Re: [TLS] Last Call: draft-ietf-tls-extractor (Keying Material Exporters for Transport Layer Security (TLS)) to Proposed Standard

[Dean Anderson <dean at av8.com>]

Hi Douglas,

OpenSSL has implemented patented technology before, and distributed it
without license but with statement that it contained patented technology
that users weren't licenced to use.  While challenging the law can
sometimes be a good thing and no criticism of OpenSSL project is
intended, their actions do not improve our licensing options.  For many
years, I had to purchase Stronghold--a licensed version of OpenSSL.  

However easy these patented standards are to implement, they remain
patented.  And we continue to have the right in the IETF process to
demand other, non-patented alternatives, and reject those standards that
don't have suitable licensing terms.  RFC3979 requires the WG to
consider non-patented alternatives, and that didn't happen.

		--Dean

On Tue, 21 Jul 2009, Douglas Stebila wrote:

> I have implemented draft-ietf-tls-extractor-06 in the TLS v1.0  
> implementation in OpenSSL.  I found the draft easy to implement with  
> no ambiguities or concerns.  I believe that the functionality provided  
> by the draft will be extremely valuable for building application-level  
> security protocols and encourage its standardization.
> 
> It is my interpretation of the draft that it can be implemented in any  
> version of TLS, not just TLS v1.2.  Obviously the derived key may be  
> different if the underlying TLS PRF is defined differently (as it is  
> for TLS v1.2), but the draft is still well-defined for previous  
> versions of TLS.
> 
> For those interested in the OpenSSL implementation, I have posted a  
> page on my website with the patch.
> 	http://www.douglas.stebila.ca/code/keying-material-exporters/
> In addition to a patch for OpenSSL, I have also done patches to Apache  
> and PHP to expose a PHP function that allows a PHP application to  
> derive keying material from the underlying TLS connection according to  
> the draft specification.
> 
> Douglas
> 
> On 2009-Jul-21, at 2:48 AM, The IESG wrote:
> 
> > The IESG has received a request from the Transport Layer Security WG
> > (tls) to consider the following document:
> >
> > - 'Keying Material Exporters for Transport Layer Security (TLS) '
> >   <draft-ietf-tls-extractor-06.txt> as a Proposed Standard
> >
> > The IESG plans to make a decision in the next few weeks, and solicits
> > final comments on this action.  Please send substantive comments to  
> > the
> > ietf at ietf.org mailing lists by 2009-08-10. Exceptionally,
> > comments may be sent to iesg at ietf.org instead. In either case, please
> > retain the beginning of the Subject line to allow automated sorting.
> >
> > The file can be obtained via
> > http://www.ietf.org/internet-drafts/draft-ietf-tls-extractor-06.txt
> >
> >
> > IESG discussion can be tracked via
> > https://datatracker.ietf.org/public/pidtracker.cgi?command=view_id&dTag=16821&rfc_flag=0
> >
> > _______________________________________________
> > TLS mailing list
> > TLS at ietf.org
> > https://www.ietf.org/mailman/listinfo/tls
> 
> _______________________________________________
> TLS mailing list
> TLS at ietf.org
> https://www.ietf.org/mailman/listinfo/tls
> 
> 

-- 
Av8 Internet   Prepared to pay a premium for better service?
www.av8.net         faster, more reliable, better service
617 344 9000