From kmigoe@nsa.gov Tue Feb 5 07:08:09 2013 Return-Path: X-Original-To: cfrg@ietfa.amsl.com Delivered-To: cfrg@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0F77D21F8904 for ; Tue, 5 Feb 2013 07:08:09 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -10.199 X-Spam-Level: X-Spam-Status: No, score=-10.199 tagged_above=-999 required=5 tests=[AWL=-0.400, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8, SARE_SUB_RAND_LETTRS4=0.799] Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rB9IRnW4GXMb for ; Tue, 5 Feb 2013 07:08:08 -0800 (PST) Received: from nsa.gov (emvm-gh1-uea08.nsa.gov [63.239.67.9]) by ietfa.amsl.com (Postfix) with ESMTP id 609E421F88B2 for ; Tue, 5 Feb 2013 07:08:08 -0800 (PST) X-TM-IMSS-Message-ID: <2e20c13000041db1@nsa.gov> Received: from MSHT-GH1-UEA02.corp.nsa.gov ([10.215.227.181]) by nsa.gov ([63.239.67.9]) with ESMTP (TREND IMSS SMTP Service 7.1; TLSv1/SSLv3 AES128-SHA (128/128)) id 2e20c13000041db1 ; Tue, 5 Feb 2013 10:07:11 -0500 Received: from MSMR-GH1-UEA03.corp.nsa.gov ([10.215.224.3]) by MSHT-GH1-UEA02.corp.nsa.gov ([10.215.227.181]) with mapi id 14.01.0289.001; Tue, 5 Feb 2013 10:08:05 -0500 From: "Igoe, Kevin M." To: "cfrg@irtf.org" Thread-Topic: RG Last Call - draft-irtf-cfrg-ocb-00 Thread-Index: Ac4Dspy9Udf6dIL6TC+F69Worz8/1Q== Date: Tue, 5 Feb 2013 15:08:05 +0000 Message-ID: <3C4AAD4B5304AB44A6BA85173B4675CA662973B8@MSMR-GH1-UEA03.corp.nsa.gov> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.215.225.46] Content-Type: multipart/alternative; boundary="_000_3C4AAD4B5304AB44A6BA85173B4675CA662973B8MSMRGH1UEA03cor_" MIME-Version: 1.0 Cc: 'Phillip Rogaway' Subject: [Cfrg] RG Last Call - draft-irtf-cfrg-ocb-00 X-BeenThere: cfrg@irtf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Crypto Forum Research Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 05 Feb 2013 15:08:09 -0000 --_000_3C4AAD4B5304AB44A6BA85173B4675CA662973B8MSMRGH1UEA03cor_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable We are issuing a RG Last Call on draft-irtf-cfrg-ocb-00. This has been wel= l evaluated on the outside & no objections have been raised on the mailing list. Pleas= e look it over, paying particular attention to the IETF related usual issues such = as intellectual property rights. It would be nice to have this finished before Orlando! ----------------+-------------------------------------------------- Kevin M. Igoe | "We can't solve problems by using the same kind kmigoe@nsa.gov | of thinking we used when we created them." | - Albert Einstein - ----------------+-------------------------------------------------- --_000_3C4AAD4B5304AB44A6BA85173B4675CA662973B8MSMRGH1UEA03cor_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable
We are issuing a RG Last Call on draft-irtf-cfrg-ocb-00.  This ha= s been well evaluated
on the outside & no objections have been raised on the mailing lis= t.  Please look
it over, paying particular attention to the IETF related usual issues = such as intellectual
property rights.  It would be nice to have this finished before O= rlando!
 
 
----------------+------------------------------------= --------------
Kevin M. Igoe   | "We can't solve problems= by using the same kind
kmigoe@nsa.gov  | of thinking we used when we create= d them."
         &nb= sp;      |      &nbs= p;       - Albert Einstein -
----------------+------------------------------------= --------------
 
 
 
--_000_3C4AAD4B5304AB44A6BA85173B4675CA662973B8MSMRGH1UEA03cor_-- From prvs=5748726cfc=uri@ll.mit.edu Tue Feb 5 12:31:32 2013 Return-Path: X-Original-To: cfrg@ietfa.amsl.com Delivered-To: cfrg@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3442B21F8467 for ; Tue, 5 Feb 2013 12:31:32 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.402 X-Spam-Level: X-Spam-Status: No, score=-4.402 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=1.396, RCVD_IN_DNSWL_MED=-4, SARE_SUB_RAND_LETTRS4=0.799, UNPARSEABLE_RELAY=0.001] Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5T8wvbWu-1pO for ; Tue, 5 Feb 2013 12:31:30 -0800 (PST) Received: from mx2.ll.mit.edu (MX2.LL.MIT.EDU [129.55.12.46]) by ietfa.amsl.com (Postfix) with ESMTP id 5D44421F8460 for ; Tue, 5 Feb 2013 12:31:30 -0800 (PST) Received: from LLE2K7-HUB01.mitll.ad.local (LLE2K7-HUB01.mitll.ad.local) by mx2.ll.mit.edu (unknown) with ESMTP id r15KVQUT006499; Tue, 5 Feb 2013 15:31:26 -0500 From: "Blumenthal, Uri - 0558 - MITLL" To: "Igoe, Kevin M." , "cfrg@irtf.org" Date: Tue, 5 Feb 2013 15:31:23 -0500 Thread-Topic: [Cfrg] RG Last Call - draft-irtf-cfrg-ocb-00 Thread-Index: Ac4D38VB2J6B5HRLRuSMK1YVli3oIA== Message-ID: In-Reply-To: <3C4AAD4B5304AB44A6BA85173B4675CA662973B8@MSMR-GH1-UEA03.corp.nsa.gov> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: yes X-MS-TNEF-Correlator: user-agent: Microsoft-MacOutlook/14.2.5.121010 acceptlanguage: en-US Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha1; boundary="B_3442923083_25828595" MIME-Version: 1.0 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.9.8327, 1.0.431, 0.0.0000 definitions=2013-02-05_05:2013-02-04, 2013-02-05, 1970-01-01 signatures=0 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 ipscore=0 suspectscore=9 phishscore=0 bulkscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=6.0.2-1211240000 definitions=main-1302050157 Cc: 'Phillip Rogaway' Subject: Re: [Cfrg] RG Last Call - draft-irtf-cfrg-ocb-00 X-BeenThere: cfrg@irtf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Crypto Forum Research Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 05 Feb 2013 20:31:32 -0000 --B_3442923083_25828595 Content-type: multipart/alternative; boundary="B_3442923083_25781524" --B_3442923083_25781524 Content-type: text/plain; charset="ISO-8859-1" Content-transfer-encoding: quoted-printable Perhaps I wasn't attentive enough =AD but I saw no reference to Intellectual Property (IP) restrictions. OCB mode used to be patented and not free. Then I've heard that the restrictions were relaxed so that a person could use it free of charge unless the intended (?) purpose was military-related =AD which would exclude Government employees and Government contractors.So regardless of what the current restrictions are, IMHO they have to be spelled out clearly, or at worst referred to in the References section (and it better b= e "one hop"!). Tnx! P.S. My sotto voce =AD I'd love to see how OCB compares to GCM on the current Intel chips that have GF and AES hardware speedups. -- Regards, Uri Blumenthal From: , "Kevin M." Date: Tuesday, February 5, 2013 10:08 To: "cfrg@irtf.org" Cc: 'Phillip Rogaway' Subject: [Cfrg] RG Last Call - draft-irtf-cfrg-ocb-00 > We are issuing a RG Last Call on draft-irtf-cfrg-ocb-00. This has been w= ell > evaluated > on the outside & no objections have been raised on the mailing list. Ple= ase > look > it over, paying particular attention to the IETF related usual issues suc= h as > intellectual > property rights. It would be nice to have this finished before Orlando! > =20 > =20 > ----------------+-------------------------------------------------- > Kevin M. Igoe | "We can't solve problems by using the same kind > kmigoe@nsa.gov | of thinking we used when we created them." > | - Albert Einstein - > ----------------+-------------------------------------------------- > =20 > =20 > =20 --B_3442923083_25781524 Content-type: text/html; charset="ISO-8859-1" Content-transfer-encoding: quoted-printable
Perhaps I wasn't a= ttentive enough – but I saw no reference to Intellectual Property (IP)= restrictions. OCB mode used to be patented and not free. Then I've heard th= at the restrictions were relaxed so that a person could use it free of charg= e unless the intended (?) purpose was military-related – w= hich would exclude Government employees and Government contractors.So regard= less of what the current restrictions are, IMHO they have to be spelled out = clearly, or at worst referred to in the References section (and it better be= "one hop"!).

Tnx!

P.S. My= sotto voce – I'd love to see how OCB compares to GCM on the current I= ntel chips that have GF and AES hardware speedups.
--
Regards,
Uri Blum= enthal
<Disclaimer>

From: <Igoe>, "= Kevin M." <kmigoe@nsa.gov>
Date: Tuesday, February 5, 2013 10:08 To: "= cfrg@irtf.org" <cfrg@irtf.org><= br>Cc: 'Phillip Rogaway' <rogaway@cs.ucdavis.edu>
Subject: [Cfrg] RG Last Call - draft-irtf-cfrg-= ocb-00

<= span style=3D"font-size:11pt;">
We are issuing a RG Last Call on draft-irt= f-cfrg-ocb-00.  This has been well evaluated
on the outside &= amp; no objections have been raised on the mailing list.  Please look
it over, paying particular attention to the IETF related usual issu= es such as intellectual
property rights.  It would be nice to= have this finished before Orlando!
 
 
----------------+----------------------= ----------------------------
Kevin M. Igoe =   | "We can't solve problems by using the same kind
=
kmigoe@nsa.gov  | of think= ing we used when we created them."
=        &nbs= p;        |     =          - Albert Einstein -<= /font>
----------------+--------------------------------------= ------------
 
