Re: [TLS] Straw poll on TLS SRP status

To: Trevor Perrin <trevp at trevp.net>
Subject: Re: [TLS] Straw poll on TLS SRP status
From: "Steven M. Bellovin" <smb at cs.columbia.edu>
Date: Thu, 24 May 2007 15:58:42 -0400
Cc: tls at ietf.org
In-reply-to: <4655D534.2040709@trevp.net>
List-archive: <http://www1.ietf.org/pipermail/tls>
List-help: <mailto:tls-request@lists.ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-post: <mailto:tls@lists.ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
Organization: Columbia University
References: <B356D8F434D20B40A8CEDAEC305A1F24042BE8D1@esebe105.NOE.Nokia.com> <4655D534.2040709@trevp.net>

On Thu, 24 May 2007 11:11:00 -0700
Trevor Perrin <trevp at trevp.net> wrote:

>     - Dunno about Lucent EKE - AFAICT, their lawyers avoid making
> definite statements on principle (sigh).  But in the 9-year history
> of SRP they've never bothered anyone about it.  Also, the patent
> expires in 3 years, so it will be a moot point soon enough.
> 
Well, 4 years -- 20 years from the October 2, 1991 filing date, since
that's later than 17 years from the August 31, 1993 issue date.

Anyway -- you're never going to get a definitive "no" from Lucent.
There's absolutely no reason why they should bother -- if they say that
EKE doesn't apply to SRP, it gives them very little leverage to license
EKE.  If they say "yes", they have to do something about it, or no one
will take them seriously.  Besides, saying "yes" convincingly is a lot
of work; it would involve a fair amount of detailed study of the claims
in EKE and seeing how they match against what particular
implementations of SRP do.  This analysis includes understanding the
definitions in the (hard to understand) claims.  For example, claim 1
speaks of "forming an outgoing signal by encrypting at least a portion
of an excitation signal with a second symmetric key cryptosystem using
a key based on said authentication signal, said excitation signal being
based on a first signal, R.sub.A".  What is an "excitation signal"?
Coming up with suitable definitions is a major part of patent
litigation, and takes a significant amount of time and effort.  Why
should Lucent do that, if the FUD is working just as well?

Disclaimer: I'm one of the inventors of EKE.  But I haven't worked for
the patent owner since 1996, and back then they weren't interested in
my ideas about making it royalty-free for open source use, and charging
only for-profit users of the patent.  I have no idea if, when, to whom,
or how often Lucent has actually managed to license the patent.

		--Steve Bellovin, http://www.cs.columbia.edu/~smb

_______________________________________________
TLS mailing list
TLS at lists.ietf.org
https://www1.ietf.org/mailman/listinfo/tls

References:
- [TLS] Straw poll on TLS SRP status
  - From: Pasi.Eronen
- Re: [TLS] Straw poll on TLS SRP status
  - From: Trevor Perrin

Prev by Date: Re: [TLS] Straw poll on TLS SRP status
Next by Date: Re: [TLS] Straw poll on TLS SRP status
Previous by thread: Re: [TLS] Straw poll on TLS SRP status
Next by thread: Re: [TLS] Straw poll on TLS SRP status
Index(es):
- Date
- Thread

Re: [TLS] Straw poll on TLS SRP status

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.