RE: [Cfrg] Defining inter operable ECC keys in for IETF protocols

[pgut001 at cs.auckland.ac.nz (Peter Gutmann)]

"Blumenthal, Uri" <uri.blumenthal at intel.com> writes:

>I would MUCH prefer ECC - but my lawyers (yuk!) are telling me that there are
>licensing problems, and supposed NSA contacts don't call them back.
>
>Anybody knows anything useful about licensing of ECC GF(p), that he can share
>with me?

Certicom have done such a good job of creating FUD about ECC legal issues
that, unless you're a Certicom licensee, it's easier to not use it at all.  So
far every time I've been asked about ECC support (which admittedly is once a
blue moon anyway), I've asked the organisation who want it to come back to me
with either proof of a Certicom license or a clear statement of which non-
infringing mechanisms they want me to implement.  In every case, after looking
at what's involved, they've decided they didn't need ECC that much anyway.
It's like the conclusion from Wargames, the only way to win is not to play.

Peter.

_______________________________________________
Cfrg mailing list
Cfrg at ietf.org
https://www1.ietf.org/mailman/listinfo/cfrg