Re: [TLS] Inclusion of OCB mode in TLS 1.3

"Blumenthal, Uri - 0558 - MITLL" <> Sun, 18 January 2015 19:07 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id A1FD71ACDED for <>; Sun, 18 Jan 2015 11:07:18 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -4.209
X-Spam-Status: No, score=-4.209 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, T_RP_MATCHES_RCVD=-0.01, UNPARSEABLE_RELAY=0.001] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id EsV1XYG_eRwl for <>; Sun, 18 Jan 2015 11:07:16 -0800 (PST)
Received: from (MX1.LL.MIT.EDU []) by (Postfix) with ESMTP id 4B92F1ACDE0 for <>; Sun, 18 Jan 2015 11:07:15 -0800 (PST)
Received: from ( by (unknown) with ESMTP id t0IJ6cwr001409; Sun, 18 Jan 2015 14:06:38 -0500
From: "Blumenthal, Uri - 0558 - MITLL" <>
To: "''" <>, "''" <>
Thread-Topic: [TLS] Inclusion of OCB mode in TLS 1.3
Thread-Index: AdAyzbELxXQ6KPqgoEiVNz85RavZKgAhDGGN
Date: Sun, 18 Jan 2015 19:06:38 +0000
Message-ID: <>
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en-US
x-originating-ip: []
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.13.68, 1.0.33, 0.0.0000 definitions=2015-01-18_03:2015-01-16,2015-01-18,1970-01-01 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 suspectscore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=7.0.1-1402240000 definitions=main-1501180205
Archived-At: <>
Cc: "''" <>
Subject: Re: [TLS] Inclusion of OCB mode in TLS 1.3
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sun, 18 Jan 2015 19:07:18 -0000

I like OCB, and in my opinion the current license that Phil granted is acceptable to *any* OpenSSL user (unless a lawyer would say that I'm wrong here and point at my mistake). 

I think OCB should be included in TLS 1.3, and hopefully/maybe "retrofitted" to 1.2.

Uri Blumenthal                            Voice: (781) 981-1638
Cyber Systems and Technology   Fax:   (781) 981-0186
MIT Lincoln Laboratory                Cell:  (339) 223-5363
244 Wood Street, Lexington, MA 02420-9185       

MIT LL Root CA:  <>

----- Original Message -----
From: Peter Gutmann []
Sent: Saturday, January 17, 2015 10:20 PM
To: <> <>
Subject: Re: [TLS] Inclusion of OCB mode in TLS 1.3

Phillip Rogaway <> writes:

>I suspect that most use-cases for TLS-with-OCB would already be covered by
>one of the prior patent-grants I've done.  But, for anything that might fall
>in a gap, the simplest thing, I suspect, is for me to do an "IETF Patent
>Disclosure and Licensing Declaration" specifying royalty-free licensing for
>use of OCB in compliance with a TLS-specifying RFC.  I'm happy to submit one
>of those.  I might need some help to identify what RFC number(s) to cite.

That would be great to have!  I've always liked OCB, but as an open-source
developer I don't have any control over how my code is used (beyond "you have
to make the source code available", "you need to include an acknowledgement in
your docs", or whatever the preferred license is), so I haven't been able to
use it until now.  Being allowed to use it for a TLS implementation without
further restrictions would be a great help.

TLS mailing list