 
 = ;
--B_3442923083_25781524-- --B_3442923083_25828595 Content-Type: application/pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" MIIUAAYJKoZIhvcNAQcCoIIT8TCCE+0CAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHAaCC EeMwggTLMIIDs6ADAgECAgoTvp8EAAAAAEiAMA0GCSqGSIb3DQEBCwUAMFExCzAJBgNVBAYT AlVTMR8wHQYDVQQKExZNSVQgTGluY29sbiBMYWJvcmF0b3J5MQwwCgYDVQQLEwNQS0kxEzAR BgNVBAMTCk1JVExMIENBLTIwHhcNMTIwNzE2MTgwNzA2WhcNMTMwNzE2MTgwNzA2WjBhMQsw CQYDVQQGEwJVUzEfMB0GA1UEChMWTUlUIExpbmNvbG4gTGFib3JhdG9yeTEPMA0GA1UECxMG UGVvcGxlMSAwHgYDVQQDExdCbHVtZW50aGFsLlVyaS41MDAxMDU4NDCCASIwDQYJKoZIhvcN AQEBBQADggEPADCCAQoCggEBALQbhERcgi7bVsw6WLXunsi9ymPD09JMrF1iGlCDF4ZO1+W5 Lp6znDFyubLdbP3qikgcXWfByMzsHUzoSQD1Bp9O7mKa656rMu3mez/ItydJBw/LMZYSYc+6 4DB4KuzvA2DnTaQ41I0SqFE0DrksfBi8ePO/Xv7PQRNUl45Y7VSB6xoA7DfTZO5IZ4e6Om90 /AnVBE+aee40kxvmDWGr1jvFxv/gSvQA3PxcwnCxzn699bpAtz8VUdfTsewhy+g5OonBLSzg I/yIyCd6g2eQQcw6g10eQJopUnoKv1o0TIss1pwK5SZG3mM2FCFECL1vV8NMTQ4AuS3OSO7i 3AX2g1cCAwEAAaOCAZMwggGPMB0GA1UdDgQWBBSw8IXAP4OJKTOqBKNPgRR1LceLVzAOBgNV HQ8BAf8EBAMCBsAwHwYDVR0jBBgwFoAUjkp9iaFjFxyBiDRXNyZFXhmKfiQwMwYDVR0fBCww KjAooCagJIYiaHR0cDovL2NybC5sbC5taXQuZWR1L2dldGNybC9MTENBMjBiBggrBgEFBQcB AQRWMFQwLQYIKwYBBQUHMAKGIWh0dHA6Ly9jcmwubGwubWl0LmVkdS9nZXR0by9MTENBMjAj BggrBgEFBQcwAYYXaHR0cDovL29jc3AubGwubWl0LmVkdS8wDAYDVR0TAQH/BAIwADA9Bgkr BgEEAYI3FQcEMDAuBiYrBgEEAYI3FQiDg+Udh+ynZoathxWD6vBFhbahHx2Fy94yh/+KcwIB ZAIBBTAiBgNVHSUBAf8EGDAWBggrBgEFBQcDBAYKKwYBBAGCNwoDDDAYBgNVHSAEETAPMA0G CyqGSIb3EgIBAwEIMBkGA1UdEQQSMBCBDnVyaUBsbC5taXQuZWR1MA0GCSqGSIb3DQEBCwUA A4IBAQCheTHY3ppuUbzU5Quma4TR1Rhr0r+BfIMJyrfrmA9gNIoFzK0MbK1xxRv/9Nz/9sRQ ukIWIIfjyQlNDIiCl+8yut3V31v5NW+T0NB4GGIYicWI+ID8tBfvaHaniZ+bP/wEsZMOPq1J kh4E28mRAsHMuYhu6kraGj0yRi4Y3zuxJIeRN7NGYFCglFaPSeOQ33m0o5oyyMNfdDcDX7T/ 3pSSNFk/gAcPoI+XvC0sXS2cVYqvDGwzsT58M+6jvg0FDb8z/BIO2OL2KpO+ojeNSNud4Cf4 7gEpChuvx36vgLLq+J1s9BIXKk7FVAIdbD5KKnO/HiDpqamScI6p3Lc3PQZuMIIEtzCCA5+g AwIBAgIBFDANBgkqhkiG9w0BAQsFADBUMQswCQYDVQQGEwJVUzEfMB0GA1UEChMWTUlUIExp bmNvbG4gTGFib3JhdG9yeTEMMAoGA1UECxMDUEtJMRYwFAYDVQQDEw1NSVRMTCBSb290IENB MB4XDTA5MTIxNDEyMDAwMFoXDTE1MTIzMTIzNTk1OVowUTELMAkGA1UEBhMCVVMxHzAdBgNV BAoTFk1JVCBMaW5jb2xuIExhYm9yYXRvcnkxDDAKBgNVBAsTA1BLSTETMBEGA1UEAxMKTUlU TEwgQ0EtMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKcEyyNhSIfsN6AzBwVh Zkzo6SdjNGAQ7mA2A8T0kmdCB8MH6jWjVVMwFZwlg9cgjgLKEuEO9KN8K9M8jgeZEMoinlRf k3YELPC7sEkkzBQkcVpLhEwALue9iHowgSLGmXZpYKmRhfvhvYJ4MNCuIaWpcK/GaDZCE+U2 aTg42kv/zQrH3AoqFX81OF7niwXNnanP1hQRfkMTRrnaEW8DX0TMaG/t9Ry5xSMrLTNc9DvQ tjA5ZcuWnECiUpyDBFWxLr9yx7xgf1/LwgCxcoBeKSBBoWzkQmKAsgMo9Mq1Fp/nnIqw5FKm gOs7Vy+6e0Dk+cgf+oAV8AK8ZFMQrVE0uH0CAwEAAaOCAZUwggGRMBIGA1UdEwEB/wQIMAYB Af8CAQAwHQYDVR0OBBYEFI5KfYmhYxccgYg0VzcmRV4Zin4kMB8GA1UdIwQYMBaAFGeqes/0 Cqa5crWKoNKd8hDDQ+0pMA4GA1UdDwEB/wQEAwIBhjBhBggrBgEFBQcBAQRVMFMwLQYIKwYB BQUHMAKGIWh0dHA6Ly9jcmwubGwubWl0LmVkdS9nZXR0bz9MTFJDQTAiBggrBgEFBQcwAYYW aHR0cDovL29jc3AubGwubWl0LmVkdTAzBgNVHR8ELDAqMCigJqAkhiJodHRwOi8vY3JsLmxs Lm1pdC5lZHUvZ2V0Y3JsP0xMUkNBMIGSBgNVHSAEgYowgYcwDQYLKoZIhvcSAgEDAQYwDQYL KoZIhvcSAgEDAQgwDQYLKoZIhvcSAgEDAQcwDQYLKoZIhvcSAgEDAQkwDQYLKoZIhvcSAgED AQowDQYLKoZIhvcSAgEDAQswDQYLKoZIhvcSAgEDAQ4wDQYLKoZIhvcSAgEDAQ8wDQYLKoZI hvcSAgEDARAwDQYJKoZIhvcNAQELBQADggEBAIh3BqHQ/XH8C6DCL+eEGroOzxBcCqTNItms v4MANaOTodgU2jrjHcGjXlzqhpb8ZxOlkAK3dK09rc6+yACcoK2TzVtDRZXYxov/SqZRjI3d ufU2JatAPxosCyy/1otjl1TKUY47Wvft31vdf5i0XK2DQVEJ+XlqtgBiFTVIMIfBJwPajrsi z+pgFEYwhhwJxvs8flSi0FLCE77VYLEioP5hxG6zIPeQRxzh1bogbfphWHHtoiTDkBSZ4Ufv GXQTVf7QjhD5yYw10yICtjHmtgbfgBkH5/vvR92NY9RSlNPzZqmGKIia61bJCmagRYGyexfe dVNF0cJWL4J/cLHhgNYwggODMIICa6ADAgECAgEBMA0GCSqGSIb3DQEBBQUAMFQxCzAJBgNV BAYTAlVTMR8wHQYDVQQKExZNSVQgTGluY29sbiBMYWJvcmF0b3J5MQwwCgYDVQQLEwNQS0kx FjAUBgNVBAMTDU1JVExMIFJvb3QgQ0EwHhcNMDgwOTIzMTIwMDAwWhcNMjkxMjMxMjM1OTU5 WjBUMQswCQYDVQQGEwJVUzEfMB0GA1UEChMWTUlUIExpbmNvbG4gTGFib3JhdG9yeTEMMAoG A1UECxMDUEtJMRYwFAYDVQQDEw1NSVRMTCBSb290IENBMIIBIjANBgkqhkiG9w0BAQEFAAOC AQ8AMIIBCgKCAQEAxU4pF1iyJrL5rYq/XBAKg93kCTATG7Bw0NGFpEJ1A3Xsr6UIIq9/1VJB OgCwDqrVsAK1lRwy/lkrHzPkobiMr1wzjQ28SR/9sg5kAcmrMqBYbc302qtwCGKZxdNdhAh2 nUOCO10AMpUsCNdpikPY9ukT8lsA+eorM4Q1rc/L0J6AHRptOU7IuDBdZj+tdNb7gv+GKknr 6wj9m2sVGawoaG7AAqhsWvQUM/q4h/H5FpYlwnVAEh2AzhqiG9bwl6uJJIzJ/8uUWldNkVwz 1I5fR/vCaxiLXIW4oUydBuRKTG+ekEoxHGuD73yx5JtsSciS8HQL2oEM8tv+VAC+albqgwID AQABo2AwXjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRnqnrP9AqmuXK1iqDSnfIQw0Pt KTAfBgNVHSMEGDAWgBRnqnrP9AqmuXK1iqDSnfIQw0PtKTALBgNVHQ8EBAMCAYYwDQYJKoZI hvcNAQEFBQADggEBAD4bbQVg0Hh42EpYX4/JPkNS3OUAEWR/YgzZUY1QGi9rQZ4pfcjU1/Ta oNT8Y7Yf0RO+e9NiG9+BDhQH/kQiZOQo9rv9NUb8xDtKCYCad7zEQtVsYsWuvK2XLw/Ji1m2 eBvoOB4RS/5LAWfNws7W+DWt2ayzeTCyrLSrx7ZVgBjzNOm0TPIkbfppdwgxuo7FZL8ts+M2 492Al87d3VasevUS1pprRBEupChmPTt1hjtajkQOpT4BQAzP1lVEYrWzlv+O/lbP9iujKpYW cfYqQ3FGf37YCvuDeues4xm+nqmyraNsNeI8Gh3XDIwqfzHnLhy4Y80VyqN/Jj8df3SK9AAw ggTOMIIDtqADAgECAgpDgT5qAAAAADKHMA0GCSqGSIb3DQEBCwUAMFExCzAJBgNVBAYTAlVT MR8wHQYDVQQKExZNSVQgTGluY29sbiBMYWJvcmF0b3J5MQwwCgYDVQQLEwNQS0kxEzARBgNV BAMTCk1JVExMIENBLTIwHhcNMTIwMzA1MTUxODA3WhcNMTMwMzA1MTUxODA3WjBhMQswCQYD VQQGEwJVUzEfMB0GA1UEChMWTUlUIExpbmNvbG4gTGFib3JhdG9yeTEPMA0GA1UECxMGUGVv cGxlMSAwHgYDVQQDExdCbHVtZW50aGFsLlVyaS41MDAxMDU4NDCCASIwDQYJKoZIhvcNAQEB BQADggEPADCCAQoCggEBAM1hd7gYE3EAuUHpQXBAAsld4ttPFF2dJILTwLxpMAwAOeuCE2FN Qm7r5aIXSmwfYReSBSvZ01k6YOx3hqxMUJYgDTWvQ9A5OEufC3aD71g18VhHvqMs8uBEj7aX Na6dNd8V10yl4GZ4pXffNSN1Qb1S6pQ0r9NNILb+ZSevs3DGNE5rZwHxM0Ed62MjDyR4r7tL pFbkvlEFDdj8epEz7C6zEUPLyr8JjCDbLqhV4uoNdQQxweEPhSVadd5bDoT5w9OM4h4g/1hU PI/zuzp1pZLWiRigsmsCiT2YQUs3phYnRGkRzyenY3Usu+HtXtG1fSleaoeZtOqlcT01RBtP K1MCAwEAAaOCAZYwggGSMB0GA1UdDgQWBBShib6es0uFKEYxkMQRe+e7efVhBzAOBgNVHQ8B Af8EBAMCBSAwHwYDVR0jBBgwFoAUjkp9iaFjFxyBiDRXNyZFXhmKfiQwMwYDVR0fBCwwKjAo oCagJIYiaHR0cDovL2NybC5sbC5taXQuZWR1L2dldGNybC9MTENBMjBiBggrBgEFBQcBAQRW MFQwLQYIKwYBBQUHMAKGIWh0dHA6Ly9jcmwubGwubWl0LmVkdS9nZXR0by9MTENBMjAjBggr BgEFBQcwAYYXaHR0cDovL29jc3AubGwubWl0LmVkdS8wDAYDVR0TAQH/BAIwADA9BgkrBgEE AYI3FQcEMDAuBiYrBgEEAYI3FQiDg+Udh+ynZoathxWD6vBFhbahHx2F69Bwg+vtIAIBZAIB BDAlBgNVHSUEHjAcBgRVHSUABggrBgEFBQcDBAYKKwYBBAGCNwoDBDAYBgNVHSAEETAPMA0G CyqGSIb3EgIBAwEIMBkGA1UdEQQSMBCBDnVyaUBsbC5taXQuZWR1MA0GCSqGSIb3DQEBCwUA A4IBAQBqmZjWIBD5zFsLODc5rYV8zKQKukfF+u4DpNFzEHbCjNn1TBLBa0HVy1kLBA1ZwQPi cOw/XFgW8GHJo6Zpnd0NWwr02KbzJEn3wm5NmYWRTvuW9ld9O8/vkoPl0EmOfCbLoeQHNiEM lkBgoiC3nx54JaUTubWVcY7/caYldaT+VllH+y3PDB5yfO0YnAXkDbDqr+OBAM7dRe0QhcgS ZxTcRnrWGTUHwVV1yl4+Mxc++V1iLX1HdC1IdfKYHhswJbKOteuuCRLuhbKLpX/+y5cl6I/w 9u44Y86l34NExCasoNebcTzSVR5bKEWGhbntpDULl8cLMzXGlPQ5Oh614HeSMYIB5TCCAeEC AQEwXzBRMQswCQYDVQQGEwJVUzEfMB0GA1UEChMWTUlUIExpbmNvbG4gTGFib3JhdG9yeTEM MAoGA1UECxMDUEtJMRMwEQYDVQQDEwpNSVRMTCBDQS0yAgoTvp8EAAAAAEiAMAkGBSsOAwIa BQCgXTAjBgkqhkiG9w0BCQQxFgQU3sAMnaJTAjtJlaZmIy98hlctRy0wGAYJKoZIhvcNAQkD MQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMTMwMjA1MjAzMTIzWjANBgkqhkiG9w0B AQEFAASCAQCqxX522pcjGKsBcL8YML5ToLTotAFO9dOEfi4K76iLqCc6jua1y4/obXm5JYZA 8k9pn9F0uogpN+qOa6eoRksAE3oytgmVVRrJmWvZF7eTxDBUM7O+QBzz0Q+NUOadFcl9wJrD BecuEEOqEDn7rG7Ubb7jnC3imtdI4zR+6c2OFxxkpIOcNLMMS177EzOqOuD/QjEAc+pF6sCP yw5ocu+FK6RWum1uViYyNM4TrTgtUXeL3YCFeCXw7QwC9+4xAc9+UoZ2tfe9xZXm/l97pNuL a0grhmjcqdrCVNyOxWgdKNul7SJLwSDTemakaLImeKhWmaN7Zwvr6VMnqL99MvzU --B_3442923083_25828595-- From ted@krovetz.net Tue Feb 5 14:17:34 2013 Return-Path: X-Original-To: cfrg@ietfa.amsl.com Delivered-To: cfrg@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 788B021F84D9 for ; Tue, 5 Feb 2013 14:17:34 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.8 X-Spam-Level: X-Spam-Status: No, score=-2.8 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1, SARE_SUB_RAND_LETTRS4=0.799] Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id w7yelDuuk6Mj for ; Tue, 5 Feb 2013 14:17:33 -0800 (PST) Received: from mail-pa0-f42.google.com (mail-pa0-f42.google.com [209.85.220.42]) by ietfa.amsl.com (Postfix) with ESMTP id CCF8321F84CE for ; Tue, 5 Feb 2013 14:17:33 -0800 (PST) Received: by mail-pa0-f42.google.com with SMTP id kq12so403680pab.15 for ; Tue, 05 Feb 2013 14:17:33 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=x-received:content-type:mime-version:subject:from:in-reply-to:date :content-transfer-encoding:message-id:references:to:x-mailer :x-gm-message-state; bh=40KqQB0eKXlMIN+0rtHgqiTTbX5oMcbRCILHYqbJsOk=; b=dzm4EPJSDxYpsQWpx1THhdZcIVKKD+SRiD68pf18JSVPKQhL8DOfi+ph4zoAuYTY6i KDasoBpcZnVPxDfOuYCb1gERitX+o6h/p+1T+Yw/52Sug2EZdMCOszokacSyHP6ZyZuR Cd4qFCKbyThNR+Td4TMI8gIJeX6KImPZ9fvAypNtxu0Mbv7+iEYhboPDQ2bumBX9La2w jLW7rrqPm3RQn8XKVQcL15QLVfRbUFvAdJbc28Ot2Z0jL8ucgN6WhkTWBLUW0hJ/C1HV fY/09mYoU42R3+3XEhz1d4tx8Gc1x84ZIalzW9cjYLGCMuRI9FjvS8EsOqxcgwEalp1V Uyeg== X-Received: by 10.66.81.166 with SMTP id b6mr68403146pay.7.1360102653111; Tue, 05 Feb 2013 14:17:33 -0800 (PST) Received: from [192.168.1.73] (c-67-166-145-119.hsd1.ca.comcast.net. [67.166.145.119]) by mx.google.com with ESMTPS id b3sm29817108pax.14.2013.02.05.14.17.31 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Tue, 05 Feb 2013 14:17:32 -0800 (PST) Content-Type: text/plain; charset=iso-8859-1 Mime-Version: 1.0 (Mac OS X Mail 6.2 \(1499\)) From: Ted Krovetz In-Reply-To: Date: Tue, 5 Feb 2013 14:17:30 -0800 Content-Transfer-Encoding: quoted-printable Message-Id: <9BBAB802-CF3A-4DA0-B092-4F45B202C54F@krovetz.net> References: To: cfrg@irtf.org X-Mailer: Apple Mail (2.1499) X-Gm-Message-State: ALoCoQlBjnzJwXWPiNY0l0MiLZZv5rac4FIUDbMZcsfCLF7kS0lu9JoOnWA0ctiHr3Hsnd6sDsQJ Subject: Re: [Cfrg] RG Last Call - draft-irtf-cfrg-ocb-00 X-BeenThere: cfrg@irtf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Crypto Forum Research Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 05 Feb 2013 22:17:34 -0000 Phil has issued broad licenses for OCB, allowing open-source software = implementations and software implementations in non-military contexts = and non-commercial non-military hardware implementations. The licenses = are at http://www.cs.ucdavis.edu/~rogaway/ocb/license.htm It is my understanding -- correct me if I'm wrong -- that IP disclosures = do not go directly in the RFC but instead get disclosed to the IETF = along with the RFC submission. This has been done and the disclosures = are at=20 = https://datatracker.ietf.org/ipr/search/?option=3Ddocument_search&id_docum= ent_tag=3Ddraft-krovetz-ocb There is a study of OCB performance vs other AE schemes which includes = AES-NI on Westmere hardware. http://www.cs.ucdavis.edu/~rogaway/ocb/ocb-doc.htm http://www.cs.ucdavis.edu/~rogaway/ocb/performance These have not been updated for Sandy Bridge or Ivy Bridge. I can tell = you that under Sandy Bridge OCB takes just 0.87 cycles per byte when = processing 4KB messages. The fastest GHASH implementation I know about = is Andy Polyakov's OpenSSL implementation that runs at 2.0 cycles per = byte (just for GCM's hashing, you'd have to add the cost of encryption = to get GCM's overall speed). Sandy Bridge and Ivy Bridge did not improve = PCLMULQDQ performance but did improve AESENC performance, meaning that = Sandy and Ivy improved OCB's performance much more than GCM's. -Ted From prvs=5748726cfc=uri@ll.mit.edu Tue Feb 5 14:44:18 2013 Return-Path: X-Original-To: cfrg@ietfa.amsl.com Delivered-To: cfrg@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 40DD421F894C for ; Tue, 5 Feb 2013 14:44:18 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.402 X-Spam-Level: X-Spam-Status: No, score=-4.402 tagged_above=-999 required=5 tests=[AWL=0.001, BAYES_00=-2.599, MIME_QP_LONG_LINE=1.396, RCVD_IN_DNSWL_MED=-4, SARE_SUB_RAND_LETTRS4=0.799, UNPARSEABLE_RELAY=0.001] Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9+wei2sWmIZO for ; Tue, 5 Feb 2013 14:44:17 -0800 (PST) Received: from mx2.ll.mit.edu (MX2.LL.MIT.EDU [129.55.12.46]) by ietfa.amsl.com (Postfix) with ESMTP id 1B4D921F8941 for ; Tue, 5 Feb 2013 14:44:17 -0800 (PST) Received: from LLE2K7-HUB01.mitll.ad.local (LLE2K7-HUB01.mitll.ad.local) by mx2.ll.mit.edu (unknown) with ESMTP id r15MiGxL018451; Tue, 5 Feb 2013 17:44:16 -0500 From: "Blumenthal, Uri - 0558 - MITLL" To: Ted Krovetz , "cfrg@irtf.org" Date: Tue, 5 Feb 2013 17:44:12 -0500 Thread-Topic: [Cfrg] RG Last Call - draft-irtf-cfrg-ocb-00 Thread-Index: Ac4D8lMWLxqjc+cJSm2H5swAOKRGaw== Message-ID: In-Reply-To: <9BBAB802-CF3A-4DA0-B092-4F45B202C54F@krovetz.net> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: yes X-MS-TNEF-Correlator: user-agent: Microsoft-MacOutlook/14.2.5.121010 acceptlanguage: en-US Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha1; boundary="B_3442931052_26276220" MIME-Version: 1.0 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.9.8327, 1.0.431, 0.0.0000 definitions=2013-02-05_07:2013-02-04, 2013-02-05, 1970-01-01 signatures=0 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 ipscore=0 suspectscore=2 phishscore=0 bulkscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=6.0.2-1211240000 definitions=main-1302050194 Subject: Re: [Cfrg] RG Last Call - draft-irtf-cfrg-ocb-00 X-BeenThere: cfrg@irtf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Crypto Forum Research Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 05 Feb 2013 22:44:18 -0000 --B_3442931052_26276220 Content-type: text/plain; charset="ISO-8859-1" Content-transfer-encoding: quoted-printable Going to Phil's page gives the following. What is the relation between "License 1" and "License 2"? * License for Open-Source Software Implementations of OCB (Jan 9, 2013) =8B =B3License 1=B2=20 Under this license, you are authorized to make, use, and distribute open-source software implementations of OCB. This license terminates for you if you sue someone over their open-source software implementation of OCB claiming that you have a patent covering their implementation. This is a non-binding summary of a legal document (the link above). The parameters of the license are specified in the license document and that document is controlling. * General License for Non-Military Software Implementations OCB (Jan 10, 2013). =8B =B3License 2=B2=20 This license does not authorize any military use of OCB. Aside from military uses, you are authorized to make, use, and distribute (1) any software implementation of OCB and (2) non-software implementations of OCB for noncommercial or research purposes. You are required to include notice of this license to users of your work so that they are aware of the prohibition against military use. This license terminates for you if you sue someone over an implementation of OCB authorized by this license claiming that you have a patent covering their implementation. This is a non-binding summary of a legal document (the link above). The parameters of the license are specified in the license document and that document is controlling. P.S. GCM may be slower - but at least I don't need a law degree to figure out what can be done with it. P.P.S. My assembly skills are rusty, but I didn't find use of CLMUL in the assembly code. Could you clarify whether only AES-NI instructions were used, or CLMUL was used too? Tnx! -- Regards, Uri Blumenthal On 2/5/13 17:17 , "Ted Krovetz" wrote: >Phil has issued broad licenses for OCB, allowing open-source software >implementations and software implementations in non-military contexts and >non-commercial non-military hardware implementations. The licenses are at > > http://www.cs.ucdavis.edu/~rogaway/ocb/license.htm > >It is my understanding -- correct me if I'm wrong -- that IP disclosures >do not go directly in the RFC but instead get disclosed to the IETF along >with the RFC submission. This has been done and the disclosures are at > > =20 >https://datatracker.ietf.org/ipr/search/?option=3Ddocument_search&id_documen >t_tag=3Ddraft-krovetz-ocb > >There is a study of OCB performance vs other AE schemes which includes >AES-NI on Westmere hardware. > > http://www.cs.ucdavis.edu/~rogaway/ocb/ocb-doc.htm > http://www.cs.ucdavis.edu/~rogaway/ocb/performance > >These have not been updated for Sandy Bridge or Ivy Bridge. I can tell >you that under Sandy Bridge OCB takes just 0.87 cycles per byte when >processing 4KB messages. The fastest GHASH implementation I know about is >Andy Polyakov's OpenSSL implementation that runs at 2.0 cycles per byte >(just for GCM's hashing, you'd have to add the cost of encryption to get >GCM's overall speed). Sandy Bridge and Ivy Bridge did not improve >PCLMULQDQ performance but did improve AESENC performance, meaning that >Sandy and Ivy improved OCB's performance much more than GCM's. > >-Ted > > >_______________________________________________ >Cfrg mailing list >Cfrg@irtf.org >http://www.irtf.org/mailman/listinfo/cfrg --B_3442931052_26276220 Content-Type: application/pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" MIIUAAYJKoZIhvcNAQcCoIIT8TCCE+0CAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHAaCC EeMwggTLMIIDs6ADAgECAgoTvp8EAAAAAEiAMA0GCSqGSIb3DQEBCwUAMFExCzAJBgNVBAYT AlVTMR8wHQYDVQQKExZNSVQgTGluY29sbiBMYWJvcmF0b3J5MQwwCgYDVQQLEwNQS0kxEzAR BgNVBAMTCk1JVExMIENBLTIwHhcNMTIwNzE2MTgwNzA2WhcNMTMwNzE2MTgwNzA2WjBhMQsw CQYDVQQGEwJVUzEfMB0GA1UEChMWTUlUIExpbmNvbG4gTGFib3JhdG9yeTEPMA0GA1UECxMG UGVvcGxlMSAwHgYDVQQDExdCbHVtZW50aGFsLlVyaS41MDAxMDU4NDCCASIwDQYJKoZIhvcN AQEBBQADggEPADCCAQoCggEBALQbhERcgi7bVsw6WLXunsi9ymPD09JMrF1iGlCDF4ZO1+W5 Lp6znDFyubLdbP3qikgcXWfByMzsHUzoSQD1Bp9O7mKa656rMu3mez/ItydJBw/LMZYSYc+6 4DB4KuzvA2DnTaQ41I0SqFE0DrksfBi8ePO/Xv7PQRNUl45Y7VSB6xoA7DfTZO5IZ4e6Om90 /AnVBE+aee40kxvmDWGr1jvFxv/gSvQA3PxcwnCxzn699bpAtz8VUdfTsewhy+g5OonBLSzg I/yIyCd6g2eQQcw6g10eQJopUnoKv1o0TIss1pwK5SZG3mM2FCFECL1vV8NMTQ4AuS3OSO7i 3AX2g1cCAwEAAaOCAZMwggGPMB0GA1UdDgQWBBSw8IXAP4OJKTOqBKNPgRR1LceLVzAOBgNV HQ8BAf8EBAMCBsAwHwYDVR0jBBgwFoAUjkp9iaFjFxyBiDRXNyZFXhmKfiQwMwYDVR0fBCww KjAooCagJIYiaHR0cDovL2NybC5sbC5taXQuZWR1L2dldGNybC9MTENBMjBiBggrBgEFBQcB AQRWMFQwLQYIKwYBBQUHMAKGIWh0dHA6Ly9jcmwubGwubWl0LmVkdS9nZXR0by9MTENBMjAj BggrBgEFBQcwAYYXaHR0cDovL29jc3AubGwubWl0LmVkdS8wDAYDVR0TAQH/BAIwADA9Bgkr BgEEAYI3FQcEMDAuBiYrBgEEAYI3FQiDg+Udh+ynZoathxWD6vBFhbahHx2Fy94yh/+KcwIB ZAIBBTAiBgNVHSUBAf8EGDAWBggrBgEFBQcDBAYKKwYBBAGCNwoDDDAYBgNVHSAEETAPMA0G CyqGSIb3EgIBAwEIMBkGA1UdEQQSMBCBDnVyaUBsbC5taXQuZWR1MA0GCSqGSIb3DQEBCwUA A4IBAQCheTHY3ppuUbzU5Quma4TR1Rhr0r+BfIMJyrfrmA9gNIoFzK0MbK1xxRv/9Nz/9sRQ ukIWIIfjyQlNDIiCl+8yut3V31v5NW+T0NB4GGIYicWI+ID8tBfvaHaniZ+bP/wEsZMOPq1J kh4E28mRAsHMuYhu6kraGj0yRi4Y3zuxJIeRN7NGYFCglFaPSeOQ33m0o5oyyMNfdDcDX7T/ 3pSSNFk/gAcPoI+XvC0sXS2cVYqvDGwzsT58M+6jvg0FDb8z/BIO2OL2KpO+ojeNSNud4Cf4 7gEpChuvx36vgLLq+J1s9BIXKk7FVAIdbD5KKnO/HiDpqamScI6p3Lc3PQZuMIIEtzCCA5+g AwIBAgIBFDANBgkqhkiG9w0BAQsFADBUMQswCQYDVQQGEwJVUzEfMB0GA1UEChMWTUlUIExp bmNvbG4gTGFib3JhdG9yeTEMMAoGA1UECxMDUEtJMRYwFAYDVQQDEw1NSVRMTCBSb290IENB MB4XDTA5MTIxNDEyMDAwMFoXDTE1MTIzMTIzNTk1OVowUTELMAkGA1UEBhMCVVMxHzAdBgNV BAoTFk1JVCBMaW5jb2xuIExhYm9yYXRvcnkxDDAKBgNVBAsTA1BLSTETMBEGA1UEAxMKTUlU TEwgQ0EtMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKcEyyNhSIfsN6AzBwVh Zkzo6SdjNGAQ7mA2A8T0kmdCB8MH6jWjVVMwFZwlg9cgjgLKEuEO9KN8K9M8jgeZEMoinlRf k3YELPC7sEkkzBQkcVpLhEwALue9iHowgSLGmXZpYKmRhfvhvYJ4MNCuIaWpcK/GaDZCE+U2 aTg42kv/zQrH3AoqFX81OF7niwXNnanP1hQRfkMTRrnaEW8DX0TMaG/t9Ry5xSMrLTNc9DvQ tjA5ZcuWnECiUpyDBFWxLr9yx7xgf1/LwgCxcoBeKSBBoWzkQmKAsgMo9Mq1Fp/nnIqw5FKm gOs7Vy+6e0Dk+cgf+oAV8AK8ZFMQrVE0uH0CAwEAAaOCAZUwggGRMBIGA1UdEwEB/wQIMAYB Af8CAQAwHQYDVR0OBBYEFI5KfYmhYxccgYg0VzcmRV4Zin4kMB8GA1UdIwQYMBaAFGeqes/0 Cqa5crWKoNKd8hDDQ+0pMA4GA1UdDwEB/wQEAwIBhjBhBggrBgEFBQcBAQRVMFMwLQYIKwYB BQUHMAKGIWh0dHA6Ly9jcmwubGwubWl0LmVkdS9nZXR0bz9MTFJDQTAiBggrBgEFBQcwAYYW aHR0cDovL29jc3AubGwubWl0LmVkdTAzBgNVHR8ELDAqMCigJqAkhiJodHRwOi8vY3JsLmxs Lm1pdC5lZHUvZ2V0Y3JsP0xMUkNBMIGSBgNVHSAEgYowgYcwDQYLKoZIhvcSAgEDAQYwDQYL KoZIhvcSAgEDAQgwDQYLKoZIhvcSAgEDAQcwDQYLKoZIhvcSAgEDAQkwDQYLKoZIhvcSAgED AQowDQYLKoZIhvcSAgEDAQswDQYLKoZIhvcSAgEDAQ4wDQYLKoZIhvcSAgEDAQ8wDQYLKoZI hvcSAgEDARAwDQYJKoZIhvcNAQELBQADggEBAIh3BqHQ/XH8C6DCL+eEGroOzxBcCqTNItms v4MANaOTodgU2jrjHcGjXlzqhpb8ZxOlkAK3dK09rc6+yACcoK2TzVtDRZXYxov/SqZRjI3d ufU2JatAPxosCyy/1otjl1TKUY47Wvft31vdf5i0XK2DQVEJ+XlqtgBiFTVIMIfBJwPajrsi z+pgFEYwhhwJxvs8flSi0FLCE77VYLEioP5hxG6zIPeQRxzh1bogbfphWHHtoiTDkBSZ4Ufv GXQTVf7QjhD5yYw10yICtjHmtgbfgBkH5/vvR92NY9RSlNPzZqmGKIia61bJCmagRYGyexfe dVNF0cJWL4J/cLHhgNYwggODMIICa6ADAgECAgEBMA0GCSqGSIb3DQEBBQUAMFQxCzAJBgNV BAYTAlVTMR8wHQYDVQQKExZNSVQgTGluY29sbiBMYWJvcmF0b3J5MQwwCgYDVQQLEwNQS0kx FjAUBgNVBAMTDU1JVExMIFJvb3QgQ0EwHhcNMDgwOTIzMTIwMDAwWhcNMjkxMjMxMjM1OTU5 WjBUMQswCQYDVQQGEwJVUzEfMB0GA1UEChMWTUlUIExpbmNvbG4gTGFib3JhdG9yeTEMMAoG A1UECxMDUEtJMRYwFAYDVQQDEw1NSVRMTCBSb290IENBMIIBIjANBgkqhkiG9w0BAQEFAAOC AQ8AMIIBCgKCAQEAxU4pF1iyJrL5rYq/XBAKg93kCTATG7Bw0NGFpEJ1A3Xsr6UIIq9/1VJB OgCwDqrVsAK1lRwy/lkrHzPkobiMr1wzjQ28SR/9sg5kAcmrMqBYbc302qtwCGKZxdNdhAh2 nUOCO10AMpUsCNdpikPY9ukT8lsA+eorM4Q1rc/L0J6AHRptOU7IuDBdZj+tdNb7gv+GKknr 6wj9m2sVGawoaG7AAqhsWvQUM/q4h/H5FpYlwnVAEh2AzhqiG9bwl6uJJIzJ/8uUWldNkVwz 1I5fR/vCaxiLXIW4oUydBuRKTG+ekEoxHGuD73yx5JtsSciS8HQL2oEM8tv+VAC+albqgwID AQABo2AwXjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRnqnrP9AqmuXK1iqDSnfIQw0Pt KTAfBgNVHSMEGDAWgBRnqnrP9AqmuXK1iqDSnfIQw0PtKTALBgNVHQ8EBAMCAYYwDQYJKoZI hvcNAQEFBQADggEBAD4bbQVg0Hh42EpYX4/JPkNS3OUAEWR/YgzZUY1QGi9rQZ4pfcjU1/Ta oNT8Y7Yf0RO+e9NiG9+BDhQH/kQiZOQo9rv9NUb8xDtKCYCad7zEQtVsYsWuvK2XLw/Ji1m2 eBvoOB4RS/5LAWfNws7W+DWt2ayzeTCyrLSrx7ZVgBjzNOm0TPIkbfppdwgxuo7FZL8ts+M2 492Al87d3VasevUS1pprRBEupChmPTt1hjtajkQOpT4BQAzP1lVEYrWzlv+O/lbP9iujKpYW cfYqQ3FGf37YCvuDeues4xm+nqmyraNsNeI8Gh3XDIwqfzHnLhy4Y80VyqN/Jj8df3SK9AAw ggTOMIIDtqADAgECAgpDgT5qAAAAADKHMA0GCSqGSIb3DQEBCwUAMFExCzAJBgNVBAYTAlVT MR8wHQYDVQQKExZNSVQgTGluY29sbiBMYWJvcmF0b3J5MQwwCgYDVQQLEwNQS0kxEzARBgNV BAMTCk1JVExMIENBLTIwHhcNMTIwMzA1MTUxODA3WhcNMTMwMzA1MTUxODA3WjBhMQswCQYD VQQGEwJVUzEfMB0GA1UEChMWTUlUIExpbmNvbG4gTGFib3JhdG9yeTEPMA0GA1UECxMGUGVv cGxlMSAwHgYDVQQDExdCbHVtZW50aGFsLlVyaS41MDAxMDU4NDCCASIwDQYJKoZIhvcNAQEB BQADggEPADCCAQoCggEBAM1hd7gYE3EAuUHpQXBAAsld4ttPFF2dJILTwLxpMAwAOeuCE2FN Qm7r5aIXSmwfYReSBSvZ01k6YOx3hqxMUJYgDTWvQ9A5OEufC3aD71g18VhHvqMs8uBEj7aX Na6dNd8V10yl4GZ4pXffNSN1Qb1S6pQ0r9NNILb+ZSevs3DGNE5rZwHxM0Ed62MjDyR4r7tL pFbkvlEFDdj8epEz7C6zEUPLyr8JjCDbLqhV4uoNdQQxweEPhSVadd5bDoT5w9OM4h4g/1hU PI/zuzp1pZLWiRigsmsCiT2YQUs3phYnRGkRzyenY3Usu+HtXtG1fSleaoeZtOqlcT01RBtP K1MCAwEAAaOCAZYwggGSMB0GA1UdDgQWBBShib6es0uFKEYxkMQRe+e7efVhBzAOBgNVHQ8B Af8EBAMCBSAwHwYDVR0jBBgwFoAUjkp9iaFjFxyBiDRXNyZFXhmKfiQwMwYDVR0fBCwwKjAo oCagJIYiaHR0cDovL2NybC5sbC5taXQuZWR1L2dldGNybC9MTENBMjBiBggrBgEFBQcBAQRW MFQwLQYIKwYBBQUHMAKGIWh0dHA6Ly9jcmwubGwubWl0LmVkdS9nZXR0by9MTENBMjAjBggr BgEFBQcwAYYXaHR0cDovL29jc3AubGwubWl0LmVkdS8wDAYDVR0TAQH/BAIwADA9BgkrBgEE AYI3FQcEMDAuBiYrBgEEAYI3FQiDg+Udh+ynZoathxWD6vBFhbahHx2F69Bwg+vtIAIBZAIB BDAlBgNVHSUEHjAcBgRVHSUABggrBgEFBQcDBAYKKwYBBAGCNwoDBDAYBgNVHSAEETAPMA0G CyqGSIb3EgIBAwEIMBkGA1UdEQQSMBCBDnVyaUBsbC5taXQuZWR1MA0GCSqGSIb3DQEBCwUA A4IBAQBqmZjWIBD5zFsLODc5rYV8zKQKukfF+u4DpNFzEHbCjNn1TBLBa0HVy1kLBA1ZwQPi cOw/XFgW8GHJo6Zpnd0NWwr02KbzJEn3wm5NmYWRTvuW9ld9O8/vkoPl0EmOfCbLoeQHNiEM lkBgoiC3nx54JaUTubWVcY7/caYldaT+VllH+y3PDB5yfO0YnAXkDbDqr+OBAM7dRe0QhcgS ZxTcRnrWGTUHwVV1yl4+Mxc++V1iLX1HdC1IdfKYHhswJbKOteuuCRLuhbKLpX/+y5cl6I/w 9u44Y86l34NExCasoNebcTzSVR5bKEWGhbntpDULl8cLMzXGlPQ5Oh614HeSMYIB5TCCAeEC AQEwXzBRMQswCQYDVQQGEwJVUzEfMB0GA1UEChMWTUlUIExpbmNvbG4gTGFib3JhdG9yeTEM MAoGA1UECxMDUEtJMRMwEQYDVQQDEwpNSVRMTCBDQS0yAgoTvp8EAAAAAEiAMAkGBSsOAwIa BQCgXTAjBgkqhkiG9w0BCQQxFgQUGoAV8P13xn4aVFZg0jXwuySfOc0wGAYJKoZIhvcNAQkD MQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMTMwMjA1MjI0NDEyWjANBgkqhkiG9w0B AQEFAASCAQCBnyQQ/vyLxp9YpLlm/k8wiG2WWtzsyMbBAhfNy6Q21U/XSYP71ZagS+Z3la70 8tiWRsPBflfWl4bIg5ql6dIrGF+EZXXtLKkEu/Oq7E0GrSFjQk8p7KAF2teYduCsJ7UFpku2 bnZd74V3hfIvaNufKHo+evk18cVwlOZRvjsxZmmq8IXj2cQ5Ks+6ftwU79VvPHrzRZdSsGv0 V15WKKSZEAHkoKeEkrXiVOkvcVp2lmsV4WZqwpzBB5DbPaZSfFa7sdC/O40gL8YlKHiB8iI/ m6bGvksaHvRYFUb0J03DCCGC6rug/s1CCauO8kdxKsN2dNkWQDR9ucO59eYdsPie --B_3442931052_26276220-- From ted@krovetz.net Tue Feb 5 19:06:38 2013 Return-Path: X-Original-To: cfrg@ietfa.amsl.com Delivered-To: cfrg@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 72EAA21F89D5 for ; Tue, 5 Feb 2013 19:06:38 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.8 X-Spam-Level: X-Spam-Status: No, score=-2.8 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1, SARE_SUB_RAND_LETTRS4=0.799] Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id J3uwKhaBixC7 for ; Tue, 5 Feb 2013 19:06:38 -0800 (PST) Received: from mail-da0-f43.google.com (mail-da0-f43.google.com [209.85.210.43]) by ietfa.amsl.com (Postfix) with ESMTP id 0844421F88ED for ; Tue, 5 Feb 2013 19:06:38 -0800 (PST) Received: by mail-da0-f43.google.com with SMTP id u36so390005dak.16 for ; Tue, 05 Feb 2013 19:06:37 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=x-received:content-type:mime-version:subject:from:in-reply-to:date :content-transfer-encoding:message-id:references:to:x-mailer :x-gm-message-state; bh=ECqA0z1XDKtpEdWAcfddKQIW4NlbeN0r9rb+BSnY41c=; b=G5z2iqPFtZoKwvLBLB1BpcwNemFdfrCsl4r1prwXFkBpIbiqS/Hj71AjKg6Q78cmrv fACD9en0/OSxbP8PFsoBOUvf+Fnof2HvVntgu66cyX8UB31ywOHmP1P0Iq04Q3uzUhJ/ PkQtcwF5oFxAsa81RFn03VTLs1VtvIlW+//VRbJetA/F0nmVoss3Rjef4ZA+dAzVwDKs cjtJc2K+B2gP7CdSEcEgVVIpp105X2IZApQWJiEqrnGG0yM7CQhi7NjxsFz9kKTYdth6 c6Ik3gL08SwCTS8iCq3OIcxhy3k4V/UthH9lTYQRfH+E6zHv/RfOCMmbeudsKs9zLDMZ 3y3w== X-Received: by 10.66.85.161 with SMTP id i1mr4279783paz.67.1360119997633; Tue, 05 Feb 2013 19:06:37 -0800 (PST) Received: from [192.168.1.73] (c-67-166-145-119.hsd1.ca.comcast.net. [67.166.145.119]) by mx.google.com with ESMTPS id x2sm34021688paw.8.2013.02.05.19.06.36 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Tue, 05 Feb 2013 19:06:36 -0800 (PST) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 6.2 \(1499\)) From: Ted Krovetz In-Reply-To: Date: Tue, 5 Feb 2013 19:06:34 -0800 Content-Transfer-Encoding: quoted-printable Message-Id: <803CC67D-E708-41D4-9865-5C42FF1D626F@krovetz.net> References: To: "cfrg@irtf.org" X-Mailer: Apple Mail (2.1499) X-Gm-Message-State: ALoCoQk3G6Fn9wAIIPXVRuEp3yRZRgJ7lMYxCwEwHbbfhi9iHxbfwSeYqI7w26b1A1+l+fPKwh20 Subject: Re: [Cfrg] RG Last Call - draft-irtf-cfrg-ocb-00 X-BeenThere: cfrg@irtf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Crypto Forum Research Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 06 Feb 2013 03:06:38 -0000 > Going to Phil's page gives the following. What is the relation between > "License 1" and "License 2"? People pick whichever they want. If a product is open source, they'll = likely prefer License 1. If the product is closed they'll likely prefer = License 2. > P.P.S. My assembly skills are rusty, but I didn't find use of CLMUL in = the > assembly code. Could you clarify whether only AES-NI instructions were > used, or CLMUL was used too? Tnx! Yes indeed. We used the GCM implementation from OpenSSL, which uses = CLMUL. From ynir@checkpoint.com Tue Feb 5 22:17:12 2013 Return-Path: X-Original-To: cfrg@ietfa.amsl.com Delivered-To: cfrg@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EAF3521F84D1 for ; Tue, 5 Feb 2013 22:17:12 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -10.162 X-Spam-Level: X-Spam-Status: No, score=-10.162 tagged_above=-999 required=5 tests=[AWL=-0.362, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8, SARE_SUB_RAND_LETTRS4=0.799] Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LJcH9Bn+kYs6 for ; Tue, 5 Feb 2013 22:17:12 -0800 (PST) Received: from smtp.checkpoint.com (smtp.checkpoint.com [194.29.34.68]) by ietfa.amsl.com (Postfix) with ESMTP id 0D83821F846E for ; Tue, 5 Feb 2013 22:17:11 -0800 (PST) Received: from DAG-EX10.ad.checkpoint.com ([194.29.34.150]) by smtp.checkpoint.com (8.13.8/8.13.8) with ESMTP id r166HAYn004844; Wed, 6 Feb 2013 08:17:10 +0200 X-CheckPoint: {5111F1B2-0-1B221DC2-2FFFF} Received: from IL-EX10.ad.checkpoint.com ([169.254.2.18]) by DAG-EX10.ad.checkpoint.com ([169.254.3.103]) with mapi id 14.02.0328.009; Wed, 6 Feb 2013 08:17:10 +0200 From: Yoav Nir To: Ted Krovetz Thread-Topic: [Cfrg] RG Last Call - draft-irtf-cfrg-ocb-00 Thread-Index: Ac4Dspy9Udf6dIL6TC+F69Worz8/1QAHGMOAAAO0wgAAAO63AAAJKb4AAAaoP4A= Date: Wed, 6 Feb 2013 06:17:09 +0000 Message-ID: <4613980CFC78314ABFD7F85CC30277211199CFD4@IL-EX10.ad.checkpoint.com> References: <803CC67D-E708-41D4-9865-5C42FF1D626F@krovetz.net> In-Reply-To: <803CC67D-E708-41D4-9865-5C42FF1D626F@krovetz.net> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [172.31.21.128] x-kse-antivirus-interceptor-info: scan successful x-kse-antivirus-info: Clean Content-Type: text/plain; charset="us-ascii" Content-ID: <14401EDAC7C58E44A9362B50D952ACE9@ad.checkpoint.com> Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Cc: "cfrg@irtf.org" Subject: Re: [Cfrg] RG Last Call - draft-irtf-cfrg-ocb-00 X-BeenThere: cfrg@irtf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Crypto Forum Research Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 06 Feb 2013 06:17:13 -0000 On Feb 6, 2013, at 5:06 AM, Ted Krovetz wrote: >=20 >> Going to Phil's page gives the following. What is the relation between >> "License 1" and "License 2"? >=20 > People pick whichever they want. If a product is open source, they'll lik= ely prefer License 1. If the product is closed they'll likely prefer Licens= e 2. How can it be used in a "product" if even license 2 is for non-commercial u= se? Also, why is "military use" specifically directed at the US military ra= ther than any other military in the world? Thanks Yoav From kmigoe@nsa.gov Wed Feb 6 06:43:34 2013 Return-Path: X-Original-To: cfrg@ietfa.amsl.com Delivered-To: cfrg@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BA8F021F868D for ; Wed, 6 Feb 2013 06:43:34 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -9.999 X-Spam-Level: X-Spam-Status: No, score=-9.999 tagged_above=-999 required=5 tests=[AWL=-0.200, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8, SARE_SUB_RAND_LETTRS4=0.799] Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id s7epMVFtKqvw for ; Wed, 6 Feb 2013 06:43:33 -0800 (PST) Received: from nsa.gov (emvm-gh1-uea08.nsa.gov [63.239.67.9]) by ietfa.amsl.com (Postfix) with ESMTP id 00D8221F8472 for ; Wed, 6 Feb 2013 06:43:32 -0800 (PST) X-TM-IMSS-Message-ID: <3330986600051149@nsa.gov> Received: from MSHT-GH1-UEA02.corp.nsa.gov ([10.215.227.181]) by nsa.gov ([63.239.67.9]) with ESMTP (TREND IMSS SMTP Service 7.1; TLSv1/SSLv3 AES128-SHA (128/128)) id 3330986600051149 ; Wed, 6 Feb 2013 09:42:35 -0500 Received: from MSMR-GH1-UEA06.corp.nsa.gov (10.215.225.2) by MSHT-GH1-UEA02.corp.nsa.gov (10.215.227.181) with Microsoft SMTP Server (TLS) id 14.1.289.1; Wed, 6 Feb 2013 09:43:32 -0500 Received: from MSMR-GH1-UEA03.corp.nsa.gov ([10.215.224.3]) by MSMR-GH1-UEA06.corp.nsa.gov ([10.215.225.2]) with mapi id 14.01.0289.001; Wed, 6 Feb 2013 09:43:31 -0500 From: "Igoe, Kevin M." To: "cfrg@irtf.org" Thread-Topic: Re: [Cfrg] RG Last Call - draft-irtf-cfrg-ocb-00 Thread-Index: Ac4EeFT8GmebuNaUQ0GBYm0YMPoqdw== Date: Wed, 6 Feb 2013 14:43:30 +0000 Message-ID: <3C4AAD4B5304AB44A6BA85173B4675CA68C0113E@MSMR-GH1-UEA03.corp.nsa.gov> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.215.225.46] Content-Type: multipart/alternative; boundary="_000_3C4AAD4B5304AB44A6BA85173B4675CA68C0113EMSMRGH1UEA03cor_" MIME-Version: 1.0 Subject: Re: [Cfrg] RG Last Call - draft-irtf-cfrg-ocb-00 X-BeenThere: cfrg@irtf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Crypto Forum Research Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 06 Feb 2013 14:43:34 -0000 --_000_3C4AAD4B5304AB44A6BA85173B4675CA68C0113EMSMRGH1UEA03cor_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Looking at the IRTF requirements (which differ slightly from the IETF's), as described at http://wiki.tools.ietf.org/group/irtf/trac/wiki/IRTF-RFCs# there are a few key phrases that need to be worked in (see the section of Research Group Preparation). ---------------------------------------------------------------------------= - There must be a statement in the abstract identifying it as the product of = the RG How about this: "This document is a product of the Crypto Forum Resea= rch Group (CFRG)." ---------------------------------------------------------------------------= - There must be a paragraph near the beginning (for example, in the introduct= ion) describing the level of support for publication. Example text might read: "this docume= nt represents the consensus of the FOOBAR RG" or "the views in this document were conside= red controversial by the FOOBAR RG but the RG reached a consensus that the document should st= ill be published". Aside from IPR issues (sigh), there is nothing controversial here. I = suggest putting in a phrase like: "OCB has received years of in-depth analysis previous to its submi= ssion to the CFRG (see [4] and [5]), and has been under review by the members of t= he CFRG for almost a year. It is the consensus of the CFRG that the security mecha= nisms provided by the OCB AEAD algorithm described in this document are suitable for u= se in providing privacy and authentication." You might want to add a reference that isn't behind a paywall, say IACR= ePrint 2001/026. ---------------------------------------------------------------------------= - The breadth of review the document has received must also be noted. For exa= mple, was this document read by all the active contributors, only three people, or folks = who are not "in" the RG but are expert in the area? I think the text abpve covers that. ----------------+-------------------------------------------------- Kevin M. Igoe | "We can't solve problems by using the same kind kmigoe@nsa.gov | of thinking we used when we created them." | - Albert Einstein - ----------------+-------------------------------------------------- --_000_3C4AAD4B5304AB44A6BA85173B4675CA68C0113EMSMRGH1UEA03cor_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable
Looking at the IRTF requirements (which differ slightly from the IETF&= #8217;s),
as described at
 
