[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Proposal for new DH Groups 6, 7, and 8

To: Dan Harkins <dharkins@network-alchemy.com>
Subject: Re: Proposal for new DH Groups 6, 7, and 8
From: "John Harleman" <jharleman@certicom.com>
Date: Mon, 7 Feb 2000 15:07:46 -0800
cc: ipsec@lists.tislabs.com, "Simon Blake-Wilson" <sblakewi@certicom.com>, "Prakash Panjwani" <ppanjwan@certicom.com>, "Yuri Poeluev" <ypoeluev@certicom.com>
Sender: owner-ipsec@lists.tislabs.com

Hi Dan:

>Also, section 4 of draft-ietf-ipsec-ike-ecc-groups-01.txt is troubling, at
>least for me. Why can't you define safe curves which don't require buying
>a license from Certicom? Or at least do what Entrust did with their PKIX
>patent (provide a world-wide, royalty-free license)?

To the best of my knowledge Certicom has stated many times that we do not have
IP with regards to specific curves, but to implementation techniques. So as I
understand it, regardless of what type of curve you implement, you are no more
or less likely to infringe on our IP. That said, doesn't it make sense to not
use vulnerable curves that NIST has identified as suspect and if so, why not use
the NIST ones? Certicom simply does not want to be put in the situation of
having to ship breakable crypto.

FYI, I am aware of at least two vendors who have implemented the NIST curves and
others who are examing them. Cheers - John

Prev by Date: RE: Proposal for new DH Groups 6, 7, and 8
Next by Date: I-D ACTION:draft-shacham-ippcp-rfc2393bis-04.txt
Prev by thread: RE: Proposal for new DH Groups 6, 7, and 8
Next by thread: Re: Proposal for new DH Groups 6, 7, and 8
Index(es):
- Main
- Thread