03:20:21 +0000
Message-ID: <9A043F3CF02CD34C8E74AC1594475C73AAF5D4FB@uxcn10-tdc05.UoA.auckland.ac.nz>
Accept-Language: en-NZ, en-GB, en-US
Content-Language: en-NZ
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [130.216.158.4]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/lFZWkOoaxcihuWCVqzCbbiyKe2g>
Subject: Re: [TLS] Inclusion of OCB mode in TLS 1.3
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 18 Jan 2015 03:20:30 -0000

Phillip Rogaway <rogaway@cs.ucdavis.edu> writes:

>I suspect that most use-cases for TLS-with-OCB would already be covered by
>one of the prior patent-grants I've done.  But, for anything that might fall
>in a gap, the simplest thing, I suspect, is for me to do an "IETF Patent
>Disclosure and Licensing Declaration" specifying royalty-free licensing for
>use of OCB in compliance with a TLS-specifying RFC.  I'm happy to submit one
>of those.  I might need some help to identify what RFC number(s) to cite.

That would be great to have!  I've always liked OCB, but as an open-source
developer I don't have any control over how my code is used (beyond "you have
to make the source code available", "you need to include an acknowledgement in
your docs", or whatever the preferred license is), so I haven't been able to
use it until now.  Being allowed to use it for a TLS implementation without
further restrictions would be a great help.

Peter.