 
there are a few key phrases that need to be worked in
(see the section of Research Group Preparation).
 
 
----------------------------------------------------------------------= ------
There must be a statement in the abstract identifying it as the product = of the RG
     H= ow about this:  “This document is a product of the Crypto Forum = Research Group (CFRG).”
 
----------------------------------------------------------------------= ------
There must be a paragraph near the beginning (for example, in the i= ntroduction) describing
the level of support for publication. Example text might read: &quo= t;this document represents
the consensus of the FOOBAR RG" or "the views in this doc= ument were considered controversial
by the FOOBAR RG but the RG reached a consensus that the document s= hould still be published".
 
     Aside from IPR issues (sigh), there is nothin= g controversial here.  I suggest putting in a phrase
    like:
 
         “OCB has receiv= ed years of in-depth analysis previous to its submission to the CFRG
           (see [4] = and [5]), and has been under review by the members of the CFRG for almost <= /div>
           a year.&n= bsp; It is the consensus of the CFRG that the security mechanisms provided = by the
           OCB AEAD = algorithm described in this document are suitable for use in providing priv= acy
          and authenticat= ion.”
 
    You might want to add a reference that isn’t = behind a paywall, say IACR ePrint 2001/026.   
 
----------------------------------------------------------------------= ------
The breadth of review the document has received must also be noted.= For example, was this
document read by all the active contributors, only three people, o= r folks who are not "in" the
RG but are expert in the area?
 
   I think the text abpve covers that.
 
 
----------------+------------------------------------= --------------
Kevin M. Igoe   | "We can't solve problems= by using the same kind
kmigoe@nsa.gov  | of thinking we used when we create= d them."
         &nb= sp;      |      &nbs= p;       - Albert Einstein -
----------------+------------------------------------= --------------
 
 
 
