Ronald Tse <tse(_at_)ribose(_dot_)com> writes:
There have been previous mentions of patent concerns, but OCB is freely
licensed for open source tools and has been included in libraries like
OpenSSL and Botan.
It's a lot more problematic than that. While I support the OCB patent
holder's stand on a moral basis, the licensing unfortunately makes it
impossible to use for general software, which is a real shame because it's a
very nice crypto mechanism. Examples of some general-purpose uses of crypto
and how the license affects them:
Banking: No, because members of the military might be customers.
Email: No, because it might go to/come from a .mil address.
Ordering a pizza online: No, because it might be sent to a military base.
(Some of these are from actual legal analyses of the implications of using it,
not just me coming up with corner cases).
IDEA had the same problem, it was more or less OK to use in open-source type
software, but was still sufficiently problematic that it was removed from
OpenPGP. It's the same with OCB, the license terms require that you track
every single use and user of the software in order to verify that the use is
non-infringing. That makes it unusable for real-world purposes, i.e. where
commercial entities are involved.
Peter.
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp