ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: [ietf-dkim] agenda item on upgrading hash algorithms?

2006-02-23 11:42:11
from [Hallam-Baker, Phillip] [Permanent Link] 
The point I was making here is that we do not need CertiCom to do ECC.

Certicom have a number of patents relating to ECC, the earliest of which
was filed in 1997. Practical means of performing ECC were published in
1985.




-----Original Message-----
From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org 
[mailto:ietf-dkim-bounces(_at_)mipassoc(_dot_)org] On Behalf Of Scott 
Kitterman
Sent: Thursday, February 23, 2006 12:59 PM
To: ietf-dkim(_at_)mipassoc(_dot_)org
Subject: Re: [ietf-dkim] agenda item on upgrading hash algorithms?

On 02/23/2006 12:16, Douglas Otis wrote:

On Feb 22, 2006, at 7:52 PM, Douglas Otis wrote:

On Feb 22, 2006, at 6:47 PM, Hallam-Baker, Phillip wrote:

In rebuttal to Doug's point about not depending on the DNS 
supporting longer key sizes, an ECDSA key that gives equivalent 
strength to a 128 bit symmetric cipher is 256 bits with point 
compression and 512 bits without. An equivalent ECDSA 

signature is

512 bits in either case. The comparable key size for RSA is 3072 
bits for key and signature.


This looks great, but at what price?  From what other companies 
beyond Certicom Inc. would licenses need to be obtained 

in order to 

support the EC algorithm?  Is there any information with 

respect to 

existing terms?


As a follow-on:

Certicom may grant royalty free licenses in some cases.

http://www.certicom.com/download/aid-545/IETF.pdf

http://www1.ietf.org/ietf/IPR/IETF-2006Jan26-Certicom-IPR.pdf

http://www.ietf.org/ietf/IPR/certicom-ipr-rfc3526-rfc2409-ikev2.txt

http://www.ietf.org/ietf/IPR/CERTICOM-SMIME
http://www.ietf.org/ietf/IPR/certicom_smime_license.pdf

http://www.ietf.org/ietf/IPR/CERTICOM-IPSEC-ECC

http://www.ietf.org/ietf/IPR/CERTICOM-ECDSA


One of the points that DKIM currently has in its favor is 
that it can be implemented in all major MTAs without 
conflicting with the existing licensing of those programs 
(both proprietary and open, including GPL).  

I think that if DKIM were to be dependent on crypto 
technology with more restrictive licensing terms, it would 
represent a substantial impediment to adoption.  IANAL, so I 
have no idea if the representations above would present a 
problem or not, but I do think that we should understand the 
impacts of these patents on the ability of DKIM to be 
implemented everywhere before we proceed to far towards a 
solution with additional licensing considerations.

Scott K
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html




_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-dkim] agenda item on upgrading hash algorithms?, Scott Kitterman
Next by Date:  Re: [ietf-dkim] agenda item on upgrading hash algorithms?, Douglas Otis
Previous by Thread:  Re: [ietf-dkim] agenda item on upgrading hash algorithms?, Scott Kitterman
Next by Thread:  Re: [ietf-dkim] agenda item on upgrading hash algorithms?, Douglas Otis
Indexes:  [Date] [Thread] [Top] [All Lists]