--_000_3C4AAD4B5304AB44A6BA85173B4675CA68C0113EMSMRGH1UEA03cor_-- From ggr@seer-grog.net Wed Feb 6 07:42:09 2013 Return-Path: X-Original-To: cfrg@ietfa.amsl.com Delivered-To: cfrg@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AA28021F85F3 for ; Wed, 6 Feb 2013 07:42:09 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.8 X-Spam-Level: X-Spam-Status: No, score=-1.8 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, SARE_SUB_RAND_LETTRS4=0.799] Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mSSeiuw0yBfX for ; Wed, 6 Feb 2013 07:42:09 -0800 (PST) Received: from homiemail-a22.g.dreamhost.com (caiajhbdcaid.dreamhost.com [208.97.132.83]) by ietfa.amsl.com (Postfix) with ESMTP id EE48121F8589 for ; Wed, 6 Feb 2013 07:42:08 -0800 (PST) Received: from homiemail-a22.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a22.g.dreamhost.com (Postfix) with ESMTP id 577121A8076; Wed, 6 Feb 2013 07:42:08 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=seer-grog.net; h=subject :mime-version:content-type:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; s= seer-grog.net; bh=DgCo4ZWBtv0IyMAp+V9Hn+YrsHk=; b=FJ3ly/1E1y3Jv7 BeAMqSO3CNYdpkpglq+ohDZA5rsxz7IKf8YCb69ab8Pd85GK69h747xCpFLKC+si w30117VWFHVZyN2RV3j8ewdf1l1/BbCHJo4L4O2+RH6VYlUpEUNz3p26B686sx6S amoEqEypFwpnuTt2worjOZWIBo8LU= Received: from [10.0.1.3] (cpe-76-93-178-79.san.res.rr.com [76.93.178.79]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: ggr@seer-grog.net) by homiemail-a22.g.dreamhost.com (Postfix) with ESMTPSA id 0B20E1A8069; Wed, 6 Feb 2013 07:42:08 -0800 (PST) Mime-Version: 1.0 (Apple Message framework v1085) Content-Type: text/plain; charset=windows-1252 From: Greg Rose In-Reply-To: <3C4AAD4B5304AB44A6BA85173B4675CA68C0113E@MSMR-GH1-UEA03.corp.nsa.gov> Date: Wed, 6 Feb 2013 07:42:07 -0800 Content-Transfer-Encoding: quoted-printable Message-Id: <452F0111-0FB7-4F57-AA45-AE5E2536777F@seer-grog.net> References: <3C4AAD4B5304AB44A6BA85173B4675CA68C0113E@MSMR-GH1-UEA03.corp.nsa.gov> To: "Igoe, Kevin M." X-Mailer: Apple Mail (2.1085) Cc: Greg Rose , "cfrg@irtf.org" Subject: Re: [Cfrg] RG Last Call - draft-irtf-cfrg-ocb-00 X-BeenThere: cfrg@irtf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Crypto Forum Research Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 06 Feb 2013 15:42:09 -0000 On 2013 Feb 6, at 6:43 , Igoe, Kevin M. wrote: > There must be a statement in the abstract identifying it as the = product of the RG=20 > How about this: =93This document is a product of the Crypto = Forum Research Group (CFRG).=94 No, it isn't. I for one haven't even read it. > =20 > = --------------------------------------------------------------------------= -- > There must be a paragraph near the beginning (for example, in the = introduction) describing > the level of support for publication. Example text might read: "this = document represents > the consensus of the FOOBAR RG" or "the views in this document were = considered controversial > by the FOOBAR RG but the RG reached a consensus that the document = should still be published". > =20 > Aside from IPR issues (sigh), there is nothing controversial = here. I suggest putting in a phrase > like: > =20 > =93OCB has received years of in-depth analysis previous to = its submission to the CFRG > (see [4] and [5]), and has been under review by the members = of the CFRG for almost > a year. It is the consensus of the CFRG that the security = mechanisms provided by the > OCB AEAD algorithm described in this document are suitable = for use in providing privacy > and authentication.=94 > =20 > You might want to add a reference that isn=92t behind a paywall, = say IACR ePrint 2001/026. =20 Knowing the background and the authors, I can go along with "consensus". = But in some standards bodies (I don't actually do all that much with = IETF so I don't know the true position here) the word "consensus" has a = defined meaning. I'm not sure we correctly can use it... Greg. From ted@krovetz.net Wed Feb 6 07:57:46 2013 Return-Path: X-Original-To: cfrg@ietfa.amsl.com Delivered-To: cfrg@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7419D21F8691 for ; Wed, 6 Feb 2013 07:57:46 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.8 X-Spam-Level: X-Spam-Status: No, score=-2.8 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1, SARE_SUB_RAND_LETTRS4=0.799] Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PH-A3YBOuisU for ; Wed, 6 Feb 2013 07:57:46 -0800 (PST) Received: from mail-da0-f48.google.com (mail-da0-f48.google.com [209.85.210.48]) by ietfa.amsl.com (Postfix) with ESMTP id 0C7DE21F85F3 for ; Wed, 6 Feb 2013 07:57:46 -0800 (PST) Received: by mail-da0-f48.google.com with SMTP id v40so741983dad.7 for ; Wed, 06 Feb 2013 07:57:45 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=x-received:content-type:mime-version:subject:from:in-reply-to:date :content-transfer-encoding:message-id:references:to:x-mailer :x-gm-message-state; bh=ajy4T5uYjV9OmKKfX1l3uxXXrJqDb/nDBp/EN/By+qs=; b=SMIybsJlmChRmXJasyo2S6X3b+xUVGa2RDMe1trcl/S+FCsYHxfmw8MIMw911OQh3f +7Naccy4ZeMZAx0EzJV88i8iS07p0vkDjcqsbe7lT9vL6Pg13thRaZktRLhkHvC39Mje nNcszTGgHCpiFmPvhKeFqT59eiIxENqiy5tzrqAYSpZupDAOpIv6wm7tqIZlP46JHwq8 zV7oSoufR7+EwNu6cJY592yc9rRPVwvsJ3doonzFC1lUoH8mJRbBpY7EddEMRz/myQdH RLipQxtDkEtgap4WNk5tujJpYpDUlUyP6EPzo49pXBYsSN8AKxxOivnKMUvJYDZZ2sIV tRFg== X-Received: by 10.66.79.168 with SMTP id k8mr76974444pax.22.1360166265392; Wed, 06 Feb 2013 07:57:45 -0800 (PST) Received: from isis.ecs.csus.edu ([130.86.68.216]) by mx.google.com with ESMTPS id a4sm38700110paw.21.2013.02.06.07.57.43 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Wed, 06 Feb 2013 07:57:44 -0800 (PST) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 6.2 \(1499\)) From: Ted Krovetz In-Reply-To: <4613980CFC78314ABFD7F85CC30277211199CFD4@IL-EX10.ad.checkpoint.com> Date: Wed, 6 Feb 2013 07:57:41 -0800 Content-Transfer-Encoding: quoted-printable Message-Id: <71ABEEC5-8AF7-43B4-A3D9-4D3AFBD6AAE8@krovetz.net> References: <803CC67D-E708-41D4-9865-5C42FF1D626F@krovetz.net> <4613980CFC78314ABFD7F85CC30277211199CFD4@IL-EX10.ad.checkpoint.com> To: "cfrg@irtf.org" X-Mailer: Apple Mail (2.1499) X-Gm-Message-State: ALoCoQknGvmfk0aUAPFUuN1LUMad5T6ojwNyZcp1w9Upg+z/HcUE+jBoYccbmSyqSjZaSpTnY4+4 Subject: Re: [Cfrg] RG Last Call - draft-irtf-cfrg-ocb-00 X-BeenThere: cfrg@irtf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Crypto Forum Research Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 06 Feb 2013 15:57:46 -0000 > How can it be used in a "product" Everything everyone produces is a product. I did not mean to imply = commercial product. > Also, why is "military use" specifically directed at the US military = rather than any other military in the world? The license says it applies to "foreign counterparts of these = organizations." > Let's say OCB gets added to OpenSSL ... How is this supposed to be = enforced by the logistics company? Nice point. We will confer with the authors of the license to clarify = such scenarios. Kevin's suggested modifications to the text are fine with me. I will = wait to see the outcome of these discussions before making them, = however. -Ted= From prvs=5749f873a1=uri@ll.mit.edu Wed Feb 6 08:24:43 2013 Return-Path: X-Original-To: cfrg@ietfa.amsl.com Delivered-To: cfrg@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 00A5021F8956 for ; Wed, 6 Feb 2013 08:24:43 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -5.101 X-Spam-Level: X-Spam-Status: No, score=-5.101 tagged_above=-999 required=5 tests=[AWL=0.698, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, SARE_SUB_RAND_LETTRS4=0.799, UNPARSEABLE_RELAY=0.001] Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tlSIRGuuL5r5 for ; Wed, 6 Feb 2013 08:24:42 -0800 (PST) Received: from mx2.ll.mit.edu (MX2.LL.MIT.EDU [129.55.12.46]) by ietfa.amsl.com (Postfix) with ESMTP id 312B621F88E4 for ; Wed, 6 Feb 2013 08:24:42 -0800 (PST) Received: from LLE2K7-HUB02.mitll.ad.local (LLE2K7-HUB02.mitll.ad.local) by mx2.ll.mit.edu (unknown) with ESMTP id r16GOfeQ022719; Wed, 6 Feb 2013 11:24:41 -0500 From: "Blumenthal, Uri - 0558 - MITLL" To: Greg Rose , "Igoe, Kevin M." Date: Wed, 6 Feb 2013 11:24:37 -0500 Thread-Topic: [Cfrg] RG Last Call - draft-irtf-cfrg-ocb-00 Thread-Index: Ac4Ehnaat4aJByXnTdq+Dct6yHkijw== Message-ID: In-Reply-To: <452F0111-0FB7-4F57-AA45-AE5E2536777F@seer-grog.net> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: yes X-MS-TNEF-Correlator: user-agent: Microsoft-MacOutlook/14.2.5.121010 acceptlanguage: en-US Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha1; boundary="B_3442994677_30097662" MIME-Version: 1.0 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.9.8327, 1.0.431, 0.0.0000 definitions=2013-02-06_02:2013-02-06, 2013-02-06, 1970-01-01 signatures=0 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 ipscore=0 suspectscore=2 phishscore=0 bulkscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=6.0.2-1211240000 definitions=main-1302060098 Cc: "cfrg@irtf.org" Subject: Re: [Cfrg] RG Last Call - draft-irtf-cfrg-ocb-00 X-BeenThere: cfrg@irtf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Crypto Forum Research Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 06 Feb 2013 16:24:43 -0000 --B_3442994677_30097662 Content-type: text/plain; charset="ISO-8859-1" Content-transfer-encoding: quoted-printable I concur with Greg. My opinion is - this mode is technically sound (and that's probably is this group's consensus) but practically unusable in any serious product (commercial or otherwise) because of its licensing terms. This licensing makes me leery to accept this AEAD mode for standardization (despite that it is faster than the alternatives) when we already have acceptable standardized non-encumbered (and reasonably fast) modes such as GCM.=20 Performance isn't all, after all. :-) -- Regards, Uri Blumenthal On 2/6/13 10:42 , "Greg Rose" wrote: > >On 2013 Feb 6, at 6:43 , Igoe, Kevin M. wrote: > >> There must be a statement in the abstract identifying it as the product >>of the RG=20 >> How about this: =B3This document is a product of the Crypto Forum >>Research Group (CFRG).=B2 > >No, it isn't. I for one haven't even read it. >> =20 >>=20 >>------------------------------------------------------------------------- >>--- >> There must be a paragraph near the beginning (for example, in the >>introduction) describing >> the level of support for publication. Example text might read: "this >>document represents >> the consensus of the FOOBAR RG" or "the views in this document were >>considered controversial >> by the FOOBAR RG but the RG reached a consensus that the document >>should still be published". >> =20 >> Aside from IPR issues (sigh), there is nothing controversial here. >> I suggest putting in a phrase >> like: >> =20 >> =B3OCB has received years of in-depth analysis previous to its >>submission to the CFRG >> (see [4] and [5]), and has been under review by the members >>of the CFRG for almost >> a year. It is the consensus of the CFRG that the security >>mechanisms provided by the >> OCB AEAD algorithm described in this document are suitable >>for use in providing privacy >> and authentication.=B2 >> =20 >> You might want to add a reference that isn=B9t behind a paywall, say >>IACR ePrint 2001/026. > >Knowing the background and the authors, I can go along with "consensus". >But in some standards bodies (I don't actually do all that much with IETF >so I don't know the true position here) the word "consensus" has a >defined meaning. I'm not sure we correctly can use it... > >Greg. > >_______________________________________________ >Cfrg mailing list >Cfrg@irtf.org >http://www.irtf.org/mailman/listinfo/cfrg --B_3442994677_30097662 Content-Type: application/pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" MIIUAAYJKoZIhvcNAQcCoIIT8TCCE+0CAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHAaCC EeMwggTLMIIDs6ADAgECAgoTvp8EAAAAAEiAMA0GCSqGSIb3DQEBCwUAMFExCzAJBgNVBAYT AlVTMR8wHQYDVQQKExZNSVQgTGluY29sbiBMYWJvcmF0b3J5MQwwCgYDVQQLEwNQS0kxEzAR BgNVBAMTCk1JVExMIENBLTIwHhcNMTIwNzE2MTgwNzA2WhcNMTMwNzE2MTgwNzA2WjBhMQsw CQYDVQQGEwJVUzEfMB0GA1UEChMWTUlUIExpbmNvbG4gTGFib3JhdG9yeTEPMA0GA1UECxMG UGVvcGxlMSAwHgYDVQQDExdCbHVtZW50aGFsLlVyaS41MDAxMDU4NDCCASIwDQYJKoZIhvcN AQEBBQADggEPADCCAQoCggEBALQbhERcgi7bVsw6WLXunsi9ymPD09JMrF1iGlCDF4ZO1+W5 Lp6znDFyubLdbP3qikgcXWfByMzsHUzoSQD1Bp9O7mKa656rMu3mez/ItydJBw/LMZYSYc+6 4DB4KuzvA2DnTaQ41I0SqFE0DrksfBi8ePO/Xv7PQRNUl45Y7VSB6xoA7DfTZO5IZ4e6Om90 /AnVBE+aee40kxvmDWGr1jvFxv/gSvQA3PxcwnCxzn699bpAtz8VUdfTsewhy+g5OonBLSzg I/yIyCd6g2eQQcw6g10eQJopUnoKv1o0TIss1pwK5SZG3mM2FCFECL1vV8NMTQ4AuS3OSO7i 3AX2g1cCAwEAAaOCAZMwggGPMB0GA1UdDgQWBBSw8IXAP4OJKTOqBKNPgRR1LceLVzAOBgNV HQ8BAf8EBAMCBsAwHwYDVR0jBBgwFoAUjkp9iaFjFxyBiDRXNyZFXhmKfiQwMwYDVR0fBCww KjAooCagJIYiaHR0cDovL2NybC5sbC5taXQuZWR1L2dldGNybC9MTENBMjBiBggrBgEFBQcB AQRWMFQwLQYIKwYBBQUHMAKGIWh0dHA6Ly9jcmwubGwubWl0LmVkdS9nZXR0by9MTENBMjAj BggrBgEFBQcwAYYXaHR0cDovL29jc3AubGwubWl0LmVkdS8wDAYDVR0TAQH/BAIwADA9Bgkr BgEEAYI3FQcEMDAuBiYrBgEEAYI3FQiDg+Udh+ynZoathxWD6vBFhbahHx2Fy94yh/+KcwIB ZAIBBTAiBgNVHSUBAf8EGDAWBggrBgEFBQcDBAYKKwYBBAGCNwoDDDAYBgNVHSAEETAPMA0G CyqGSIb3EgIBAwEIMBkGA1UdEQQSMBCBDnVyaUBsbC5taXQuZWR1MA0GCSqGSIb3DQEBCwUA A4IBAQCheTHY3ppuUbzU5Quma4TR1Rhr0r+BfIMJyrfrmA9gNIoFzK0MbK1xxRv/9Nz/9sRQ ukIWIIfjyQlNDIiCl+8yut3V31v5NW+T0NB4GGIYicWI+ID8tBfvaHaniZ+bP/wEsZMOPq1J kh4E28mRAsHMuYhu6kraGj0yRi4Y3zuxJIeRN7NGYFCglFaPSeOQ33m0o5oyyMNfdDcDX7T/ 3pSSNFk/gAcPoI+XvC0sXS2cVYqvDGwzsT58M+6jvg0FDb8z/BIO2OL2KpO+ojeNSNud4Cf4 7gEpChuvx36vgLLq+J1s9BIXKk7FVAIdbD5KKnO/HiDpqamScI6p3Lc3PQZuMIIEtzCCA5+g AwIBAgIBFDANBgkqhkiG9w0BAQsFADBUMQswCQYDVQQGEwJVUzEfMB0GA1UEChMWTUlUIExp bmNvbG4gTGFib3JhdG9yeTEMMAoGA1UECxMDUEtJMRYwFAYDVQQDEw1NSVRMTCBSb290IENB MB4XDTA5MTIxNDEyMDAwMFoXDTE1MTIzMTIzNTk1OVowUTELMAkGA1UEBhMCVVMxHzAdBgNV BAoTFk1JVCBMaW5jb2xuIExhYm9yYXRvcnkxDDAKBgNVBAsTA1BLSTETMBEGA1UEAxMKTUlU TEwgQ0EtMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKcEyyNhSIfsN6AzBwVh Zkzo6SdjNGAQ7mA2A8T0kmdCB8MH6jWjVVMwFZwlg9cgjgLKEuEO9KN8K9M8jgeZEMoinlRf k3YELPC7sEkkzBQkcVpLhEwALue9iHowgSLGmXZpYKmRhfvhvYJ4MNCuIaWpcK/GaDZCE+U2 aTg42kv/zQrH3AoqFX81OF7niwXNnanP1hQRfkMTRrnaEW8DX0TMaG/t9Ry5xSMrLTNc9DvQ tjA5ZcuWnECiUpyDBFWxLr9yx7xgf1/LwgCxcoBeKSBBoWzkQmKAsgMo9Mq1Fp/nnIqw5FKm gOs7Vy+6e0Dk+cgf+oAV8AK8ZFMQrVE0uH0CAwEAAaOCAZUwggGRMBIGA1UdEwEB/wQIMAYB Af8CAQAwHQYDVR0OBBYEFI5KfYmhYxccgYg0VzcmRV4Zin4kMB8GA1UdIwQYMBaAFGeqes/0 Cqa5crWKoNKd8hDDQ+0pMA4GA1UdDwEB/wQEAwIBhjBhBggrBgEFBQcBAQRVMFMwLQYIKwYB BQUHMAKGIWh0dHA6Ly9jcmwubGwubWl0LmVkdS9nZXR0bz9MTFJDQTAiBggrBgEFBQcwAYYW aHR0cDovL29jc3AubGwubWl0LmVkdTAzBgNVHR8ELDAqMCigJqAkhiJodHRwOi8vY3JsLmxs Lm1pdC5lZHUvZ2V0Y3JsP0xMUkNBMIGSBgNVHSAEgYowgYcwDQYLKoZIhvcSAgEDAQYwDQYL KoZIhvcSAgEDAQgwDQYLKoZIhvcSAgEDAQcwDQYLKoZIhvcSAgEDAQkwDQYLKoZIhvcSAgED AQowDQYLKoZIhvcSAgEDAQswDQYLKoZIhvcSAgEDAQ4wDQYLKoZIhvcSAgEDAQ8wDQYLKoZI hvcSAgEDARAwDQYJKoZIhvcNAQELBQADggEBAIh3BqHQ/XH8C6DCL+eEGroOzxBcCqTNItms v4MANaOTodgU2jrjHcGjXlzqhpb8ZxOlkAK3dK09rc6+yACcoK2TzVtDRZXYxov/SqZRjI3d ufU2JatAPxosCyy/1otjl1TKUY47Wvft31vdf5i0XK2DQVEJ+XlqtgBiFTVIMIfBJwPajrsi z+pgFEYwhhwJxvs8flSi0FLCE77VYLEioP5hxG6zIPeQRxzh1bogbfphWHHtoiTDkBSZ4Ufv GXQTVf7QjhD5yYw10yICtjHmtgbfgBkH5/vvR92NY9RSlNPzZqmGKIia61bJCmagRYGyexfe dVNF0cJWL4J/cLHhgNYwggODMIICa6ADAgECAgEBMA0GCSqGSIb3DQEBBQUAMFQxCzAJBgNV BAYTAlVTMR8wHQYDVQQKExZNSVQgTGluY29sbiBMYWJvcmF0b3J5MQwwCgYDVQQLEwNQS0kx FjAUBgNVBAMTDU1JVExMIFJvb3QgQ0EwHhcNMDgwOTIzMTIwMDAwWhcNMjkxMjMxMjM1OTU5 WjBUMQswCQYDVQQGEwJVUzEfMB0GA1UEChMWTUlUIExpbmNvbG4gTGFib3JhdG9yeTEMMAoG A1UECxMDUEtJMRYwFAYDVQQDEw1NSVRMTCBSb290IENBMIIBIjANBgkqhkiG9w0BAQEFAAOC AQ8AMIIBCgKCAQEAxU4pF1iyJrL5rYq/XBAKg93kCTATG7Bw0NGFpEJ1A3Xsr6UIIq9/1VJB OgCwDqrVsAK1lRwy/lkrHzPkobiMr1wzjQ28SR/9sg5kAcmrMqBYbc302qtwCGKZxdNdhAh2 nUOCO10AMpUsCNdpikPY9ukT8lsA+eorM4Q1rc/L0J6AHRptOU7IuDBdZj+tdNb7gv+GKknr 6wj9m2sVGawoaG7AAqhsWvQUM/q4h/H5FpYlwnVAEh2AzhqiG9bwl6uJJIzJ/8uUWldNkVwz 1I5fR/vCaxiLXIW4oUydBuRKTG+ekEoxHGuD73yx5JtsSciS8HQL2oEM8tv+VAC+albqgwID AQABo2AwXjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRnqnrP9AqmuXK1iqDSnfIQw0Pt KTAfBgNVHSMEGDAWgBRnqnrP9AqmuXK1iqDSnfIQw0PtKTALBgNVHQ8EBAMCAYYwDQYJKoZI hvcNAQEFBQADggEBAD4bbQVg0Hh42EpYX4/JPkNS3OUAEWR/YgzZUY1QGi9rQZ4pfcjU1/Ta oNT8Y7Yf0RO+e9NiG9+BDhQH/kQiZOQo9rv9NUb8xDtKCYCad7zEQtVsYsWuvK2XLw/Ji1m2 eBvoOB4RS/5LAWfNws7W+DWt2ayzeTCyrLSrx7ZVgBjzNOm0TPIkbfppdwgxuo7FZL8ts+M2 492Al87d3VasevUS1pprRBEupChmPTt1hjtajkQOpT4BQAzP1lVEYrWzlv+O/lbP9iujKpYW cfYqQ3FGf37YCvuDeues4xm+nqmyraNsNeI8Gh3XDIwqfzHnLhy4Y80VyqN/Jj8df3SK9AAw ggTOMIIDtqADAgECAgpDgT5qAAAAADKHMA0GCSqGSIb3DQEBCwUAMFExCzAJBgNVBAYTAlVT MR8wHQYDVQQKExZNSVQgTGluY29sbiBMYWJvcmF0b3J5MQwwCgYDVQQLEwNQS0kxEzARBgNV BAMTCk1JVExMIENBLTIwHhcNMTIwMzA1MTUxODA3WhcNMTMwMzA1MTUxODA3WjBhMQswCQYD VQQGEwJVUzEfMB0GA1UEChMWTUlUIExpbmNvbG4gTGFib3JhdG9yeTEPMA0GA1UECxMGUGVv cGxlMSAwHgYDVQQDExdCbHVtZW50aGFsLlVyaS41MDAxMDU4NDCCASIwDQYJKoZIhvcNAQEB BQADggEPADCCAQoCggEBAM1hd7gYE3EAuUHpQXBAAsld4ttPFF2dJILTwLxpMAwAOeuCE2FN Qm7r5aIXSmwfYReSBSvZ01k6YOx3hqxMUJYgDTWvQ9A5OEufC3aD71g18VhHvqMs8uBEj7aX Na6dNd8V10yl4GZ4pXffNSN1Qb1S6pQ0r9NNILb+ZSevs3DGNE5rZwHxM0Ed62MjDyR4r7tL pFbkvlEFDdj8epEz7C6zEUPLyr8JjCDbLqhV4uoNdQQxweEPhSVadd5bDoT5w9OM4h4g/1hU PI/zuzp1pZLWiRigsmsCiT2YQUs3phYnRGkRzyenY3Usu+HtXtG1fSleaoeZtOqlcT01RBtP K1MCAwEAAaOCAZYwggGSMB0GA1UdDgQWBBShib6es0uFKEYxkMQRe+e7efVhBzAOBgNVHQ8B Af8EBAMCBSAwHwYDVR0jBBgwFoAUjkp9iaFjFxyBiDRXNyZFXhmKfiQwMwYDVR0fBCwwKjAo oCagJIYiaHR0cDovL2NybC5sbC5taXQuZWR1L2dldGNybC9MTENBMjBiBggrBgEFBQcBAQRW MFQwLQYIKwYBBQUHMAKGIWh0dHA6Ly9jcmwubGwubWl0LmVkdS9nZXR0by9MTENBMjAjBggr BgEFBQcwAYYXaHR0cDovL29jc3AubGwubWl0LmVkdS8wDAYDVR0TAQH/BAIwADA9BgkrBgEE AYI3FQcEMDAuBiYrBgEEAYI3FQiDg+Udh+ynZoathxWD6vBFhbahHx2F69Bwg+vtIAIBZAIB BDAlBgNVHSUEHjAcBgRVHSUABggrBgEFBQcDBAYKKwYBBAGCNwoDBDAYBgNVHSAEETAPMA0G CyqGSIb3EgIBAwEIMBkGA1UdEQQSMBCBDnVyaUBsbC5taXQuZWR1MA0GCSqGSIb3DQEBCwUA A4IBAQBqmZjWIBD5zFsLODc5rYV8zKQKukfF+u4DpNFzEHbCjNn1TBLBa0HVy1kLBA1ZwQPi cOw/XFgW8GHJo6Zpnd0NWwr02KbzJEn3wm5NmYWRTvuW9ld9O8/vkoPl0EmOfCbLoeQHNiEM lkBgoiC3nx54JaUTubWVcY7/caYldaT+VllH+y3PDB5yfO0YnAXkDbDqr+OBAM7dRe0QhcgS ZxTcRnrWGTUHwVV1yl4+Mxc++V1iLX1HdC1IdfKYHhswJbKOteuuCRLuhbKLpX/+y5cl6I/w 9u44Y86l34NExCasoNebcTzSVR5bKEWGhbntpDULl8cLMzXGlPQ5Oh614HeSMYIB5TCCAeEC AQEwXzBRMQswCQYDVQQGEwJVUzEfMB0GA1UEChMWTUlUIExpbmNvbG4gTGFib3JhdG9yeTEM MAoGA1UECxMDUEtJMRMwEQYDVQQDEwpNSVRMTCBDQS0yAgoTvp8EAAAAAEiAMAkGBSsOAwIa BQCgXTAjBgkqhkiG9w0BCQQxFgQU5CQJNJjovGxTLaXVlg10KIzRieUwGAYJKoZIhvcNAQkD MQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMTMwMjA2MTYyNDM3WjANBgkqhkiG9w0B AQEFAASCAQAWstso+nxXWv2xyhZGB4YSOvKVsww/7K6gYDZw3sRNkLKraZ/x+xOK8SSRi1wA NlNYZbSh40zE9Skx1n4/Uizi/Ns8rpHDrpx7074RtnXsiCQEQPDyleMHPDagzLYQR02ch93x WUgaRxy6AwcFj0qdfb3iHeq122G/XQuCRgdcu93zsIHzOZSb0gvFCJX64RRT9V2fZ0t2Irh6 CtV1PKjpo0/j4WUWd0Nn6/Qx9wKI1OFGTG/NbuQMXnOtCPkGFotJlb1lfeZ4MnS2NcIU2g+4 cH4ClYry5PFt4dwhn/VUsPjuEHn+uCgBekNe+t6HeRmV2VLEZtjytvGYaDbPPM4l --B_3442994677_30097662-- From ted@krovetz.net Wed Feb 6 08:52:04 2013 Return-Path: X-Original-To: cfrg@ietfa.amsl.com Delivered-To: cfrg@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 58FC321F85DF for ; Wed, 6 Feb 2013 08:52:04 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.8 X-Spam-Level: X-Spam-Status: No, score=-2.8 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1, SARE_SUB_RAND_LETTRS4=0.799] Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VLbp5uHqMwR8 for ; Wed, 6 Feb 2013 08:52:03 -0800 (PST) Received: from mail-da0-f50.google.com (mail-da0-f50.google.com [209.85.210.50]) by ietfa.amsl.com (Postfix) with ESMTP id D953221F8505 for ; Wed, 6 Feb 2013 08:52:03 -0800 (PST) Received: by mail-da0-f50.google.com with SMTP id h15so756867dan.23 for ; Wed, 06 Feb 2013 08:52:03 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=x-received:content-type:mime-version:subject:from:in-reply-to:date :content-transfer-encoding:message-id:references:to:x-mailer :x-gm-message-state; bh=w3kFu9WHyClo1U3w8Ix+BiRq2/g1B/FER5PfqSmKfuc=; b=jfh7P23XSHg+iwLX77sbzY8AnqbxfBaT57/VX7JIS7CCQ/Ih/1r8wf46MK0dh0xPkL Pvxq4WuV3Qv8+VZCbcc4ATy8mNmQ/A00YBU9MYuWoCjFxoxsvvkyNryoZW3OSWw9ygLW x+puMdJzBXnG2z5sokj4AVxP5ovMnn2uHviUNMJr5XSGJi2NxojFDrpPjm2gcywJ6fhI 8bRtnWBFvN9FRRbUn89SyMFcRNFsl0jCy7skpgAEculqDmGvyKBjRy5JreYigyG8fgwy 548uvL9pbtXnkBLeR/OiThDZogXv4OCMs8/yoWngkVpNQBPfDKxU0bolqgv3juk5TO2p lUDQ== X-Received: by 10.66.73.138 with SMTP id l10mr77391655pav.44.1360169523219; Wed, 06 Feb 2013 08:52:03 -0800 (PST) Received: from isis.ecs.csus.edu ([130.86.68.216]) by mx.google.com with ESMTPS id z10sm39027560pay.7.2013.02.06.08.52.01 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Wed, 06 Feb 2013 08:52:02 -0800 (PST) Content-Type: text/plain; charset=iso-8859-1 Mime-Version: 1.0 (Mac OS X Mail 6.2 \(1499\)) From: Ted Krovetz In-Reply-To: Date: Wed, 6 Feb 2013 08:51:59 -0800 Content-Transfer-Encoding: quoted-printable Message-Id: References: To: "cfrg@irtf.org" X-Mailer: Apple Mail (2.1499) X-Gm-Message-State: ALoCoQnJlpRfRFWutU/SD0XbZm+pQj/TuufRz5TfIqMeAMWkbRcEGTO1wx5AqIYJ8Oq1Gri0+dqw Subject: Re: [Cfrg] RG Last Call - draft-irtf-cfrg-ocb-00 X-BeenThere: cfrg@irtf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Crypto Forum Research Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 06 Feb 2013 16:52:04 -0000 > practically unusable in any serious product (commercial or otherwise) = because of its licensing terms. I certainly hope that we can convince you that this is not true. There are a huge number of serious open-source products that all fall = under License 1's simple terms (linux, gnu, any project using any = OSI-approved license, etc). Note that License 1 does not have a non-military provision, meaning that = open-source software need not worry about it. And we are determined try to make License 2 workable, which would then = make all software (open or closed, commercial or non-commercial) free = for non-military use, and hardware implementations free for = non-commercial non-military purposes. That allows for a lot of serious products.= From prvs=5749f873a1=uri@ll.mit.edu Wed Feb 6 09:00:59 2013 Return-Path: X-Original-To: cfrg@ietfa.amsl.com Delivered-To: cfrg@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B1BF721F8A0D for ; Wed, 6 Feb 2013 09:00:59 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -5.333 X-Spam-Level: X-Spam-Status: No, score=-5.333 tagged_above=-999 required=5 tests=[AWL=0.466, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, SARE_SUB_RAND_LETTRS4=0.799, UNPARSEABLE_RELAY=0.001] Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yYN5Ki97P53V for ; Wed, 6 Feb 2013 09:00:59 -0800 (PST) Received: from mx2.ll.mit.edu (MX2.LL.MIT.EDU [129.55.12.46]) by ietfa.amsl.com (Postfix) with ESMTP id E80DD21F89AA for ; Wed, 6 Feb 2013 09:00:58 -0800 (PST) Received: from LLE2K7-HUB01.mitll.ad.local (LLE2K7-HUB01.mitll.ad.local) by mx2.ll.mit.edu (unknown) with ESMTP id r16H0wu7014216; Wed, 6 Feb 2013 12:00:58 -0500 From: "Blumenthal, Uri - 0558 - MITLL" To: Ted Krovetz , "cfrg@irtf.org" Date: Wed, 6 Feb 2013 12:00:55 -0500 Thread-Topic: [Cfrg] RG Last Call - draft-irtf-cfrg-ocb-00 Thread-Index: Ac4Ei4h6txWoo8ufRAy1virv4Hbokg== Message-ID: In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: yes X-MS-TNEF-Correlator: user-agent: Microsoft-MacOutlook/14.2.5.121010 acceptlanguage: en-US Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha1; boundary="B_3442996855_30246777" MIME-Version: 1.0 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.9.8327, 1.0.431, 0.0.0000 definitions=2013-02-06_02:2013-02-06, 2013-02-06, 1970-01-01 signatures=0 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 ipscore=0 suspectscore=2 phishscore=0 bulkscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=6.0.2-1211240000 definitions=main-1302060101 Subject: Re: [Cfrg] RG Last Call - draft-irtf-cfrg-ocb-00 X-BeenThere: cfrg@irtf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Crypto Forum Research Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 06 Feb 2013 17:00:59 -0000 --B_3442996855_30246777 Content-type: text/plain; charset="US-ASCII" Content-transfer-encoding: 7bit >>practically unusable in any serious product (commercial or otherwise) >>because of its licensing terms. > >I certainly hope that we can convince you that this is not true. I'd love to be convinced, as (contrary to how it may appear) I'm not averse to faster AEAD modes. :) >There are a huge number of serious open-source products that all fall >under License 1's simple terms (linux, gnu, any project using any >OSI-approved license, etc). > >Note that License 1 does not have a non-military provision, meaning that >open-source software need not worry about it. Let's consider a hypothetical case: a company X adds an OCB implementation to OpenSSL (or Crypto++) and then use that library/package in their proprietary "SuperComm" software thatthey subsequently sell to Department of Defense and to Department of Energy. First - are they even allowed to to that under this license? Second - how much of the source code do they have to make available to satisfy the terms of "License 1"? Just the OCB code? The entire OpenSSL or Crypto++? The entire "SuperComm" source? >And we are determined try to make License 2 workable, which would then >make all software (open or closed, commercial or non-commercial) free for >non-military use, and hardware implementations free for non-commercial >non-military purposes. Non-commercial hardware? I'd like to see an example of that, and maybe a box of samples. :) --B_3442996855_30246777 Content-Type: application/pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" MIIUAAYJKoZIhvcNAQcCoIIT8TCCE+0CAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHAaCC EeMwggTLMIIDs6ADAgECAgoTvp8EAAAAAEiAMA0GCSqGSIb3DQEBCwUAMFExCzAJBgNVBAYT AlVTMR8wHQYDVQQKExZNSVQgTGluY29sbiBMYWJvcmF0b3J5MQwwCgYDVQQLEwNQS0kxEzAR BgNVBAMTCk1JVExMIENBLTIwHhcNMTIwNzE2MTgwNzA2WhcNMTMwNzE2MTgwNzA2WjBhMQsw CQYDVQQGEwJVUzEfMB0GA1UEChMWTUlUIExpbmNvbG4gTGFib3JhdG9yeTEPMA0GA1UECxMG UGVvcGxlMSAwHgYDVQQDExdCbHVtZW50aGFsLlVyaS41MDAxMDU4NDCCASIwDQYJKoZIhvcN AQEBBQADggEPADCCAQoCggEBALQbhERcgi7bVsw6WLXunsi9ymPD09JMrF1iGlCDF4ZO1+W5 Lp6znDFyubLdbP3qikgcXWfByMzsHUzoSQD1Bp9O7mKa656rMu3mez/ItydJBw/LMZYSYc+6 4DB4KuzvA2DnTaQ41I0SqFE0DrksfBi8ePO/Xv7PQRNUl45Y7VSB6xoA7DfTZO5IZ4e6Om90 /AnVBE+aee40kxvmDWGr1jvFxv/gSvQA3PxcwnCxzn699bpAtz8VUdfTsewhy+g5OonBLSzg I/yIyCd6g2eQQcw6g10eQJopUnoKv1o0TIss1pwK5SZG3mM2FCFECL1vV8NMTQ4AuS3OSO7i 3AX2g1cCAwEAAaOCAZMwggGPMB0GA1UdDgQWBBSw8IXAP4OJKTOqBKNPgRR1LceLVzAOBgNV HQ8BAf8EBAMCBsAwHwYDVR0jBBgwFoAUjkp9iaFjFxyBiDRXNyZFXhmKfiQwMwYDVR0fBCww KjAooCagJIYiaHR0cDovL2NybC5sbC5taXQuZWR1L2dldGNybC9MTENBMjBiBggrBgEFBQcB AQRWMFQwLQYIKwYBBQUHMAKGIWh0dHA6Ly9jcmwubGwubWl0LmVkdS9nZXR0by9MTENBMjAj BggrBgEFBQcwAYYXaHR0cDovL29jc3AubGwubWl0LmVkdS8wDAYDVR0TAQH/BAIwADA9Bgkr BgEEAYI3FQcEMDAuBiYrBgEEAYI3FQiDg+Udh+ynZoathxWD6vBFhbahHx2Fy94yh/+KcwIB ZAIBBTAiBgNVHSUBAf8EGDAWBggrBgEFBQcDBAYKKwYBBAGCNwoDDDAYBgNVHSAEETAPMA0G CyqGSIb3EgIBAwEIMBkGA1UdEQQSMBCBDnVyaUBsbC5taXQuZWR1MA0GCSqGSIb3DQEBCwUA A4IBAQCheTHY3ppuUbzU5Quma4TR1Rhr0r+BfIMJyrfrmA9gNIoFzK0MbK1xxRv/9Nz/9sRQ ukIWIIfjyQlNDIiCl+8yut3V31v5NW+T0NB4GGIYicWI+ID8tBfvaHaniZ+bP/wEsZMOPq1J kh4E28mRAsHMuYhu6kraGj0yRi4Y3zuxJIeRN7NGYFCglFaPSeOQ33m0o5oyyMNfdDcDX7T/ 3pSSNFk/gAcPoI+XvC0sXS2cVYqvDGwzsT58M+6jvg0FDb8z/BIO2OL2KpO+ojeNSNud4Cf4 7gEpChuvx36vgLLq+J1s9BIXKk7FVAIdbD5KKnO/HiDpqamScI6p3Lc3PQZuMIIEtzCCA5+g AwIBAgIBFDANBgkqhkiG9w0BAQsFADBUMQswCQYDVQQGEwJVUzEfMB0GA1UEChMWTUlUIExp bmNvbG4gTGFib3JhdG9yeTEMMAoGA1UECxMDUEtJMRYwFAYDVQQDEw1NSVRMTCBSb290IENB MB4XDTA5MTIxNDEyMDAwMFoXDTE1MTIzMTIzNTk1OVowUTELMAkGA1UEBhMCVVMxHzAdBgNV BAoTFk1JVCBMaW5jb2xuIExhYm9yYXRvcnkxDDAKBgNVBAsTA1BLSTETMBEGA1UEAxMKTUlU TEwgQ0EtMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKcEyyNhSIfsN6AzBwVh Zkzo6SdjNGAQ7mA2A8T0kmdCB8MH6jWjVVMwFZwlg9cgjgLKEuEO9KN8K9M8jgeZEMoinlRf k3YELPC7sEkkzBQkcVpLhEwALue9iHowgSLGmXZpYKmRhfvhvYJ4MNCuIaWpcK/GaDZCE+U2 aTg42kv/zQrH3AoqFX81OF7niwXNnanP1hQRfkMTRrnaEW8DX0TMaG/t9Ry5xSMrLTNc9DvQ tjA5ZcuWnECiUpyDBFWxLr9yx7xgf1/LwgCxcoBeKSBBoWzkQmKAsgMo9Mq1Fp/nnIqw5FKm gOs7Vy+6e0Dk+cgf+oAV8AK8ZFMQrVE0uH0CAwEAAaOCAZUwggGRMBIGA1UdEwEB/wQIMAYB Af8CAQAwHQYDVR0OBBYEFI5KfYmhYxccgYg0VzcmRV4Zin4kMB8GA1UdIwQYMBaAFGeqes/0 Cqa5crWKoNKd8hDDQ+0pMA4GA1UdDwEB/wQEAwIBhjBhBggrBgEFBQcBAQRVMFMwLQYIKwYB BQUHMAKGIWh0dHA6Ly9jcmwubGwubWl0LmVkdS9nZXR0bz9MTFJDQTAiBggrBgEFBQcwAYYW aHR0cDovL29jc3AubGwubWl0LmVkdTAzBgNVHR8ELDAqMCigJqAkhiJodHRwOi8vY3JsLmxs Lm1pdC5lZHUvZ2V0Y3JsP0xMUkNBMIGSBgNVHSAEgYowgYcwDQYLKoZIhvcSAgEDAQYwDQYL KoZIhvcSAgEDAQgwDQYLKoZIhvcSAgEDAQcwDQYLKoZIhvcSAgEDAQkwDQYLKoZIhvcSAgED AQowDQYLKoZIhvcSAgEDAQswDQYLKoZIhvcSAgEDAQ4wDQYLKoZIhvcSAgEDAQ8wDQYLKoZI hvcSAgEDARAwDQYJKoZIhvcNAQELBQADggEBAIh3BqHQ/XH8C6DCL+eEGroOzxBcCqTNItms v4MANaOTodgU2jrjHcGjXlzqhpb8ZxOlkAK3dK09rc6+yACcoK2TzVtDRZXYxov/SqZRjI3d ufU2JatAPxosCyy/1otjl1TKUY47Wvft31vdf5i0XK2DQVEJ+XlqtgBiFTVIMIfBJwPajrsi z+pgFEYwhhwJxvs8flSi0FLCE77VYLEioP5hxG6zIPeQRxzh1bogbfphWHHtoiTDkBSZ4Ufv GXQTVf7QjhD5yYw10yICtjHmtgbfgBkH5/vvR92NY9RSlNPzZqmGKIia61bJCmagRYGyexfe dVNF0cJWL4J/cLHhgNYwggODMIICa6ADAgECAgEBMA0GCSqGSIb3DQEBBQUAMFQxCzAJBgNV BAYTAlVTMR8wHQYDVQQKExZNSVQgTGluY29sbiBMYWJvcmF0b3J5MQwwCgYDVQQLEwNQS0kx FjAUBgNVBAMTDU1JVExMIFJvb3QgQ0EwHhcNMDgwOTIzMTIwMDAwWhcNMjkxMjMxMjM1OTU5 WjBUMQswCQYDVQQGEwJVUzEfMB0GA1UEChMWTUlUIExpbmNvbG4gTGFib3JhdG9yeTEMMAoG A1UECxMDUEtJMRYwFAYDVQQDEw1NSVRMTCBSb290IENBMIIBIjANBgkqhkiG9w0BAQEFAAOC AQ8AMIIBCgKCAQEAxU4pF1iyJrL5rYq/XBAKg93kCTATG7Bw0NGFpEJ1A3Xsr6UIIq9/1VJB OgCwDqrVsAK1lRwy/lkrHzPkobiMr1wzjQ28SR/9sg5kAcmrMqBYbc302qtwCGKZxdNdhAh2 nUOCO10AMpUsCNdpikPY9ukT8lsA+eorM4Q1rc/L0J6AHRptOU7IuDBdZj+tdNb7gv+GKknr 6wj9m2sVGawoaG7AAqhsWvQUM/q4h/H5FpYlwnVAEh2AzhqiG9bwl6uJJIzJ/8uUWldNkVwz 1I5fR/vCaxiLXIW4oUydBuRKTG+ekEoxHGuD73yx5JtsSciS8HQL2oEM8tv+VAC+albqgwID AQABo2AwXjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRnqnrP9AqmuXK1iqDSnfIQw0Pt KTAfBgNVHSMEGDAWgBRnqnrP9AqmuXK1iqDSnfIQw0PtKTALBgNVHQ8EBAMCAYYwDQYJKoZI hvcNAQEFBQADggEBAD4bbQVg0Hh42EpYX4/JPkNS3OUAEWR/YgzZUY1QGi9rQZ4pfcjU1/Ta oNT8Y7Yf0RO+e9NiG9+BDhQH/kQiZOQo9rv9NUb8xDtKCYCad7zEQtVsYsWuvK2XLw/Ji1m2 eBvoOB4RS/5LAWfNws7W+DWt2ayzeTCyrLSrx7ZVgBjzNOm0TPIkbfppdwgxuo7FZL8ts+M2 492Al87d3VasevUS1pprRBEupChmPTt1hjtajkQOpT4BQAzP1lVEYrWzlv+O/lbP9iujKpYW cfYqQ3FGf37YCvuDeues4xm+nqmyraNsNeI8Gh3XDIwqfzHnLhy4Y80VyqN/Jj8df3SK9AAw ggTOMIIDtqADAgECAgpDgT5qAAAAADKHMA0GCSqGSIb3DQEBCwUAMFExCzAJBgNVBAYTAlVT MR8wHQYDVQQKExZNSVQgTGluY29sbiBMYWJvcmF0b3J5MQwwCgYDVQQLEwNQS0kxEzARBgNV BAMTCk1JVExMIENBLTIwHhcNMTIwMzA1MTUxODA3WhcNMTMwMzA1MTUxODA3WjBhMQswCQYD VQQGEwJVUzEfMB0GA1UEChMWTUlUIExpbmNvbG4gTGFib3JhdG9yeTEPMA0GA1UECxMGUGVv cGxlMSAwHgYDVQQDExdCbHVtZW50aGFsLlVyaS41MDAxMDU4NDCCASIwDQYJKoZIhvcNAQEB BQADggEPADCCAQoCggEBAM1hd7gYE3EAuUHpQXBAAsld4ttPFF2dJILTwLxpMAwAOeuCE2FN Qm7r5aIXSmwfYReSBSvZ01k6YOx3hqxMUJYgDTWvQ9A5OEufC3aD71g18VhHvqMs8uBEj7aX Na6dNd8V10yl4GZ4pXffNSN1Qb1S6pQ0r9NNILb+ZSevs3DGNE5rZwHxM0Ed62MjDyR4r7tL pFbkvlEFDdj8epEz7C6zEUPLyr8JjCDbLqhV4uoNdQQxweEPhSVadd5bDoT5w9OM4h4g/1hU PI/zuzp1pZLWiRigsmsCiT2YQUs3phYnRGkRzyenY3Usu+HtXtG1fSleaoeZtOqlcT01RBtP K1MCAwEAAaOCAZYwggGSMB0GA1UdDgQWBBShib6es0uFKEYxkMQRe+e7efVhBzAOBgNVHQ8B Af8EBAMCBSAwHwYDVR0jBBgwFoAUjkp9iaFjFxyBiDRXNyZFXhmKfiQwMwYDVR0fBCwwKjAo oCagJIYiaHR0cDovL2NybC5sbC5taXQuZWR1L2dldGNybC9MTENBMjBiBggrBgEFBQcBAQRW MFQwLQYIKwYBBQUHMAKGIWh0dHA6Ly9jcmwubGwubWl0LmVkdS9nZXR0by9MTENBMjAjBggr BgEFBQcwAYYXaHR0cDovL29jc3AubGwubWl0LmVkdS8wDAYDVR0TAQH/BAIwADA9BgkrBgEE AYI3FQcEMDAuBiYrBgEEAYI3FQiDg+Udh+ynZoathxWD6vBFhbahHx2F69Bwg+vtIAIBZAIB BDAlBgNVHSUEHjAcBgRVHSUABggrBgEFBQcDBAYKKwYBBAGCNwoDBDAYBgNVHSAEETAPMA0G CyqGSIb3EgIBAwEIMBkGA1UdEQQSMBCBDnVyaUBsbC5taXQuZWR1MA0GCSqGSIb3DQEBCwUA A4IBAQBqmZjWIBD5zFsLODc5rYV8zKQKukfF+u4DpNFzEHbCjNn1TBLBa0HVy1kLBA1ZwQPi cOw/XFgW8GHJo6Zpnd0NWwr02KbzJEn3wm5NmYWRTvuW9ld9O8/vkoPl0EmOfCbLoeQHNiEM lkBgoiC3nx54JaUTubWVcY7/caYldaT+VllH+y3PDB5yfO0YnAXkDbDqr+OBAM7dRe0QhcgS ZxTcRnrWGTUHwVV1yl4+Mxc++V1iLX1HdC1IdfKYHhswJbKOteuuCRLuhbKLpX/+y5cl6I/w 9u44Y86l34NExCasoNebcTzSVR5bKEWGhbntpDULl8cLMzXGlPQ5Oh614HeSMYIB5TCCAeEC AQEwXzBRMQswCQYDVQQGEwJVUzEfMB0GA1UEChMWTUlUIExpbmNvbG4gTGFib3JhdG9yeTEM MAoGA1UECxMDUEtJMRMwEQYDVQQDEwpNSVRMTCBDQS0yAgoTvp8EAAAAAEiAMAkGBSsOAwIa BQCgXTAjBgkqhkiG9w0BCQQxFgQUdSggkQ/AIlbUeq3F98lrscbo60AwGAYJKoZIhvcNAQkD MQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMTMwMjA2MTcwMDU1WjANBgkqhkiG9w0B AQEFAASCAQAxQ40rCBr+3mfU5IC4H1qfwrEOkmSFeqf4gpx0kT6mV0U4ZVsdHgZQ7Rn60pll YrpZXjaC5aOmDgbirt8KfjKl+Iahka4Rwvtit7aajy2YQPCoaApT5xm+8uD8yFmRHrgwRycx QX+0zCYChB+V0tCHnUC9rUz7PTBPSWCmlBvNXpoxcwHe0iUfz2I9aW5sYQEW2+QP7+svqlnv pMGLBRSkYMq0hBi/oG3jNzwA+LcKjnqsGLpoFlWdcXgKxFXQVRtXIQ/4v82hWdWJnuxIEC8b SpF6pIVAuCbF+GkjZx3h/WG7pXCKjuXnZiiJ7PyxLyaL4UWDqLRqHFwN3MGhbgKP --B_3442996855_30246777-- From stephen.farrell@cs.tcd.ie Wed Feb 6 09:13:38 2013 Return-Path: X-Original-To: cfrg@ietfa.amsl.com Delivered-To: cfrg@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A556921F856F for ; Wed, 6 Feb 2013 09:13:38 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.147 X-Spam-Level: X-Spam-Status: No, score=-102.147 tagged_above=-999 required=5 tests=[AWL=-0.347, BAYES_00=-2.599, SARE_SUB_RAND_LETTRS4=0.799, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KTy+isTRUtau for ; Wed, 6 Feb 2013 09:13:38 -0800 (PST) Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) by ietfa.amsl.com (Postfix) with ESMTP id 0A61321F8633 for ; Wed, 6 Feb 2013 09:13:38 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 0C646BE20; Wed, 6 Feb 2013 17:13:16 +0000 (GMT) X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qYMhKY+Hs6MF; Wed, 6 Feb 2013 17:13:14 +0000 (GMT) Received: from [IPv6:2001:770:10:203:80c7:bcd9:5c92:51d8] (unknown [IPv6:2001:770:10:203:80c7:bcd9:5c92:51d8]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id DEE17BE47; Wed, 6 Feb 2013 17:13:13 +0000 (GMT) Message-ID: <51128F2A.5080805@cs.tcd.ie> Date: Wed, 06 Feb 2013 17:13:14 +0000 From: Stephen Farrell User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130106 Thunderbird/17.0.2 MIME-Version: 1.0 To: "Blumenthal, Uri - 0558 - MITLL" References: In-Reply-To: X-Enigmail-Version: 1.5 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: Greg Rose , "cfrg@irtf.org" Subject: Re: [Cfrg] RG Last Call - draft-irtf-cfrg-ocb-00 X-BeenThere: cfrg@irtf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Crypto Forum Research Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 06 Feb 2013 17:13:38 -0000 On 02/06/2013 04:24 PM, Blumenthal, Uri - 0558 - MITLL wrote: > This licensing makes me leery to accept this AEAD mode for standardization This isn't being proposed as a standard, but as an informational IRTF-track RFC. Those aren't the same thing, even though there are a bunch of people who regard them as being the same. S. PS: The header should also be fixed up to say IRTF and not IETF, see, e.g. [1] for what it ought look like. That'd get fixed later anyway, but no harm doing it now. [1] http://tools.ietf.org/html/draft-irtf-dtnrg-bpq From Joachim@Strombergson.com Thu Feb 7 06:09:29 2013 Return-Path: X-Original-To: cfrg@ietfa.amsl.com Delivered-To: cfrg@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1510C21F856E for ; Thu, 7 Feb 2013 06:09:29 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.641 X-Spam-Level: X-Spam-Status: No, score=-0.641 tagged_above=-999 required=5 tests=[BAYES_20=-0.74, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_LOW=-1, SARE_SUB_RAND_LETTRS4=0.799] Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rkgerEN6ra9E for ; Thu, 7 Feb 2013 06:09:28 -0800 (PST) Received: from susano.oderland.com (susano.oderland.com [91.201.63.143]) by ietfa.amsl.com (Postfix) with ESMTP id 735DC21F855F for ; Thu, 7 Feb 2013 06:09:27 -0800 (PST) Received: from [62.80.223.82] (port=60905 helo=secworks82.gotanet.se) by susano.oderland.com with esmtpsa (TLSv1:DHE-RSA-AES256-SHA:256) (Exim 4.80) (envelope-from ) id 1U3SAI-001D8x-4e for cfrg@irtf.org; Thu, 07 Feb 2013 15:09:26 +0100 Message-ID: <5113B595.9050602@Strombergson.com> Date: Thu, 07 Feb 2013 15:09:25 +0100 From: =?UTF-8?B?Sm9hY2hpbSBTdHLDtm1iZXJnc29u?= Organization: Kryptologik User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:17.0) Gecko/20130107 Thunderbird/17.0.2 MIME-Version: 1.0 To: cfrg@irtf.org References: <9BBAB802-CF3A-4DA0-B092-4F45B202C54F@krovetz.net> In-Reply-To: <9BBAB802-CF3A-4DA0-B092-4F45B202C54F@krovetz.net> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - susano.oderland.com X-AntiAbuse: Original Domain - irtf.org X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - Strombergson.com X-Get-Message-Sender-Via: susano.oderland.com: authenticated_id: joachim@strombergson.com Subject: Re: [Cfrg] RG Last Call - draft-irtf-cfrg-ocb-00 X-BeenThere: cfrg@irtf.org X-Mailman-Version: 2.1.12 Precedence: list Reply-To: Joachim@Strombergson.com List-Id: Crypto Forum Research Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 07 Feb 2013 14:09:29 -0000 Aloha! On 2013-02-05 23:17 , Ted Krovetz wrote: > Phil has issued broad licenses for OCB, allowing open-source software > implementations and software implementations in non-military contexts > and non-commercial non-military hardware implementations. The > licenses are at > > http://www.cs.ucdavis.edu/~rogaway/ocb/license.htm Why the distinction of open source SW, why not also allow open source HW? -- Med vänlig hälsning, Yours Joachim Strömbergson - Alltid i harmonisk svängning. ======================================================================== From simon@josefsson.org Mon Feb 11 03:18:29 2013 Return-Path: X-Original-To: cfrg@ietfa.amsl.com Delivered-To: cfrg@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3A64221F8681 for ; Mon, 11 Feb 2013 03:18:29 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -99.11 X-Spam-Level: X-Spam-Status: No, score=-99.11 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FH_HOST_EQ_D_D_D_D=0.765, HELO_MISMATCH_COM=0.553, HOST_EQ_STATICB=1.372, SARE_SUB_RAND_LETTRS4=0.799, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NZbj+g5uwGM0 for ; Mon, 11 Feb 2013 03:18:28 -0800 (PST) Received: from yxa-v.extundo.com (static-213-115-179-173.sme.bredbandsbolaget.se [213.115.179.173]) by ietfa.amsl.com (Postfix) with ESMTP id 1172A21F867B for ; Mon, 11 Feb 2013 03:18:27 -0800 (PST) Received: from latte.josefsson.org (46.182.205.36.c.fiberdirekt.net [46.182.205.36]) (authenticated bits=0) by yxa-v.extundo.com (8.14.3/8.14.3/Debian-5+lenny1) with ESMTP id r1BBIIGO018216 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Mon, 11 Feb 2013 12:18:19 +0100 From: Simon Josefsson To: Ted Krovetz References: OpenPGP: id=B565716F; url=http://josefsson.org/key.txt X-Hashcash: 1:22:130211:ted@krovetz.net::Mhc4jz/7I91tGBVU:DXVz X-Hashcash: 1:22:130211:cfrg@irtf.org::D/mv9EHUafNa2xGz:Pscc Date: Mon, 11 Feb 2013 12:18:13 +0100 In-Reply-To: (Ted Krovetz's message of "Wed, 6 Feb 2013 08:51:59 -0800") Message-ID: <87ehgn6qve.fsf@latte.josefsson.org> User-Agent: Gnus/5.130006 (Ma Gnus v0.6) Emacs/24.2 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-Virus-Scanned: clamav-milter 0.97.3 at yxa-v X-Virus-Status: Clean Cc: "cfrg@irtf.org" Subject: Re: [Cfrg] RG Last Call - draft-irtf-cfrg-ocb-00 X-BeenThere: cfrg@irtf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Crypto Forum Research Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Feb 2013 11:18:29 -0000 Ted Krovetz writes: >> practically unusable in any serious product (commercial or > otherwise) because of its licensing terms. > > I certainly hope that we can convince you that this is not true. The simplest way to do that is to change the license. As far as I understand, the current license fails to meet the open source definition used by OSI, in particular the "No Discrimination Against Fields of Endeavor" paragraph: http://opensource.org/osd Thus, and also as far as I understand, I could not implement OCB in some of my free software packages, and have that be accepted by organisations that require OSI-compatible licensing. To me, anything that restrict significant implementers ability to use a specification is a serious problem, to the point that it may be better to find and use another specification. Thefore I don't find it a good use of everyone's collective time to publish specifications that aren't useful to as many as possible, especially if there are alternatives. /Simon From ted@krovetz.net Mon Feb 11 08:20:28 2013 Return-Path: X-Original-To: cfrg@ietfa.amsl.com Delivered-To: cfrg@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B364B21F8B11 for ; Mon, 11 Feb 2013 08:20:28 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.8 X-Spam-Level: X-Spam-Status: No, score=-2.8 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1, SARE_SUB_RAND_LETTRS4=0.799] Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id K2cG-JDd3zDF for ; Mon, 11 Feb 2013 08:20:28 -0800 (PST) Received: from mail-pa0-f50.google.com (mail-pa0-f50.google.com [209.85.220.50]) by ietfa.amsl.com (Postfix) with ESMTP id 0B9CE21F8B0F for ; Mon, 11 Feb 2013 08:20:28 -0800 (PST) Received: by mail-pa0-f50.google.com with SMTP id fa11so3175398pad.9 for ; Mon, 11 Feb 2013 08:20:27 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=x-received:content-type:mime-version:subject:from:in-reply-to:date :content-transfer-encoding:message-id:references:to:x-mailer :x-gm-message-state; bh=R8fwTdvEdiaNgOZGK1t+7gDfQRG5Ec4lYNOBjlY4Lwg=; b=pT6SQByf+HHOcvJq3gamXW3kX8G90WX8dtlJbhi/bi9aIAIlD7FtwfPbhg+aMF/UUb QXgQ8DEh8hjz+mmBQ6LjJqaK4br83q8xL64Tx/diFhSZ3IzBs3AsALS1NzrwWAELqY4q CnJrRGQ68ZvtOnd1xrv4+mmhDEyawaFEUf5tGCilnkFA2YCkFP/CZT4BtWB4zxgGsM2f 8WsZtHb45VPWzHLh3nfMC2yeS8MXEYtXXBLDSXYbJ3XKQ4liSRz7HR2eIcBusTUEz+PG GUzYIafrzADdm/dBbw+3dxhbzQWKabT+OAHSDLTFCaL4OQW0PIgEg5K9KWF3pEEd40Oh cEpg== X-Received: by 10.66.85.161 with SMTP id i1mr41886416paz.67.1360599627132; Mon, 11 Feb 2013 08:20:27 -0800 (PST) Received: from isis.ecs.csus.edu ([130.86.68.216]) by mx.google.com with ESMTPS id x2sm67638640paw.8.2013.02.11.08.20.25 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Mon, 11 Feb 2013 08:20:26 -0800 (PST) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 6.2 \(1499\)) From: Ted Krovetz In-Reply-To: <87ehgn6qve.fsf@latte.josefsson.org> Date: Mon, 11 Feb 2013 08:20:21 -0800 Content-Transfer-Encoding: quoted-printable Message-Id: <7B8030E4-6716-428D-8573-6B725FFCFB27@krovetz.net> References: <87ehgn6qve.fsf@latte.josefsson.org> To: "cfrg@irtf.org" X-Mailer: Apple Mail (2.1499) X-Gm-Message-State: ALoCoQl4hgWEH8XVOjWg/CPVm9Gi49SHsh/QcgrdL5Kxz2LLgqPl8qhb/Jo/jz7F31FxStT0FPZA Subject: Re: [Cfrg] RG Last Call - draft-irtf-cfrg-ocb-00 X-BeenThere: cfrg@irtf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Crypto Forum Research Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Feb 2013 16:20:28 -0000 > "No Discrimination Against Fields of Endeavor" License 1 has no such restriction. Only License 2 does. Since you are = free to choose which license you wish to abide by, I don't see any = reason you couldn't use OCB under License 1 in your work. > Therefore I don't find it a good use of everyone's collective time We are asking that the draft be blessed as a good technical description = of some good innovative cryptography. I believe CFRG is the best place = to make such a request (regardless of OCB not being free enough for some = people's taste). -Ted= From prvs=57544381d1=uri@ll.mit.edu Mon Feb 11 08:33:14 2013 Return-Path: X-Original-To: cfrg@ietfa.amsl.com Delivered-To: cfrg@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 20B1621F885E for ; Mon, 11 Feb 2013 08:33:14 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -5.465 X-Spam-Level: X-Spam-Status: No, score=-5.465 tagged_above=-999 required=5 tests=[AWL=0.335, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, SARE_SUB_RAND_LETTRS4=0.799, UNPARSEABLE_RELAY=0.001] Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LC7s1eUVo75K for ; Mon, 11 Feb 2013 08:33:09 -0800 (PST) Received: from mx2.ll.mit.edu (MX2.LL.MIT.EDU [129.55.12.46]) by ietfa.amsl.com (Postfix) with ESMTP id D15FB21F8848 for ; Mon, 11 Feb 2013 08:33:08 -0800 (PST) Received: from LLE2K7-HUB01.mitll.ad.local (LLE2K7-HUB01.mitll.ad.local) by mx2.ll.mit.edu (unknown) with ESMTP id r1BGX7I3002251; Mon, 11 Feb 2013 11:33:07 -0500 From: "Blumenthal, Uri - 0558 - MITLL" To: Ted Krovetz , "cfrg@irtf.org" Date: Mon, 11 Feb 2013 11:33:04 -0500 Thread-Topic: [Cfrg] RG Last Call - draft-irtf-cfrg-ocb-00 Thread-Index: Ac4IdXirkvua2ON9Qo2Ib2SXT2qK2Q== Message-ID: In-Reply-To: <7B8030E4-6716-428D-8573-6B725FFCFB27@krovetz.net> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: yes X-MS-TNEF-Correlator: user-agent: Microsoft-MacOutlook/14.2.5.121010 acceptlanguage: en-US Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha1; boundary="B_3443427184_1167190" MIME-Version: 1.0 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.9.8327, 1.0.431, 0.0.0000 definitions=2013-02-11_03:2013-02-11, 2013-02-11, 1970-01-01 signatures=0 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 ipscore=0 suspectscore=8 phishscore=0 bulkscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=6.0.2-1211240000 definitions=main-1302110144 Subject: Re: [Cfrg] RG Last Call - draft-irtf-cfrg-ocb-00 X-BeenThere: cfrg@irtf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Crypto Forum Research Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Feb 2013 16:33:14 -0000 --B_3443427184_1167190 Content-type: text/plain; charset="US-ASCII" Content-transfer-encoding: 7bit On 2/11/13 11:20 , "Ted Krovetz" wrote: >> "No Discrimination Against Fields of Endeavor" > >License 1 has no such restriction. Only License 2 does. Since you are >free to choose which license you wish to abide by, I don't see any reason >you couldn't use OCB under License 1 in your work. I'd still like to see clarifications (answers to my example questions) regarding License 1. To make it easier to track, here it is: Let's consider (an updated) hypothetical case: company A adds an OCB implementation to OpenSSL (or Crypto++). Company X then uses that library/package in their proprietary "SuperComm" software that they subsequently sell to Department of Defense and to Department of Energy. First - are they even allowed to to that under this license? Second - how much of the source code do they have to make available to satisfy the terms of "License 1"? Just the OCB code? The entire OpenSSL or Crypto++? The entire "SuperComm" source? Third - if there's a violation of the license terms in the above example, which entity is considered responsible? --B_3443427184_1167190 Content-Type: application/pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" MIIUAAYJKoZIhvcNAQcCoIIT8TCCE+0CAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHAaCC EeMwggTLMIIDs6ADAgECAgoTvp8EAAAAAEiAMA0GCSqGSIb3DQEBCwUAMFExCzAJBgNVBAYT AlVTMR8wHQYDVQQKExZNSVQgTGluY29sbiBMYWJvcmF0b3J5MQwwCgYDVQQLEwNQS0kxEzAR BgNVBAMTCk1JVExMIENBLTIwHhcNMTIwNzE2MTgwNzA2WhcNMTMwNzE2MTgwNzA2WjBhMQsw CQYDVQQGEwJVUzEfMB0GA1UEChMWTUlUIExpbmNvbG4gTGFib3JhdG9yeTEPMA0GA1UECxMG UGVvcGxlMSAwHgYDVQQDExdCbHVtZW50aGFsLlVyaS41MDAxMDU4NDCCASIwDQYJKoZIhvcN AQEBBQADggEPADCCAQoCggEBALQbhERcgi7bVsw6WLXunsi9ymPD09JMrF1iGlCDF4ZO1+W5 Lp6znDFyubLdbP3qikgcXWfByMzsHUzoSQD1Bp9O7mKa656rMu3mez/ItydJBw/LMZYSYc+6 4DB4KuzvA2DnTaQ41I0SqFE0DrksfBi8ePO/Xv7PQRNUl45Y7VSB6xoA7DfTZO5IZ4e6Om90 /AnVBE+aee40kxvmDWGr1jvFxv/gSvQA3PxcwnCxzn699bpAtz8VUdfTsewhy+g5OonBLSzg I/yIyCd6g2eQQcw6g10eQJopUnoKv1o0TIss1pwK5SZG3mM2FCFECL1vV8NMTQ4AuS3OSO7i 3AX2g1cCAwEAAaOCAZMwggGPMB0GA1UdDgQWBBSw8IXAP4OJKTOqBKNPgRR1LceLVzAOBgNV HQ8BAf8EBAMCBsAwHwYDVR0jBBgwFoAUjkp9iaFjFxyBiDRXNyZFXhmKfiQwMwYDVR0fBCww KjAooCagJIYiaHR0cDovL2NybC5sbC5taXQuZWR1L2dldGNybC9MTENBMjBiBggrBgEFBQcB AQRWMFQwLQYIKwYBBQUHMAKGIWh0dHA6Ly9jcmwubGwubWl0LmVkdS9nZXR0by9MTENBMjAj BggrBgEFBQcwAYYXaHR0cDovL29jc3AubGwubWl0LmVkdS8wDAYDVR0TAQH/BAIwADA9Bgkr BgEEAYI3FQcEMDAuBiYrBgEEAYI3FQiDg+Udh+ynZoathxWD6vBFhbahHx2Fy94yh/+KcwIB ZAIBBTAiBgNVHSUBAf8EGDAWBggrBgEFBQcDBAYKKwYBBAGCNwoDDDAYBgNVHSAEETAPMA0G CyqGSIb3EgIBAwEIMBkGA1UdEQQSMBCBDnVyaUBsbC5taXQuZWR1MA0GCSqGSIb3DQEBCwUA A4IBAQCheTHY3ppuUbzU5Quma4TR1Rhr0r+BfIMJyrfrmA9gNIoFzK0MbK1xxRv/9Nz/9sRQ ukIWIIfjyQlNDIiCl+8yut3V31v5NW+T0NB4GGIYicWI+ID8tBfvaHaniZ+bP/wEsZMOPq1J kh4E28mRAsHMuYhu6kraGj0yRi4Y3zuxJIeRN7NGYFCglFaPSeOQ33m0o5oyyMNfdDcDX7T/ 3pSSNFk/gAcPoI+XvC0sXS2cVYqvDGwzsT58M+6jvg0FDb8z/BIO2OL2KpO+ojeNSNud4Cf4 7gEpChuvx36vgLLq+J1s9BIXKk7FVAIdbD5KKnO/HiDpqamScI6p3Lc3PQZuMIIEtzCCA5+g AwIBAgIBFDANBgkqhkiG9w0BAQsFADBUMQswCQYDVQQGEwJVUzEfMB0GA1UEChMWTUlUIExp bmNvbG4gTGFib3JhdG9yeTEMMAoGA1UECxMDUEtJMRYwFAYDVQQDEw1NSVRMTCBSb290IENB MB4XDTA5MTIxNDEyMDAwMFoXDTE1MTIzMTIzNTk1OVowUTELMAkGA1UEBhMCVVMxHzAdBgNV BAoTFk1JVCBMaW5jb2xuIExhYm9yYXRvcnkxDDAKBgNVBAsTA1BLSTETMBEGA1UEAxMKTUlU TEwgQ0EtMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKcEyyNhSIfsN6AzBwVh Zkzo6SdjNGAQ7mA2A8T0kmdCB8MH6jWjVVMwFZwlg9cgjgLKEuEO9KN8K9M8jgeZEMoinlRf k3YELPC7sEkkzBQkcVpLhEwALue9iHowgSLGmXZpYKmRhfvhvYJ4MNCuIaWpcK/GaDZCE+U2 aTg42kv/zQrH3AoqFX81OF7niwXNnanP1hQRfkMTRrnaEW8DX0TMaG/t9Ry5xSMrLTNc9DvQ tjA5ZcuWnECiUpyDBFWxLr9yx7xgf1/LwgCxcoBeKSBBoWzkQmKAsgMo9Mq1Fp/nnIqw5FKm gOs7Vy+6e0Dk+cgf+oAV8AK8ZFMQrVE0uH0CAwEAAaOCAZUwggGRMBIGA1UdEwEB/wQIMAYB Af8CAQAwHQYDVR0OBBYEFI5KfYmhYxccgYg0VzcmRV4Zin4kMB8GA1UdIwQYMBaAFGeqes/0 Cqa5crWKoNKd8hDDQ+0pMA4GA1UdDwEB/wQEAwIBhjBhBggrBgEFBQcBAQRVMFMwLQYIKwYB BQUHMAKGIWh0dHA6Ly9jcmwubGwubWl0LmVkdS9nZXR0bz9MTFJDQTAiBggrBgEFBQcwAYYW aHR0cDovL29jc3AubGwubWl0LmVkdTAzBgNVHR8ELDAqMCigJqAkhiJodHRwOi8vY3JsLmxs Lm1pdC5lZHUvZ2V0Y3JsP0xMUkNBMIGSBgNVHSAEgYowgYcwDQYLKoZIhvcSAgEDAQYwDQYL KoZIhvcSAgEDAQgwDQYLKoZIhvcSAgEDAQcwDQYLKoZIhvcSAgEDAQkwDQYLKoZIhvcSAgED AQowDQYLKoZIhvcSAgEDAQswDQYLKoZIhvcSAgEDAQ4wDQYLKoZIhvcSAgEDAQ8wDQYLKoZI hvcSAgEDARAwDQYJKoZIhvcNAQELBQADggEBAIh3BqHQ/XH8C6DCL+eEGroOzxBcCqTNItms v4MANaOTodgU2jrjHcGjXlzqhpb8ZxOlkAK3dK09rc6+yACcoK2TzVtDRZXYxov/SqZRjI3d ufU2JatAPxosCyy/1otjl1TKUY47Wvft31vdf5i0XK2DQVEJ+XlqtgBiFTVIMIfBJwPajrsi z+pgFEYwhhwJxvs8flSi0FLCE77VYLEioP5hxG6zIPeQRxzh1bogbfphWHHtoiTDkBSZ4Ufv GXQTVf7QjhD5yYw10yICtjHmtgbfgBkH5/vvR92NY9RSlNPzZqmGKIia61bJCmagRYGyexfe dVNF0cJWL4J/cLHhgNYwggODMIICa6ADAgECAgEBMA0GCSqGSIb3DQEBBQUAMFQxCzAJBgNV BAYTAlVTMR8wHQYDVQQKExZNSVQgTGluY29sbiBMYWJvcmF0b3J5MQwwCgYDVQQLEwNQS0kx FjAUBgNVBAMTDU1JVExMIFJvb3QgQ0EwHhcNMDgwOTIzMTIwMDAwWhcNMjkxMjMxMjM1OTU5 WjBUMQswCQYDVQQGEwJVUzEfMB0GA1UEChMWTUlUIExpbmNvbG4gTGFib3JhdG9yeTEMMAoG A1UECxMDUEtJMRYwFAYDVQQDEw1NSVRMTCBSb290IENBMIIBIjANBgkqhkiG9w0BAQEFAAOC AQ8AMIIBCgKCAQEAxU4pF1iyJrL5rYq/XBAKg93kCTATG7Bw0NGFpEJ1A3Xsr6UIIq9/1VJB OgCwDqrVsAK1lRwy/lkrHzPkobiMr1wzjQ28SR/9sg5kAcmrMqBYbc302qtwCGKZxdNdhAh2 nUOCO10AMpUsCNdpikPY9ukT8lsA+eorM4Q1rc/L0J6AHRptOU7IuDBdZj+tdNb7gv+GKknr 6wj9m2sVGawoaG7AAqhsWvQUM/q4h/H5FpYlwnVAEh2AzhqiG9bwl6uJJIzJ/8uUWldNkVwz 1I5fR/vCaxiLXIW4oUydBuRKTG+ekEoxHGuD73yx5JtsSciS8HQL2oEM8tv+VAC+albqgwID AQABo2AwXjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRnqnrP9AqmuXK1iqDSnfIQw0Pt KTAfBgNVHSMEGDAWgBRnqnrP9AqmuXK1iqDSnfIQw0PtKTALBgNVHQ8EBAMCAYYwDQYJKoZI hvcNAQEFBQADggEBAD4bbQVg0Hh42EpYX4/JPkNS3OUAEWR/YgzZUY1QGi9rQZ4pfcjU1/Ta oNT8Y7Yf0RO+e9NiG9+BDhQH/kQiZOQo9rv9NUb8xDtKCYCad7zEQtVsYsWuvK2XLw/Ji1m2 eBvoOB4RS/5LAWfNws7W+DWt2ayzeTCyrLSrx7ZVgBjzNOm0TPIkbfppdwgxuo7FZL8ts+M2 492Al87d3VasevUS1pprRBEupChmPTt1hjtajkQOpT4BQAzP1lVEYrWzlv+O/lbP9iujKpYW cfYqQ3FGf37YCvuDeues4xm+nqmyraNsNeI8Gh3XDIwqfzHnLhy4Y80VyqN/Jj8df3SK9AAw ggTOMIIDtqADAgECAgpDgT5qAAAAADKHMA0GCSqGSIb3DQEBCwUAMFExCzAJBgNVBAYTAlVT MR8wHQYDVQQKExZNSVQgTGluY29sbiBMYWJvcmF0b3J5MQwwCgYDVQQLEwNQS0kxEzARBgNV BAMTCk1JVExMIENBLTIwHhcNMTIwMzA1MTUxODA3WhcNMTMwMzA1MTUxODA3WjBhMQswCQYD VQQGEwJVUzEfMB0GA1UEChMWTUlUIExpbmNvbG4gTGFib3JhdG9yeTEPMA0GA1UECxMGUGVv cGxlMSAwHgYDVQQDExdCbHVtZW50aGFsLlVyaS41MDAxMDU4NDCCASIwDQYJKoZIhvcNAQEB BQADggEPADCCAQoCggEBAM1hd7gYE3EAuUHpQXBAAsld4ttPFF2dJILTwLxpMAwAOeuCE2FN Qm7r5aIXSmwfYReSBSvZ01k6YOx3hqxMUJYgDTWvQ9A5OEufC3aD71g18VhHvqMs8uBEj7aX Na6dNd8V10yl4GZ4pXffNSN1Qb1S6pQ0r9NNILb+ZSevs3DGNE5rZwHxM0Ed62MjDyR4r7tL pFbkvlEFDdj8epEz7C6zEUPLyr8JjCDbLqhV4uoNdQQxweEPhSVadd5bDoT5w9OM4h4g/1hU PI/zuzp1pZLWiRigsmsCiT2YQUs3phYnRGkRzyenY3Usu+HtXtG1fSleaoeZtOqlcT01RBtP K1MCAwEAAaOCAZYwggGSMB0GA1UdDgQWBBShib6es0uFKEYxkMQRe+e7efVhBzAOBgNVHQ8B Af8EBAMCBSAwHwYDVR0jBBgwFoAUjkp9iaFjFxyBiDRXNyZFXhmKfiQwMwYDVR0fBCwwKjAo oCagJIYiaHR0cDovL2NybC5sbC5taXQuZWR1L2dldGNybC9MTENBMjBiBggrBgEFBQcBAQRW MFQwLQYIKwYBBQUHMAKGIWh0dHA6Ly9jcmwubGwubWl0LmVkdS9nZXR0by9MTENBMjAjBggr BgEFBQcwAYYXaHR0cDovL29jc3AubGwubWl0LmVkdS8wDAYDVR0TAQH/BAIwADA9BgkrBgEE AYI3FQcEMDAuBiYrBgEEAYI3FQiDg+Udh+ynZoathxWD6vBFhbahHx2F69Bwg+vtIAIBZAIB BDAlBgNVHSUEHjAcBgRVHSUABggrBgEFBQcDBAYKKwYBBAGCNwoDBDAYBgNVHSAEETAPMA0G CyqGSIb3EgIBAwEIMBkGA1UdEQQSMBCBDnVyaUBsbC5taXQuZWR1MA0GCSqGSIb3DQEBCwUA A4IBAQBqmZjWIBD5zFsLODc5rYV8zKQKukfF+u4DpNFzEHbCjNn1TBLBa0HVy1kLBA1ZwQPi cOw/XFgW8GHJo6Zpnd0NWwr02KbzJEn3wm5NmYWRTvuW9ld9O8/vkoPl0EmOfCbLoeQHNiEM lkBgoiC3nx54JaUTubWVcY7/caYldaT+VllH+y3PDB5yfO0YnAXkDbDqr+OBAM7dRe0QhcgS ZxTcRnrWGTUHwVV1yl4+Mxc++V1iLX1HdC1IdfKYHhswJbKOteuuCRLuhbKLpX/+y5cl6I/w 9u44Y86l34NExCasoNebcTzSVR5bKEWGhbntpDULl8cLMzXGlPQ5Oh614HeSMYIB5TCCAeEC AQEwXzBRMQswCQYDVQQGEwJVUzEfMB0GA1UEChMWTUlUIExpbmNvbG4gTGFib3JhdG9yeTEM MAoGA1UECxMDUEtJMRMwEQYDVQQDEwpNSVRMTCBDQS0yAgoTvp8EAAAAAEiAMAkGBSsOAwIa BQCgXTAjBgkqhkiG9w0BCQQxFgQUHL+MJPjsYpMpa0yfHTlO9FWZ6jEwGAYJKoZIhvcNAQkD MQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMTMwMjExMTYzMzA0WjANBgkqhkiG9w0B AQEFAASCAQCQdWu60Ivm3yMQqcpcj1w+j2BRTGWISLVT775rVEj0fdmsYjRp0aKshgqvX+Fg O+LuCkEWfxt2S59UluLPddz3OR3clrAThr6qYP7N90oeNVjxGLD3gtT2B5J57XtNYRfENSPi d4Sgs1hoV23x8h8Wj40XynSISo5CNmnNORsRhsAICSArflvIQPJg4bBOuNrjzz8QfcPbZ+Yn YLkkct+RYTpx1BTeFj7BDbOaeeZWCt0Kkr2hejBUfCSVeR//kUPeFHfYKhW/sX7Tf/oafBYy FW2SB2QC/QKzOmoVpUq8df6lzS0fJYf9mQxyirzlkmi7XPUO4BKxEzvUZeKuh9sv --B_3443427184_1167190-- From jon@callas.org Mon Feb 11 08:41:50 2013 Return-Path: X-Original-To: cfrg@ietfa.amsl.com Delivered-To: cfrg@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5907621F8918 for ; Mon, 11 Feb 2013 08:41:50 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.049 X-Spam-Level: X-Spam-Status: No, score=-1.049 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, SARE_OBFU_ALL=0.751, SARE_SUB_RAND_LETTRS4=0.799] Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eYUdqI28jJrs for ; Mon, 11 Feb 2013 08:41:49 -0800 (PST) Received: from mail.merrymeet.com (merrymeet.com [173.164.244.100]) by ietfa.amsl.com (Postfix) with ESMTP id E22DA21F8915 for ; Mon, 11 Feb 2013 08:41:49 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by mail.merrymeet.com (Postfix) with ESMTP id 0F9CD1EBE1C4 for ; Mon, 11 Feb 2013 08:41:49 -0800 (PST) X-Virus-Scanned: amavisd-new at merrymeet.com Received: from mail.merrymeet.com ([127.0.0.1]) by localhost (merrymeet.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GtJMQGhjX0ac for ; Mon, 11 Feb 2013 08:41:39 -0800 (PST) Received: from keys.merrymeet.com (keys.merrymeet.com [173.164.244.97]) by mail.merrymeet.com (Postfix) with ESMTPSA id B13051EBE198 for ; Mon, 11 Feb 2013 08:41:39 -0800 (PST) Received: from [172.16.13.170] ([23.24.110.141]) by keys.merrymeet.com (PGP Universal service); Mon, 11 Feb 2013 08:41:39 -0800 X-PGP-Universal: processed; by keys.merrymeet.com on Mon, 11 Feb 2013 08:41:39 -0800 Mime-Version: 1.0 (Mac OS X Mail 6.2 \(1499\)) From: Jon Callas In-Reply-To: Date: Mon, 11 Feb 2013 08:41:40 -0800 Message-Id: <620CDDF7-B6BB-40FE-861F-4F06A90E7C0B@callas.org> References: To: "Blumenthal, Uri - 0558 - MITLL" X-Mailer: Apple Mail (2.1499) X-PGP-Encoding-Format: Partitioned X-PGP-Encoding-Version: 2.0.2 X-Content-PGP-Universal-Saved-Content-Transfer-Encoding: quoted-printable X-Content-PGP-Universal-Saved-Content-Type: text/plain; charset=us-ascii Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: QUOTED-PRINTABLE Cc: "cfrg@irtf.org" , Jon Callas Subject: Re: [Cfrg] RG Last Call - draft-irtf-cfrg-ocb-00 X-BeenThere: cfrg@irtf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Crypto Forum Research Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Feb 2013 16:41:50 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Feb 11, 2013, at 8:33 AM, "Blumenthal, Uri - 0558 - MITLL" wrote: > * PGP - S/MIME Signed by an unverified key: 02/11/2013 at 08:33:04 AM >=20 > On 2/11/13 11:20 , "Ted Krovetz" wrote: >=20 >=20 >>> "No Discrimination Against Fields of Endeavor" >>=20 >> License 1 has no such restriction. Only License 2 does. Since you are >> free to choose which license you wish to abide by, I don't see any reason >> you couldn't use OCB under License 1 in your work. >=20 > I'd still like to see clarifications (answers to my example questions) > regarding License 1. To make it easier to track, here it is: >=20 > Let's consider (an updated) hypothetical case: company A adds an OCB > implementation > to OpenSSL (or Crypto++). Company X then uses that library/package in the= ir > proprietary "SuperComm" software that they subsequently sell to Department > of Defense and to Department of Energy. >=20 > First - are they even allowed to to that under this license? >=20 > Second - how much of the source code do they have to make available to > satisfy the terms of "License 1"? Just the OCB code? The entire OpenSSL or > Crypto++? The entire "SuperComm" source? >=20 >=20 > Third - if there's a violation of the license terms in the above example, > which entity is considered responsible? But that's A Corp's problem, not the IETF's. It's the purpose of a standard= to describe things for the purposes of interoperability. Arguably, it's al= so a layer 8 problem and we're layer 9. A Corp can very likely make the problem go away by throwing cash at the pro= blem, as well. At PGP, we liked EME2, another Rogaway protocol with similar= IP issues. We bought a license from the University of California. It was r= easonably priced. We got on with our lives. Jon -----BEGIN PGP SIGNATURE----- Version: PGP Universal 3.2.0 (Build 1672) Charset: us-ascii wj8DBQFRGR9DsTedWZOD3gYRAn0sAKCcqhcd8MFSMI9uZfOKvWbEtIMNUwCg/6Ib +w/E1gvp4T4I0XS/qDOSlE8=3D =3D+wE8 -----END PGP SIGNATURE----- From prvs=57544381d1=uri@ll.mit.edu Mon Feb 11 08:44:27 2013 Return-Path: X-Original-To: cfrg@ietfa.amsl.com Delivered-To: cfrg@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 25C8721F86A9 for ; Mon, 11 Feb 2013 08:44:27 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -5.145 X-Spam-Level: X-Spam-Status: No, score=-5.145 tagged_above=-999 required=5 tests=[AWL=-0.097, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, SARE_OBFU_ALL=0.751, SARE_SUB_RAND_LETTRS4=0.799, UNPARSEABLE_RELAY=0.001] Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eeeJeyQpXcHh for ; Mon, 11 Feb 2013 08:44:26 -0800 (PST) Received: from mx2.ll.mit.edu (MX2.LL.MIT.EDU [129.55.12.46]) by ietfa.amsl.com (Postfix) with ESMTP id 37AB721F854E for ; Mon, 11 Feb 2013 08:44:26 -0800 (PST) Received: from LLE2K7-HUB02.mitll.ad.local (LLE2K7-HUB02.mitll.ad.local) by mx2.ll.mit.edu (unknown) with ESMTP id r1BGiKQ1009386; Mon, 11 Feb 2013 11:44:22 -0500 From: "Blumenthal, Uri - 0558 - MITLL" To: Jon Callas Date: Mon, 11 Feb 2013 11:44:19 -0500 Thread-Topic: [Cfrg] RG Last Call - draft-irtf-cfrg-ocb-00 Thread-Index: Ac4IdwsrX+cbaf7AQuezjHavFXtl9g== Message-ID: In-Reply-To: <620CDDF7-B6BB-40FE-861F-4F06A90E7C0B@callas.org> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: yes X-MS-TNEF-Correlator: user-agent: Microsoft-MacOutlook/14.2.5.121010 acceptlanguage: en-US Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha1; boundary="B_3443427859_1233501" MIME-Version: 1.0 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.9.8327, 1.0.431, 0.0.0000 definitions=2013-02-11_03:2013-02-11, 2013-02-11, 1970-01-01 signatures=0 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 ipscore=0 suspectscore=8 phishscore=0 bulkscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=6.0.2-1211240000 definitions=main-1302110145 Cc: "cfrg@irtf.org" Subject: Re: [Cfrg] RG Last Call - draft-irtf-cfrg-ocb-00 X-BeenThere: cfrg@irtf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Crypto Forum Research Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Feb 2013 16:44:27 -0000 --B_3443427859_1233501 Content-type: text/plain; charset="US-ASCII" Content-transfer-encoding: 7bit License 1 is Open Source, and A may not be a Corp (like PGP, Inc. is). And if (for example) I were to develop and release some free code - I sure wouldn't want to throw cash at this problem. -- Regards, Uri Blumenthal On 2/11/13 11:41 , "Jon Callas" wrote: > >On Feb 11, 2013, at 8:33 AM, "Blumenthal, Uri - 0558 - MITLL" > wrote: > >> * PGP - S/MIME Signed by an unverified key: 02/11/2013 at 08:33:04 AM >> >> On 2/11/13 11:20 , "Ted Krovetz" wrote: >> >> >>>> "No Discrimination Against Fields of Endeavor" >>> >>> License 1 has no such restriction. Only License 2 does. Since you are >>> free to choose which license you wish to abide by, I don't see any >>>reason >>> you couldn't use OCB under License 1 in your work. >> >> I'd still like to see clarifications (answers to my example questions) >> regarding License 1. To make it easier to track, here it is: >> >> Let's consider (an updated) hypothetical case: company A adds an OCB >> implementation >> to OpenSSL (or Crypto++). Company X then uses that library/package in >>their >> proprietary "SuperComm" software that they subsequently sell to >>Department >> of Defense and to Department of Energy. >> >> First - are they even allowed to to that under this license? >> >> Second - how much of the source code do they have to make available to >> satisfy the terms of "License 1"? Just the OCB code? The entire OpenSSL >>or >> Crypto++? The entire "SuperComm" source? >> >> >> Third - if there's a violation of the license terms in the above >>example, >> which entity is considered responsible? > >But that's A Corp's problem, not the IETF's. It's the purpose of a >standard to describe things for the purposes of interoperability. >Arguably, it's also a layer 8 problem and we're layer 9. > >A Corp can very likely make the problem go away by throwing cash at the >problem, as well. At PGP, we liked EME2, another Rogaway protocol with >similar IP issues. We bought a license from the University of California. >It was reasonably priced. We got on with our lives. > > Jon > --B_3443427859_1233501 Content-Type: application/pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" MIIUAAYJKoZIhvcNAQcCoIIT8TCCE+0CAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHAaCC EeMwggTLMIIDs6ADAgECAgoTvp8EAAAAAEiAMA0GCSqGSIb3DQEBCwUAMFExCzAJBgNVBAYT AlVTMR8wHQYDVQQKExZNSVQgTGluY29sbiBMYWJvcmF0b3J5MQwwCgYDVQQLEwNQS0kxEzAR BgNVBAMTCk1JVExMIENBLTIwHhcNMTIwNzE2MTgwNzA2WhcNMTMwNzE2MTgwNzA2WjBhMQsw CQYDVQQGEwJVUzEfMB0GA1UEChMWTUlUIExpbmNvbG4gTGFib3JhdG9yeTEPMA0GA1UECxMG UGVvcGxlMSAwHgYDVQQDExdCbHVtZW50aGFsLlVyaS41MDAxMDU4NDCCASIwDQYJKoZIhvcN AQEBBQADggEPADCCAQoCggEBALQbhERcgi7bVsw6WLXunsi9ymPD09JMrF1iGlCDF4ZO1+W5 Lp6znDFyubLdbP3qikgcXWfByMzsHUzoSQD1Bp9O7mKa656rMu3mez/ItydJBw/LMZYSYc+6 4DB4KuzvA2DnTaQ41I0SqFE0DrksfBi8ePO/Xv7PQRNUl45Y7VSB6xoA7DfTZO5IZ4e6Om90 /AnVBE+aee40kxvmDWGr1jvFxv/gSvQA3PxcwnCxzn699bpAtz8VUdfTsewhy+g5OonBLSzg I/yIyCd6g2eQQcw6g10eQJopUnoKv1o0TIss1pwK5SZG3mM2FCFECL1vV8NMTQ4AuS3OSO7i 3AX2g1cCAwEAAaOCAZMwggGPMB0GA1UdDgQWBBSw8IXAP4OJKTOqBKNPgRR1LceLVzAOBgNV HQ8BAf8EBAMCBsAwHwYDVR0jBBgwFoAUjkp9iaFjFxyBiDRXNyZFXhmKfiQwMwYDVR0fBCww KjAooCagJIYiaHR0cDovL2NybC5sbC5taXQuZWR1L2dldGNybC9MTENBMjBiBggrBgEFBQcB AQRWMFQwLQYIKwYBBQUHMAKGIWh0dHA6Ly9jcmwubGwubWl0LmVkdS9nZXR0by9MTENBMjAj BggrBgEFBQcwAYYXaHR0cDovL29jc3AubGwubWl0LmVkdS8wDAYDVR0TAQH/BAIwADA9Bgkr BgEEAYI3FQcEMDAuBiYrBgEEAYI3FQiDg+Udh+ynZoathxWD6vBFhbahHx2Fy94yh/+KcwIB ZAIBBTAiBgNVHSUBAf8EGDAWBggrBgEFBQcDBAYKKwYBBAGCNwoDDDAYBgNVHSAEETAPMA0G CyqGSIb3EgIBAwEIMBkGA1UdEQQSMBCBDnVyaUBsbC5taXQuZWR1MA0GCSqGSIb3DQEBCwUA A4IBAQCheTHY3ppuUbzU5Quma4TR1Rhr0r+BfIMJyrfrmA9gNIoFzK0MbK1xxRv/9Nz/9sRQ ukIWIIfjyQlNDIiCl+8yut3V31v5NW+T0NB4GGIYicWI+ID8tBfvaHaniZ+bP/wEsZMOPq1J kh4E28mRAsHMuYhu6kraGj0yRi4Y3zuxJIeRN7NGYFCglFaPSeOQ33m0o5oyyMNfdDcDX7T/ 3pSSNFk/gAcPoI+XvC0sXS2cVYqvDGwzsT58M+6jvg0FDb8z/BIO2OL2KpO+ojeNSNud4Cf4 7gEpChuvx36vgLLq+J1s9BIXKk7FVAIdbD5KKnO/HiDpqamScI6p3Lc3PQZuMIIEtzCCA5+g AwIBAgIBFDANBgkqhkiG9w0BAQsFADBUMQswCQYDVQQGEwJVUzEfMB0GA1UEChMWTUlUIExp bmNvbG4gTGFib3JhdG9yeTEMMAoGA1UECxMDUEtJMRYwFAYDVQQDEw1NSVRMTCBSb290IENB MB4XDTA5MTIxNDEyMDAwMFoXDTE1MTIzMTIzNTk1OVowUTELMAkGA1UEBhMCVVMxHzAdBgNV BAoTFk1JVCBMaW5jb2xuIExhYm9yYXRvcnkxDDAKBgNVBAsTA1BLSTETMBEGA1UEAxMKTUlU TEwgQ0EtMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKcEyyNhSIfsN6AzBwVh Zkzo6SdjNGAQ7mA2A8T0kmdCB8MH6jWjVVMwFZwlg9cgjgLKEuEO9KN8K9M8jgeZEMoinlRf k3YELPC7sEkkzBQkcVpLhEwALue9iHowgSLGmXZpYKmRhfvhvYJ4MNCuIaWpcK/GaDZCE+U2 aTg42kv/zQrH3AoqFX81OF7niwXNnanP1hQRfkMTRrnaEW8DX0TMaG/t9Ry5xSMrLTNc9DvQ tjA5ZcuWnECiUpyDBFWxLr9yx7xgf1/LwgCxcoBeKSBBoWzkQmKAsgMo9Mq1Fp/nnIqw5FKm gOs7Vy+6e0Dk+cgf+oAV8AK8ZFMQrVE0uH0CAwEAAaOCAZUwggGRMBIGA1UdEwEB/wQIMAYB Af8CAQAwHQYDVR0OBBYEFI5KfYmhYxccgYg0VzcmRV4Zin4kMB8GA1UdIwQYMBaAFGeqes/0 Cqa5crWKoNKd8hDDQ+0pMA4GA1UdDwEB/wQEAwIBhjBhBggrBgEFBQcBAQRVMFMwLQYIKwYB BQUHMAKGIWh0dHA6Ly9jcmwubGwubWl0LmVkdS9nZXR0bz9MTFJDQTAiBggrBgEFBQcwAYYW aHR0cDovL29jc3AubGwubWl0LmVkdTAzBgNVHR8ELDAqMCigJqAkhiJodHRwOi8vY3JsLmxs Lm1pdC5lZHUvZ2V0Y3JsP0xMUkNBMIGSBgNVHSAEgYowgYcwDQYLKoZIhvcSAgEDAQYwDQYL KoZIhvcSAgEDAQgwDQYLKoZIhvcSAgEDAQcwDQYLKoZIhvcSAgEDAQkwDQYLKoZIhvcSAgED AQowDQYLKoZIhvcSAgEDAQswDQYLKoZIhvcSAgEDAQ4wDQYLKoZIhvcSAgEDAQ8wDQYLKoZI hvcSAgEDARAwDQYJKoZIhvcNAQELBQADggEBAIh3BqHQ/XH8C6DCL+eEGroOzxBcCqTNItms v4MANaOTodgU2jrjHcGjXlzqhpb8ZxOlkAK3dK09rc6+yACcoK2TzVtDRZXYxov/SqZRjI3d ufU2JatAPxosCyy/1otjl1TKUY47Wvft31vdf5i0XK2DQVEJ+XlqtgBiFTVIMIfBJwPajrsi z+pgFEYwhhwJxvs8flSi0FLCE77VYLEioP5hxG6zIPeQRxzh1bogbfphWHHtoiTDkBSZ4Ufv GXQTVf7QjhD5yYw10yICtjHmtgbfgBkH5/vvR92NY9RSlNPzZqmGKIia61bJCmagRYGyexfe dVNF0cJWL4J/cLHhgNYwggODMIICa6ADAgECAgEBMA0GCSqGSIb3DQEBBQUAMFQxCzAJBgNV BAYTAlVTMR8wHQYDVQQKExZNSVQgTGluY29sbiBMYWJvcmF0b3J5MQwwCgYDVQQLEwNQS0kx FjAUBgNVBAMTDU1JVExMIFJvb3QgQ0EwHhcNMDgwOTIzMTIwMDAwWhcNMjkxMjMxMjM1OTU5 WjBUMQswCQYDVQQGEwJVUzEfMB0GA1UEChMWTUlUIExpbmNvbG4gTGFib3JhdG9yeTEMMAoG A1UECxMDUEtJMRYwFAYDVQQDEw1NSVRMTCBSb290IENBMIIBIjANBgkqhkiG9w0BAQEFAAOC AQ8AMIIBCgKCAQEAxU4pF1iyJrL5rYq/XBAKg93kCTATG7Bw0NGFpEJ1A3Xsr6UIIq9/1VJB OgCwDqrVsAK1lRwy/lkrHzPkobiMr1wzjQ28SR/9sg5kAcmrMqBYbc302qtwCGKZxdNdhAh2 nUOCO10AMpUsCNdpikPY9ukT8lsA+eorM4Q1rc/L0J6AHRptOU7IuDBdZj+tdNb7gv+GKknr 6wj9m2sVGawoaG7AAqhsWvQUM/q4h/H5FpYlwnVAEh2AzhqiG9bwl6uJJIzJ/8uUWldNkVwz 1I5fR/vCaxiLXIW4oUydBuRKTG+ekEoxHGuD73yx5JtsSciS8HQL2oEM8tv+VAC+albqgwID AQABo2AwXjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRnqnrP9AqmuXK1iqDSnfIQw0Pt KTAfBgNVHSMEGDAWgBRnqnrP9AqmuXK1iqDSnfIQw0PtKTALBgNVHQ8EBAMCAYYwDQYJKoZI hvcNAQEFBQADggEBAD4bbQVg0Hh42EpYX4/JPkNS3OUAEWR/YgzZUY1QGi9rQZ4pfcjU1/Ta oNT8Y7Yf0RO+e9NiG9+BDhQH/kQiZOQo9rv9NUb8xDtKCYCad7zEQtVsYsWuvK2XLw/Ji1m2 eBvoOB4RS/5LAWfNws7W+DWt2ayzeTCyrLSrx7ZVgBjzNOm0TPIkbfppdwgxuo7FZL8ts+M2 492Al87d3VasevUS1pprRBEupChmPTt1hjtajkQOpT4BQAzP1lVEYrWzlv+O/lbP9iujKpYW cfYqQ3FGf37YCvuDeues4xm+nqmyraNsNeI8Gh3XDIwqfzHnLhy4Y80VyqN/Jj8df3SK9AAw ggTOMIIDtqADAgECAgpDgT5qAAAAADKHMA0GCSqGSIb3DQEBCwUAMFExCzAJBgNVBAYTAlVT MR8wHQYDVQQKExZNSVQgTGluY29sbiBMYWJvcmF0b3J5MQwwCgYDVQQLEwNQS0kxEzARBgNV BAMTCk1JVExMIENBLTIwHhcNMTIwMzA1MTUxODA3WhcNMTMwMzA1MTUxODA3WjBhMQswCQYD VQQGEwJVUzEfMB0GA1UEChMWTUlUIExpbmNvbG4gTGFib3JhdG9yeTEPMA0GA1UECxMGUGVv cGxlMSAwHgYDVQQDExdCbHVtZW50aGFsLlVyaS41MDAxMDU4NDCCASIwDQYJKoZIhvcNAQEB BQADggEPADCCAQoCggEBAM1hd7gYE3EAuUHpQXBAAsld4ttPFF2dJILTwLxpMAwAOeuCE2FN Qm7r5aIXSmwfYReSBSvZ01k6YOx3hqxMUJYgDTWvQ9A5OEufC3aD71g18VhHvqMs8uBEj7aX Na6dNd8V10yl4GZ4pXffNSN1Qb1S6pQ0r9NNILb+ZSevs3DGNE5rZwHxM0Ed62MjDyR4r7tL pFbkvlEFDdj8epEz7C6zEUPLyr8JjCDbLqhV4uoNdQQxweEPhSVadd5bDoT5w9OM4h4g/1hU PI/zuzp1pZLWiRigsmsCiT2YQUs3phYnRGkRzyenY3Usu+HtXtG1fSleaoeZtOqlcT01RBtP K1MCAwEAAaOCAZYwggGSMB0GA1UdDgQWBBShib6es0uFKEYxkMQRe+e7efVhBzAOBgNVHQ8B Af8EBAMCBSAwHwYDVR0jBBgwFoAUjkp9iaFjFxyBiDRXNyZFXhmKfiQwMwYDVR0fBCwwKjAo oCagJIYiaHR0cDovL2NybC5sbC5taXQuZWR1L2dldGNybC9MTENBMjBiBggrBgEFBQcBAQRW MFQwLQYIKwYBBQUHMAKGIWh0dHA6Ly9jcmwubGwubWl0LmVkdS9nZXR0by9MTENBMjAjBggr BgEFBQcwAYYXaHR0cDovL29jc3AubGwubWl0LmVkdS8wDAYDVR0TAQH/BAIwADA9BgkrBgEE AYI3FQcEMDAuBiYrBgEEAYI3FQiDg+Udh+ynZoathxWD6vBFhbahHx2F69Bwg+vtIAIBZAIB BDAlBgNVHSUEHjAcBgRVHSUABggrBgEFBQcDBAYKKwYBBAGCNwoDBDAYBgNVHSAEETAPMA0G CyqGSIb3EgIBAwEIMBkGA1UdEQQSMBCBDnVyaUBsbC5taXQuZWR1MA0GCSqGSIb3DQEBCwUA A4IBAQBqmZjWIBD5zFsLODc5rYV8zKQKukfF+u4DpNFzEHbCjNn1TBLBa0HVy1kLBA1ZwQPi cOw/XFgW8GHJo6Zpnd0NWwr02KbzJEn3wm5NmYWRTvuW9ld9O8/vkoPl0EmOfCbLoeQHNiEM lkBgoiC3nx54JaUTubWVcY7/caYldaT+VllH+y3PDB5yfO0YnAXkDbDqr+OBAM7dRe0QhcgS ZxTcRnrWGTUHwVV1yl4+Mxc++V1iLX1HdC1IdfKYHhswJbKOteuuCRLuhbKLpX/+y5cl6I/w 9u44Y86l34NExCasoNebcTzSVR5bKEWGhbntpDULl8cLMzXGlPQ5Oh614HeSMYIB5TCCAeEC AQEwXzBRMQswCQYDVQQGEwJVUzEfMB0GA1UEChMWTUlUIExpbmNvbG4gTGFib3JhdG9yeTEM MAoGA1UECxMDUEtJMRMwEQYDVQQDEwpNSVRMTCBDQS0yAgoTvp8EAAAAAEiAMAkGBSsOAwIa BQCgXTAjBgkqhkiG9w0BCQQxFgQUPP2lIXUYXXwoTM6EZqo4lN3wXmQwGAYJKoZIhvcNAQkD MQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMTMwMjExMTY0NDE5WjANBgkqhkiG9w0B AQEFAASCAQBJA1qR+MgIcWo2wPdf0iNnQrXvR91nfXHT6eUuFMIG8r2MijcLewz6AWqBY5hp FsKxV2ZWbktw7hh9i80hkNC0k/AklA9jUQqkTpsMAMX0tWQW0u7dhJ7P/j3/3C11iSFfdMFC tOl/AKcrVmVGiqWPDNdq7jC3LFKJQfU78yjidQ5vq2cO+Mr3wsgpXwKpUaHEYPNKh4SN+C87 U6wJ41Pta4sXRQT8k1YSTJngerjQgggOlw9jDi6H30gLh9Ljc7ukbJafRR3ncX/qgNiWYk6U Ge/UacmO7Q0G6WgQml3m6KKXuSK0kDy7Ghx5Ja37wemB/4GB1uok+J6BM54vjHhQ --B_3443427859_1233501-- From ted@krovetz.net Mon Feb 11 10:25:16 2013 Return-Path: X-Original-To: cfrg@ietfa.amsl.com Delivered-To: cfrg@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 587A221F8A64 for ; Mon, 11 Feb 2013 10:25:16 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.8 X-Spam-Level: X-Spam-Status: No, score=-2.8 tagged_above=-999 required=5 tests=[AWL=-0.000, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1, SARE_SUB_RAND_LETTRS4=0.799] Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id si-nieTIUTPQ for ; Mon, 11 Feb 2013 10:25:15 -0800 (PST) Received: from mail-pa0-f53.google.com (mail-pa0-f53.google.com [209.85.220.53]) by ietfa.amsl.com (Postfix) with ESMTP id 618C221F8971 for ; Mon, 11 Feb 2013 10:25:15 -0800 (PST) Received: by mail-pa0-f53.google.com with SMTP id bg4so3147732pad.40 for ; Mon, 11 Feb 2013 10:25:15 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=x-received:content-type:mime-version:subject:from:in-reply-to:date :content-transfer-encoding:message-id:references:to:x-mailer :x-gm-message-state; bh=FbGlYdAyytN4oC/EWwgsXI/iZKMosa/cAXCtHWFGXPI=; b=lCWCz1P8uJdTCStM4pXHbAPMJnGrXUaBpl3SPnct5OJDcLn9clCe3uPUU+J0WHFq1/ S1pJD9nT4WLpejYsHaMWMStgz6AKhUhldEwMaWdbhLaA8ih929feSfXBVpzV4e0Wf2M9 UVydMeqE5sBBsw0qNAcEeC3nbIrMD8+0IUr0uYetKC0eDXxyvz4DM73gX68YYb4kah1Z dGq5sxEOiANfu+7inTMkD0659Wnzvu93kpjs9FehoIat89+J19EioaRPf6c05m//1iZv oFxGQZYiVXcECtZDc/4pwQSBNyyJHkqQzPzaUekoywYl1Uaxmc7YO1ff2inchT2//8qg znsg== X-Received: by 10.66.80.65 with SMTP id p1mr43145860pax.20.1360607114714; Mon, 11 Feb 2013 10:25:14 -0800 (PST) Received: from isis.ecs.csus.edu ([130.86.68.216]) by mx.google.com with ESMTPS id l5sm68345729pax.10.2013.02.11.10.25.12 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Mon, 11 Feb 2013 10:25:13 -0800 (PST) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 6.2 \(1499\)) From: Ted Krovetz In-Reply-To: Date: Mon, 11 Feb 2013 10:25:08 -0800 Content-Transfer-Encoding: quoted-printable Message-Id: <55C321FD-44CA-43D5-B422-E16CC9D3640B@krovetz.net> References: To: "cfrg@irtf.org" X-Mailer: Apple Mail (2.1499) X-Gm-Message-State: ALoCoQmC/YQzpTzdYLIc+Byf8LrJ86OVzkB8wf3P4GkRtyTjgqfZb95/4wVrgz3GMNf5YTkdN7cd Subject: Re: [Cfrg] RG Last Call - draft-irtf-cfrg-ocb-00 X-BeenThere: cfrg@irtf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Crypto Forum Research Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Feb 2013 18:25:16 -0000 > I'd still like to see clarifications (answers to my example questions) > regarding License 1. I'm going to pass your thorny license questions off to Phil. I'll = continue to manage any comments on the RFC draft itself. Any comments on the draft? Thanks, Ted= From simon@josefsson.org Mon Feb 11 11:34:45 2013 Return-Path: X-Original-To: cfrg@ietfa.amsl.com Delivered-To: cfrg@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AD80021F8891 for ; Mon, 11 Feb 2013 11:34:45 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -99.11 X-Spam-Level: X-Spam-Status: No, score=-99.11 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FH_HOST_EQ_D_D_D_D=0.765, HELO_MISMATCH_COM=0.553, HOST_EQ_STATICB=1.372, SARE_SUB_RAND_LETTRS4=0.799, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1F08ME7IX9QM for ; Mon, 11 Feb 2013 11:34:45 -0800 (PST) Received: from yxa-v.extundo.com (static-213-115-179-173.sme.bredbandsbolaget.se [213.115.179.173]) by ietfa.amsl.com (Postfix) with ESMTP id E193C21F8884 for ; Mon, 11 Feb 2013 11:34:43 -0800 (PST) Received: from latte.josefsson.org (host-95-192-94-70.mobileonline.telia.com [95.192.94.70]) (authenticated bits=0) by yxa-v.extundo.com (8.14.3/8.14.3/Debian-5+lenny1) with ESMTP id r1BJYaBF006991 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Mon, 11 Feb 2013 20:34:38 +0100 From: Simon Josefsson To: Ted Krovetz References: <55C321FD-44CA-43D5-B422-E16CC9D3640B@krovetz.net> OpenPGP: id=B565716F; url=http://josefsson.org/key.txt X-Hashcash: 1:22:130211:ted@krovetz.net::hoTpLrIxZxfXPUYi:ayD X-Hashcash: 1:22:130211:cfrg@irtf.org::+RqzdRcWCfgEJAsI:3zit Date: Mon, 11 Feb 2013 20:34:31 +0100 In-Reply-To: <55C321FD-44CA-43D5-B422-E16CC9D3640B@krovetz.net> (Ted Krovetz's message of "Mon, 11 Feb 2013 10:25:08 -0800") Message-ID: <87a9ra7igo.fsf@latte.josefsson.org> User-Agent: Gnus/5.130006 (Ma Gnus v0.6) Emacs/24.2 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-Virus-Scanned: clamav-milter 0.97.3 at yxa-v X-Virus-Status: Clean Cc: "cfrg@irtf.org" Subject: Re: [Cfrg] RG Last Call - draft-irtf-cfrg-ocb-00 X-BeenThere: cfrg@irtf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Crypto Forum Research Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Feb 2013 19:34:45 -0000 Ted Krovetz writes: > Any comments on the draft? The references [OCB1], [OCB2], [OCB3] are not found in the References section. Maybe they are [5], [4], and [3] respectively? /Simon From simon@josefsson.org Mon Feb 11 11:51:15 2013 Return-Path: X-Original-To: cfrg@ietfa.amsl.com Delivered-To: cfrg@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1BFCC21F879B for ; Mon, 11 Feb 2013 11:51:15 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -99.11 X-Spam-Level: X-Spam-Status: No, score=-99.11 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FH_HOST_EQ_D_D_D_D=0.765, HELO_MISMATCH_COM=0.553, HOST_EQ_STATICB=1.372, SARE_SUB_RAND_LETTRS4=0.799, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kA5bf5NfMXcr for ; Mon, 11 Feb 2013 11:51:14 -0800 (PST) Received: from yxa-v.extundo.com (static-213-115-179-173.sme.bredbandsbolaget.se [213.115.179.173]) by ietfa.amsl.com (Postfix) with ESMTP id 2A22F21F8799 for ; Mon, 11 Feb 2013 11:51:13 -0800 (PST) Received: from latte.josefsson.org (host-95-192-94-70.mobileonline.telia.com [95.192.94.70]) (authenticated bits=0) by yxa-v.extundo.com (8.14.3/8.14.3/Debian-5+lenny1) with ESMTP id r1BJouQj007846 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Mon, 11 Feb 2013 20:51:01 +0100 From: Simon Josefsson To: Ted Krovetz References: <87ehgn6qve.fsf@latte.josefsson.org> <7B8030E4-6716-428D-8573-6B725FFCFB27@krovetz.net> OpenPGP: id=B565716F; url=http://josefsson.org/key.txt X-Hashcash: 1:22:130211:ted@krovetz.net::7vz8tCJO8vZd3bpP:8lDe X-Hashcash: 1:22:130211:cfrg@irtf.org::la2AlEgAv6nwFsRo:F1aF Date: Mon, 11 Feb 2013 20:50:50 +0100 In-Reply-To: <7B8030E4-6716-428D-8573-6B725FFCFB27@krovetz.net> (Ted Krovetz's message of "Mon, 11 Feb 2013 08:20:21 -0800") Message-ID: <87621y7hph.fsf@latte.josefsson.org> User-Agent: Gnus/5.130006 (Ma Gnus v0.6) Emacs/24.2 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-Virus-Scanned: clamav-milter 0.97.3 at yxa-v X-Virus-Status: Clean Cc: "cfrg@irtf.org" Subject: Re: [Cfrg] RG Last Call - draft-irtf-cfrg-ocb-00 X-BeenThere: cfrg@irtf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Crypto Forum Research Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Feb 2013 19:51:15 -0000 Ted Krovetz writes: >> "No Discrimination Against Fields of Endeavor" > > License 1 has no such restriction. Only License 2 does. Since you are > free to choose which license you wish to abide by, I don't see any > reason you couldn't use OCB under License 1 in your work. License 1 explicitly does not cover implementations in "embedded systems", presumably leaving such use unlicensed. My implementations are frequently used in embedded systems, and I want my license to permit that. Thus, I cannot read license 1 in any other way than that some fields of endeavor (e.g., embedded systems) are discriminated against. As a consequence, neither license 1 nor license 2 appear to be usable by my implementations. While the intent may have been good, I believe the wording of the current license is a problem for anyone contemplating using OCB. /Simon From kmigoe@nsa.gov Mon Feb 11 11:52:01 2013 Return-Path: X-Original-To: cfrg@ietfa.amsl.com Delivered-To: cfrg@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 93ABB21F88FD for ; Mon, 11 Feb 2013 11:52:00 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -9.379 X-Spam-Level: X-Spam-Status: No, score=-9.379 tagged_above=-999 required=5 tests=[AWL=-0.820, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8, SARE_LWSHORTT=1.24, SARE_SUB_RAND_LETTRS4=0.799] Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sKPNIl6WJddk for ; Mon, 11 Feb 2013 11:51:57 -0800 (PST) Received: from nsa.gov (emvm-gh1-uea08.nsa.gov [63.239.67.9]) by ietfa.amsl.com (Postfix) with ESMTP id E16F421F883C for ; Mon, 11 Feb 2013 11:51:55 -0800 (PST) X-TM-IMSS-Message-ID: <4e0a8c240008bb95@nsa.gov> Received: from MSHT-GH1-UEA01.corp.nsa.gov ([10.215.227.18]) by nsa.gov ([63.239.67.9]) with ESMTP (TREND IMSS SMTP Service 7.1; TLSv1/SSLv3 AES128-SHA (128/128)) id 4e0a8c240008bb95 ; Mon, 11 Feb 2013 14:50:46 -0500 Received: from MSMR-GH1-UEA07.corp.nsa.gov (10.215.224.5) by MSHT-GH1-UEA01.corp.nsa.gov (10.215.227.18) with Microsoft SMTP Server (TLS) id 14.1.289.1; Mon, 11 Feb 2013 14:51:53 -0500 Received: from MSMR-GH1-UEA03.corp.nsa.gov ([10.215.224.3]) by MSMR-GH1-UEA07.corp.nsa.gov ([10.215.224.5]) with mapi id 14.01.0289.001; Mon, 11 Feb 2013 14:51:53 -0500 From: "Igoe, Kevin M." To: 'Ted Krovetz' , "cfrg@irtf.org" Thread-Topic: [Cfrg] RG Last Call - draft-irtf-cfrg-ocb-00 Thread-Index: Ac4Dspy9Udf6dIL6TC+F69Worz8/1QAVw9uAAAO0wgABGkG6wA== Date: Mon, 11 Feb 2013 19:51:52 +0000 Message-ID: <3C4AAD4B5304AB44A6BA85173B4675CA6AAABFAA@MSMR-GH1-UEA03.corp.nsa.gov> References: <9BBAB802-CF3A-4DA0-B092-4F45B202C54F@krovetz.net> In-Reply-To: <9BBAB802-CF3A-4DA0-B092-4F45B202C54F@krovetz.net> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.215.224.46] Content-Type: multipart/alternative; boundary="_000_3C4AAD4B5304AB44A6BA85173B4675CA6AAABFAAMSMRGH1UEA03cor_" MIME-Version: 1.0 Subject: Re: [Cfrg] RG Last Call - draft-irtf-cfrg-ocb-00 X-BeenThere: cfrg@irtf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Crypto Forum Research Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Feb 2013 19:52:01 -0000 --_000_3C4AAD4B5304AB44A6BA85173B4675CA6AAABFAAMSMRGH1UEA03cor_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable For sake of completeness, here are the IETF/IRTF IPR rules (http://irtf.org= /ipr): -------------------------------------------------------------------- The IRTF follows the IETF Intellectual Property Rights (IPR) disclosure rul= es. This is a summary of these rules as they relate to IRTF research group disc= ussions, mailing lists and Internet Drafts: * If you include your own or your employer's IPR in a contribution to= an IRTF research group, then you must file an IPR disclosure with the= IETF. * If you recognize your own or your employer's IPR in someone else's contribution and you are participating in the discussions in the research group relating to that contribution, then you must file an IPR disclosure with the IETF. Even if you are not participating in the discussion, the IRT= F still requests that you file an IPR disclosure with the IETF. * Finally, the IRTF requests that you file an IPR disclosure with the= IETF if you recognize IPR owned by others in any IRTF contribution. The IRTF expects that you file IPR disclosures in a timely manner, i.e., in= a period measured in days or weeks, not months. The IRTF prefers that the most liber= al licensing terms possible are available for IRTF Stream documents, see RFC 5743. You m= ay file an IPR disclosure here: http://www.ietf.org/ipr/file-disclosure. As long as the mailing list and authors agree that the IPR statement clearl= y lays out the IPR situation correctly and unambiguously, the IPR can pretty = much say what it wants to say. The "liberal licensing terms" mentioned above ar= e a suggestion, not a requirement. Implementers are free to leave or take the OCB and its licensing conditions= as their legal console advises. I am not a lawyer, not do I play one on TV, bu= t a quick look at the patent office site seems to show all of the OCB patents c= haining back to a patent filed in 2001. To the best of my understanding this means = both the patents and the licensing constraints should vanish in the year 2021 (if so= , the IPR statement should consider mentioning this). Hence licensing concerns for O= CB are a reasonably "short term" issue. > -----Original Message----- > From: cfrg-bounces@irtf.org [mailto:cfrg-bounces@irtf.org] On Behalf Of > Ted Krovetz > Sent: Tuesday, February 05, 2013 5:18 PM > To: cfrg@irtf.org > Subject: Re: [Cfrg] RG Last Call - draft-irtf-cfrg-ocb-00 > > Phil has issued broad licenses for OCB, allowing open-source software > implementations and software implementations in non-military contexts > and non-commercial non-military hardware implementations. The licenses > are at > > http://www.cs.ucdavis.edu/~rogaway/ocb/license.htm > > It is my understanding -- correct me if I'm wrong -- that IP > disclosures do not go directly in the RFC but instead get disclosed to > the IETF along with the RFC submission. This has been done and the > disclosures are at > > > https://datatracker.ietf.org/ipr/search/?option=3Ddocument_search&id_docu > ment_tag=3Ddraft-krovetz-ocb > > There is a study of OCB performance vs other AE schemes which includes > AES-NI on Westmere hardware. > > http://www.cs.ucdavis.edu/~rogaway/ocb/ocb-doc.htm > http://www.cs.ucdavis.edu/~rogaway/ocb/performance > > These have not been updated for Sandy Bridge or Ivy Bridge. I can tell > you that under Sandy Bridge OCB takes just 0.87 cycles per byte when > processing 4KB messages. The fastest GHASH implementation I know about > is Andy Polyakov's OpenSSL implementation that runs at 2.0 cycles per > byte (just for GCM's hashing, you'd have to add the cost of encryption > to get GCM's overall speed). Sandy Bridge and Ivy Bridge did not > improve PCLMULQDQ performance but did improve AESENC performance, > meaning that Sandy and Ivy improved OCB's performance much more than > GCM's. > > -Ted > > > _______________________________________________ > Cfrg mailing list > Cfrg@irtf.org > http://www.irtf.org/mailman/listinfo/cfrg --_000_3C4AAD4B5304AB44A6BA85173B4675CA6AAABFAAMSMRGH1UEA03cor_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable
For sake of completeness, here are the IETF/IRTF IPR rules (http://irtf.org/ipr):
 
--------------------------------------------------------------------
= The IRTF follows the IETF Intellectual Property Rights (IPR) disclosure rul= es.
This is a summary of these rules as they relate to IRTF research group disc= ussions,
mailing lists and Internet Drafts:
=  
  • If you include your own or your employer’s IPR in a contribution = to an
    IRTF research group, then you must file an IPR disclosure with the IETF.
  • If you recognize your own or your employer’s IPR in someone el= se’s
    contribution and you are participating in the discussions in the research <= br> group relating to that contribution, then you must file an IPR disclosure <= br> with the IETF. Even if you are not participating in the discussion, the IRT= F
    still requests that you file an IPR disclosure with the IETF.
  • Fina= lly, the IRTF requests that you file an IPR disclosure with the IETF if you recognize IPR owned by others in any IRTF contribution.
= The IRTF expects that you file IPR disclosures in a timely manner, i.e., in= a period
measured in days or weeks, not months. The IRTF prefers that the most liber= al licensing
terms possible are available for IRTF Stream documents, see RFC 5743. You m= ay file an
IPR disclosure here: http://www.ietf.org/ipr/file-disclosure
.
 
 
 
 
= As long as the mailing list and authors agree that the IPR statement clearl= y
= lays out the IPR situation correctly and unambiguously, the IPR can pretty = much
= say what it wants to say.  The “liberal licensing terms” m= entioned above are a
= suggestion, not a requirement.
 
Implementers are free to leave or take the OCB and its licensing condi= tions as
their legal console advises. I am not a lawyer, not do I play one on T= V, but a
quick look at the patent office site seems to show all of the OCB pate= nts chaining
back to a patent filed in 2001. To the best of my understanding this m= eans both the
patents and the licensing constraints should vanish in the year 2021 (= if so, the IPR
statement should consider mentioning this).  Hence licensing conc= erns for OCB are
a reasonably “short term” issue. 
 
 
 
 
> -----Original Message-----
> Ted Krovetz
> Sent: Tuesday, February 05, 2013 5:18 PM
> To: cfrg@irtf.org
> Subject: Re: [Cfrg] RG Last Call - draft-irtf-cfrg-ocb-00
>
> Phil has issued broad licenses for OCB, allowing open-source soft= ware
> implementations and software implementations in non-military cont= exts
> and non-commercial non-military hardware implementations. The lic= enses
> are at
>
>
> It is my understanding -- correct me if I'm wrong -- that IP
> disclosures do not go directly in the RFC but instead get disclos= ed to
> the IETF along with the RFC submission. This has been done and th= e
> disclosures are at
>
>
> ment_tag=3Ddraft-krovetz-ocb
>
> There is a study of OCB performance vs other AE schemes which inc= ludes
> AES-NI on Westmere hardware.
>
>
> These have not been updated for Sandy Bridge or Ivy Bridge. I can= tell
> you that under Sandy Bridge OCB takes just 0.87 cycles per byte w= hen
> processing 4KB messages. The fastest GHASH implementation I know = about
> is Andy Polyakov's OpenSSL implementation that runs at 2.0 cycles= per
> byte (just for GCM's hashing, you'd have to add the cost of encry= ption
> to get GCM's overall speed). Sandy Bridge and Ivy Bridge did not<= /div>
> improve PCLMULQDQ performance but did improve AESENC performance,=
> meaning that Sandy and Ivy improved OCB's performance much more t= han
> GCM's.
>
> -Ted
>
>
> _______________________________________________
> Cfrg mailing list
> Cfrg@irtf.org
 
--_000_3C4AAD4B5304AB44A6BA85173B4675CA6AAABFAAMSMRGH1UEA03cor_-- From jon@callas.org Mon Feb 11 12:12:45 2013 Return-Path: X-Original-To: cfrg@ietfa.amsl.com Delivered-To: cfrg@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A2C9021F8797 for ; Mon, 11 Feb 2013 12:12:45 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.049 X-Spam-Level: X-Spam-Status: No, score=-1.049 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, SARE_OBFU_ALL=0.751, SARE_SUB_RAND_LETTRS4=0.799] Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4v3Y8rErNRWr for ; Mon, 11 Feb 2013 12:12:45 -0800 (PST) Received: from mail.merrymeet.com (merrymeet.com [173.164.244.100]) by ietfa.amsl.com (Postfix) with ESMTP id 1F39F21F879A for ; Mon, 11 Feb 2013 12:12:45 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by mail.merrymeet.com (Postfix) with ESMTP id 6F89B1EC50A8 for ; Mon, 11 Feb 2013 12:12:44 -0800 (PST) X-Virus-Scanned: amavisd-new at merrymeet.com Received: from mail.merrymeet.com ([127.0.0.1]) by localhost (merrymeet.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aUSqpWMlTMua for ; Mon, 11 Feb 2013 12:12:35 -0800 (PST) Received: from keys.merrymeet.com (keys.merrymeet.com [173.164.244.97]) by mail.merrymeet.com (Postfix) with ESMTPSA id 3249F1EC508C for ; Mon, 11 Feb 2013 12:12:35 -0800 (PST) Received: from [172.16.13.170] ([23.24.110.141]) by keys.merrymeet.com (PGP Universal service); Mon, 11 Feb 2013 12:12:35 -0800 X-PGP-Universal: processed; by keys.merrymeet.com on Mon, 11 Feb 2013 12:12:35 -0800 Mime-Version: 1.0 (Mac OS X Mail 6.2 \(1499\)) From: Jon Callas In-Reply-To: Date: Mon, 11 Feb 2013 12:12:36 -0800 Message-Id: <298517A6-9DD1-4FED-8EFB-8793992BF60C@callas.org> References: To: "Blumenthal, Uri - 0558 - MITLL" X-Mailer: Apple Mail (2.1499) X-PGP-Encoding-Format: Partitioned X-PGP-Encoding-Version: 2.0.2 X-Content-PGP-Universal-Saved-Content-Transfer-Encoding: quoted-printable X-Content-PGP-Universal-Saved-Content-Type: text/plain; charset=us-ascii Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: QUOTED-PRINTABLE Cc: "cfrg@irtf.org" , Jon Callas Subject: Re: [Cfrg] RG Last Call - draft-irtf-cfrg-ocb-00 X-BeenThere: cfrg@irtf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Crypto Forum Research Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Feb 2013 20:12:45 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Feb 11, 2013, at 8:44 AM, "Blumenthal, Uri - 0558 - MITLL" wrote: > * PGP - S/MIME Signed by an unverified key: 02/11/2013 at 08:44:19 AM >=20 > License 1 is Open Source, and A may not be a Corp (like PGP, Inc. is). And > if (for example) I were to develop and release some free code - I sure > wouldn't want to throw cash at this problem. Sure, but accurate documentation of a protocol for the purposes of interope= rability is orthogonal to suitability for a given business purpose. As a standards body, we're interested in the first. Obviously, if something= is so dodgy in the second that we'd be wasting our time, then there's no n= eed to waste our time. Saying that we're not interested and call us back in= 2021 is not a horrible position. Given that OCB is already used in a numbe= r of places and that we're seeing movement towards liberalization of licens= ing, I think going forward with the draft is a good thing.=20 Me -- I would like to use OCB, and am presently using CCM because of the li= censing. I am hopeful that we could discuss the use strictly on technical m= erits. Jon -----BEGIN PGP SIGNATURE----- Version: PGP Universal 3.2.0 (Build 1672) Charset: us-ascii wj8DBQFRGVCzsTedWZOD3gYRAtK0AJ0Zwdtf1az4l7nFMWRpy7xEJBVz1gCg4xz6 s4SCum/5xNOL/twitOBlrE0=3D =3Dq9Ic -----END PGP SIGNATURE----- From mcgrew@cisco.com Tue Feb 12 04:52:34 2013 Return-Path: X-Original-To: cfrg@ietfa.amsl.com Delivered-To: cfrg@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2DA1921F8D60 for ; Tue, 12 Feb 2013 04:52:34 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -110.099 X-Spam-Level: X-Spam-Status: No, score=-110.099 tagged_above=-999 required=5 tests=[AWL=-0.299, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8, SARE_SUB_RAND_LETTRS4=0.799, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id v7fhED6X9AVe for ; Tue, 12 Feb 2013 04:52:33 -0800 (PST) Received: from rcdn-iport-1.cisco.com (rcdn-iport-1.cisco.com [173.37.86.72]) by ietfa.amsl.com (Postfix) with ESMTP id 7D16F21F8D55 for ; Tue, 12 Feb 2013 04:52:33 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=1531; q=dns/txt; s=iport; t=1360673553; x=1361883153; h=from:to:subject:date:message-id:in-reply-to:content-id: content-transfer-encoding:mime-version; bh=lasc5Q1qdCcA+8KpUke2WYeroPNJKiQMMP9MKuJoiBk=; b=TvORRQeoaT8qc9PYq8OWH2a/8ABO7AdWqRiVLZH+mqfeBqjdvV1d6vMI 4jGb0JC1hrft5baAJBCJ0yE3SOEAVwewVXu4XvIGFds2KXFe+rMATFC+M A/z7Do4SOQGYiz8UUlQV9ulpwW+/a3ctb9eBeXd4zbSJDpDRvhIliP/DX w=; X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: Av8EAHc6GlGtJV2b/2dsb2JhbABEwToWc4IfAQEBAwE6UQEIIhRCJQIEARIIiAQGrn+QE5EkYQOmd4MGgic X-IronPort-AV: E=Sophos;i="4.84,650,1355097600"; d="scan'208";a="175935962" Received: from rcdn-core-4.cisco.com ([173.37.93.155]) by rcdn-iport-1.cisco.com with ESMTP; 12 Feb 2013 12:52:33 +0000 Received: from xhc-aln-x12.cisco.com (xhc-aln-x12.cisco.com [173.36.12.86]) by rcdn-core-4.cisco.com (8.14.5/8.14.5) with ESMTP id r1CCqWkk017328 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Tue, 12 Feb 2013 12:52:32 GMT Received: from xmb-rcd-x04.cisco.com ([169.254.8.112]) by xhc-aln-x12.cisco.com ([173.36.12.86]) with mapi id 14.02.0318.004; Tue, 12 Feb 2013 06:52:32 -0600 From: "David McGrew (mcgrew)" To: Ted Krovetz , "cfrg@irtf.org" Thread-Topic: [Cfrg] RG Last Call - draft-irtf-cfrg-ocb-00 Thread-Index: AQHOCEmHJvaAhcymBkmt/Ok73yAjpZh1O2KAgAADjgCAAB9PAIAA4ZQA Date: Tue, 12 Feb 2013 12:52:32 +0000 Message-ID: <747787E65E3FBD4E93F0EB2F14DB556B183DE0A2@xmb-rcd-x04.cisco.com> In-Reply-To: <55C321FD-44CA-43D5-B422-E16CC9D3640B@krovetz.net> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: user-agent: Microsoft-MacOutlook/14.2.1.120420 x-originating-ip: [10.117.10.227] Content-Type: text/plain; charset="us-ascii" Content-ID: <2B56C63977F5634689F0D1316CBB2197@cisco.com> Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Subject: Re: [Cfrg] RG Last Call - draft-irtf-cfrg-ocb-00 X-BeenThere: cfrg@irtf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Crypto Forum Research Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Feb 2013 12:52:34 -0000 Hi Ted, On 2/11/13 1:25 PM, "Ted Krovetz" wrote: > >> I'd still like to see clarifications (answers to my example questions) >> regarding License 1. > >I'm going to pass your thorny license questions off to Phil. I'll >continue to manage any comments on the RFC draft itself. > >Any comments on the draft? > >Thanks, >Ted I did another read of the draft, and put down some thoughts. This is a nicely written draft; it reads well. It clearly deserves to be published as an RFC. It would be good to have more prescriptive text about nonce use in the algorithm description. I think "OCB encryption and decryption employ a nonce N, which must be selected as a new value for each message encrypted." can be said more clearly. Perhaps "a nonce N; the value of the nonce MUST be distinct for each distinct invocation of the OCB encryption operation". In Section 4.2., after "This function computes a ciphertext (which includes a bundled authentication tag) when given a plaintext, associated data, nonce and key." I suggest adding "For each invocation of OCB-ENCRYPT, the value of the Nonce input MUST be distinct." In the security considerations, why not say 2^64 instead of 2^{128/2}? Paragraphs 3 and 4 of the Security Considerations section have a good description of the security degradation due to nonce reuse. I think it would be a good idea to make these paragraphs a separate subsection, so that they show up in the table of contents. Thanks, David From mcgrew@cisco.com Tue Feb 12 06:08:49 2013 Return-Path: X-Original-To: cfrg@ietfa.amsl.com Delivered-To: cfrg@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8B44D21F8E5E for ; Tue, 12 Feb 2013 06:08:49 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -109.8 X-Spam-Level: X-Spam-Status: No, score=-109.8 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8, SARE_SUB_RAND_LETTRS4=0.799, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9r+fffayxoYf for ; Tue, 12 Feb 2013 06:08:48 -0800 (PST) Received: from rcdn-iport-6.cisco.com (rcdn-iport-6.cisco.com [173.37.86.77]) by ietfa.amsl.com (Postfix) with ESMTP id B0CDF21F8E59 for ; Tue, 12 Feb 2013 06:08:48 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=1334; q=dns/txt; s=iport; t=1360678129; x=1361887729; h=from:to:subject:date:message-id:in-reply-to:content-id: content-transfer-encoding:mime-version; bh=8UB2OFfgh6JROt1BQ5KlHHPJnl8/Frh1IryRRb/dy+Q=; b=Mmhw4bTvSBO+9HYMyf9Gc+J5j6ISubt396PyEQ4bfJYOOrcf8gfwwmFz XSWU25g8ocsE/vPrmiJ7cgQD4/LELpGvzwoXD1VFfwTGQSOgSO7BVV96m YgWjzDfw/zUCjXrCy7iKC5od9+RxC9ixKU23FuJ1vlVT3p61WchSMn7lk s=; X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: Av8EAI5LGlGtJV2b/2dsb2JhbABEFsEkFnOCIQEEOlEBCCIUQiUBAQQBEgiICgyuf5AVkSRhA6Z3gwaCJw X-IronPort-AV: E=Sophos;i="4.84,650,1355097600"; d="scan'208";a="176180714" Received: from rcdn-core-4.cisco.com ([173.37.93.155]) by rcdn-iport-6.cisco.com with ESMTP; 12 Feb 2013 14:08:48 +0000 Received: from xhc-rcd-x13.cisco.com (xhc-rcd-x13.cisco.com [173.37.183.87]) by rcdn-core-4.cisco.com (8.14.5/8.14.5) with ESMTP id r1CE8mYU027604 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Tue, 12 Feb 2013 14:08:48 GMT Received: from xmb-rcd-x04.cisco.com ([169.254.8.112]) by xhc-rcd-x13.cisco.com ([173.37.183.87]) with mapi id 14.02.0318.004; Tue, 12 Feb 2013 08:08:48 -0600 From: "David McGrew (mcgrew)" To: Ted Krovetz , "cfrg@irtf.org" Thread-Topic: [Cfrg] RG Last Call - draft-irtf-cfrg-ocb-00 Thread-Index: Ac4Dspy9Udf6dIL6TC+F69Worz8/1QAX3EyAAAO0wgABRH5lAA== Date: Tue, 12 Feb 2013 14:08:47 +0000 Message-ID: <747787E65E3FBD4E93F0EB2F14DB556B183DE173@xmb-rcd-x04.cisco.com> In-Reply-To: <9BBAB802-CF3A-4DA0-B092-4F45B202C54F@krovetz.net> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: user-agent: Microsoft-MacOutlook/14.2.1.120420 x-originating-ip: [10.117.10.227] Content-Type: text/plain; charset="us-ascii" Content-ID: <07BD07133353AB4E8C57751DBFE36A2A@cisco.com> Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Subject: Re: [Cfrg] RG Last Call - draft-irtf-cfrg-ocb-00 X-BeenThere: cfrg@irtf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Crypto Forum Research Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Feb 2013 14:08:49 -0000 Hi Ted and Everyone, On 2/5/13 5:17 PM, "Ted Krovetz" wrote: >Phil has issued broad licenses for OCB, allowing open-source software >implementations and software implementations in non-military contexts and >non-commercial non-military hardware implementations. The licenses are at > > http://www.cs.ucdavis.edu/~rogaway/ocb/license.htm > >It is my understanding -- correct me if I'm wrong -- that IP disclosures >do not go directly in the RFC but instead get disclosed to the IETF along >with the RFC submission. This has been done and the disclosures are at > > =20 >https://datatracker.ietf.org/ipr/search/?option=3Ddocument_search&id_docum= en >t_tag=3Ddraft-krovetz-ocb That's right, the IETF process for IPR disclosures is that the disclosures are made regarding drafts and tracked as above. Ted and Phil made the appropriate IPR disclosure for Phil's patents a long time ago. The disclosures made for draft-krovetz-ocb apply to draft-irtf-cfrg-ocb as well, and will apply to the RFC also. These disclosures can be found at at the bottom of the page. Over a year ago, Phil and Ted and I invited Gligor, Donescu, and IBM to make a joint IPR statement, but unfortunately we did not hear back from them. =20 David From rogaway@cs.ucdavis.edu Tue Feb 12 23:28:12 2013 Return-Path: X-Original-To: cfrg@ietfa.amsl.com Delivered-To: cfrg@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1B56E21F886A for ; Tue, 12 Feb 2013 23:28:12 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.8 X-Spam-Level: X-Spam-Status: No, score=-1.8 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, SARE_SUB_RAND_LETTRS4=0.799] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2ViOjrUYciIJ for ; Tue, 12 Feb 2013 23:28:11 -0800 (PST) Received: from smtp.cs.ucdavis.edu (smtp.cs.ucdavis.edu [169.237.4.8]) by ietfa.amsl.com (Postfix) with ESMTP id 5873A21F855D for ; Tue, 12 Feb 2013 23:28:08 -0800 (PST) X-ASG-Debug-ID: 1360740487-04dbe80de2131c40001-UHwLLG Received: from ocb.cs.ucdavis.edu (ocb.cs.ucdavis.edu [169.237.6.151]) by smtp.cs.ucdavis.edu with ESMTP id Zohu5YplxXHwmEAs; Tue, 12 Feb 2013 23:28:07 -0800 (PST) X-Barracuda-Envelope-From: rogaway@cs.ucdavis.edu X-Barracuda-Apparent-Source-IP: 169.237.6.151 Received: from localhost (ocb.cs.ucdavis.edu [169.237.6.151]) by ocb.cs.ucdavis.edu (8.14.3/8.14.1/Debian-8ubuntu1) with ESMTP id r1D7S5Ve030759; Tue, 12 Feb 2013 23:28:07 -0800 Date: Tue, 12 Feb 2013 23:27:36 -0800 (Pacific Standard Time) From: Phillip Rogaway To: cfrg@irtf.org In-Reply-To: X-ASG-Orig-Subj: Re: RG Last Call - draft-irtf-cfrg-ocb-00 Message-ID: References: User-Agent: Alpine 2.00 (WNT 1167 2008-08-23) X-X-Sender: rogaway@rogaway-toshiba MIME-Version: 1.0 Content-Type: MULTIPART/MIXED; BOUNDARY="6993433-26260-1360740458=:82652" X-Barracuda-Connect: ocb.cs.ucdavis.edu[169.237.6.151] X-Barracuda-Start-Time: 1360740487 X-Barracuda-URL: http://169.237.4.8:8000/cgi-mod/mark.cgi X-Virus-Scanned: by bsmtpd at cs.ucdavis.edu X-Barracuda-Spam-Score: 3.38 X-Barracuda-Spam-Status: No, SCORE=3.38 using global scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=6.0 tests=BSF_SC0_MISMATCH_TO, FH_DATE_PAST_20XX X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.2.110453 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- 3.38 FH_DATE_PAST_20XX The date is grossly in the future. 0.00 BSF_SC0_MISMATCH_TO Envelope rcpt doesn't match header Subject: Re: [Cfrg] RG Last Call - draft-irtf-cfrg-ocb-00 X-BeenThere: cfrg@irtf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Crypto Forum Research Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 13 Feb 2013 07:28:12 -0000 This message is in MIME format. The first part should be readable text, while the remaining parts are likely unreadable without MIME-aware tools. --6993433-26260-1360740458=:82652 Content-Type: TEXT/PLAIN; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8BIT Thanks everyone for comments already made on the OCB Internet Draft. Ted asked me to answer some questions on the free licenses. I’m not so sure that the CFRG is the ideal place for that (I’m happier when posts deal with more technical matters), but there’s been so much talk about this that I felt I better say something. At the Real World Cryptography Workshop at Stanford last month I announced during a survey talk on authenticated encryption (AE) that my own IP in this domain would be freely licensed under broad circumstances: basically, (1) all open-source software, and (2) any commercial, non-open-source software too, as long as it’s not for military use. See http://www.cs.ucdavis.edu/~rogaway/ocb/license.htm for the text of these two licenses. They were drafted by volunteer legal aid kindly provided by Harvard’s Cyberlaw Clinic. We did try to make these licenses as simple and clear as possible, but the number of reasonable questions and scenarios that can arise is enormous, I now see. Uri asked about the situation where an entity A adds OCB to OpenSSL, and a company X comes along and drops this into their non-open-source system, which they proceed to sell to the DoD. My answer is that company X has infringed, but OpenSSL has not, nor has company A, assuming they weren’t trying to “specifically induce” the infringing use by X. Company X should buy a license (which is not half as big a deal as people seem to assume). Ted mentioned to me scenarios (I think this was from a different mailing list) where Adobe adds OCB to their Reader, or where Google adds OCB to their search engine (and of course, the military use the Reader or the search engine). An attorney tells me that whether or not the vendor has infringed depends on whether or not the software or service is “in cooperation with” or “on behalf of” the military. Allowing military use for free code or services (here, ‘free’ as in beer) is certainly possible, but I would need to explicitly expand things in that direction. Next I heard a concern that the non-military restriction runs afoul with OSI’s “no discrimination against fields of endeavor” requirement. This concern would seem to be misplaced for a couple of reasons. First, the license for open-source software doesn’t have the non-military language. Second, the licenses at opensource.org operate in the realm of copyright, not patents. As I understand it, the two things are independent. Someone else on this list asked: why open-source SW but not open-source HW. The answer is that I know nothing about the latter domain. If needed, please make a specific request (by private email) and I’ll try to make sure you’re covered. I know that some open-source projects won’t be comfortable with the IP situation surrounding AE regardless of anything I say or do. Some other open-source projects -- eg, Mosh -- have already made the opposite decision and are using OCB (which I think is great). Similarly, some companies will be satisfied with license 2; some may want a paid license; and some will want to avoid anything with patents. That last thing can be hard to achieve with anything approaching certainty. Consider that, just a few weeks ago, Intel was granted a US patent (#8,340,280) for the tricks that enable their carryless multiply NI to efficiently realize GCM. Where’s the guarantee that Intel won’t go after someone with a PCLMULDQ-based GCM implementation? Now I’m definitely not suggesting that OpenSSL rollback to a dumber GCM implementation. But troubling patent issues have become a part of our landscape. Somehow we get by. Ted and I have worked hard to evolve the ID on OCB, this following a sequence of papers about the algorithm and its performance. We’ve made the required IP disclosures to the IETF, urged other parties to do so, and, for my part, I’ve arranged for free licenses within a large domain of practice. I do hope that all this is enough for OCB to get more widely standardized and used (and preferably without having to wait for every possible patent to expire). Cheers, Phillip Rogaway --6993433-26260-1360740458=:82652-- From mcgrew@cisco.com Wed Feb 13 05:09:00 2013 Return-Path: X-Original-To: cfrg@ietfa.amsl.com Delivered-To: cfrg@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A743F21F885C for ; Wed, 13 Feb 2013 05:09:00 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -109.8 X-Spam-Level: X-Spam-Status: No, score=-109.8 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8, SARE_SUB_RAND_LETTRS4=0.799, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9xWf7qQFHPF9 for ; Wed, 13 Feb 2013 05:08:59 -0800 (PST) Received: from rcdn-iport-6.cisco.com (rcdn-iport-6.cisco.com [173.37.86.77]) by ietfa.amsl.com (Postfix) with ESMTP id B89CA21F885B for ; Wed, 13 Feb 2013 05:08:59 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=1656; q=dns/txt; s=iport; t=1360760940; x=1361970540; h=from:to:subject:date:message-id:in-reply-to:content-id: content-transfer-encoding:mime-version; bh=/3FjuZ2ZsJI3BPFGPGNpDk8DDGZYqPJY/H/ROdtBRJg=; b=d7a5eUt4kK3Ag3hsfgfZKfpHx1zVmXbRa9ELwV3f91nLdmbAPjBFHMFw D7XZnmiaOYJiR9ChqOrUxufdTu2tf/uo55o8cJOcXY1RLaLwD8I4OP2/s A1HQLk/IHcuTXvPOJOh+5Qfn4HEU1OlUBLE6wY6AuANSvu7/LMojB9gW/ c=; X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: Av4EANiPG1GtJXG+/2dsb2JhbABEDsBgFnOCIQEEgQsBKlYlAgQBEggXh3MMvm6NLoN0YQOIMJ5Hgkc/gic X-IronPort-AV: E=Sophos;i="4.84,657,1355097600"; d="scan'208";a="176608039" Received: from rcdn-core2-3.cisco.com ([173.37.113.190]) by rcdn-iport-6.cisco.com with ESMTP; 13 Feb 2013 13:08:59 +0000 Received: from xhc-rcd-x01.cisco.com (xhc-rcd-x01.cisco.com [173.37.183.75]) by rcdn-core2-3.cisco.com (8.14.5/8.14.5) with ESMTP id r1DD8x3e007015 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Wed, 13 Feb 2013 13:08:59 GMT Received: from xmb-rcd-x04.cisco.com ([169.254.8.112]) by xhc-rcd-x01.cisco.com ([173.37.183.75]) with mapi id 14.02.0318.004; Wed, 13 Feb 2013 07:08:59 -0600 From: "David McGrew (mcgrew)" To: Phillip Rogaway , "cfrg@irtf.org" Thread-Topic: intel license (was: Re: [Cfrg] RG Last Call - draft-irtf-cfrg-ocb-00) Thread-Index: AQHOCetIk/l15ZMEh0S5GzXruLiR0A== Date: Wed, 13 Feb 2013 13:08:58 +0000 Message-ID: <747787E65E3FBD4E93F0EB2F14DB556B183DEA81@xmb-rcd-x04.cisco.com> In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: user-agent: Microsoft-MacOutlook/14.2.1.120420 x-originating-ip: [10.117.10.228] Content-Type: text/plain; charset="iso-8859-1" Content-ID: <072637388364884387F05CE9970553C0@cisco.com> Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Subject: [Cfrg] intel license (was: Re: RG Last Call - draft-irtf-cfrg-ocb-00) X-BeenThere: cfrg@irtf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Crypto Forum Research Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 13 Feb 2013 13:09:00 -0000 Hi Phil, On 2/13/13 2:27 AM, "Phillip Rogaway" wrote: > >Consider that, just a few weeks ago, Intel was granted a US patent >(#8,340,280) for the tricks that enable their carryless multiply NI to >efficiently realize GCM. Where=B9s the guarantee that Intel won=B9t go af= ter >someone with a PCLMULDQ-based GCM implementation? Now I=B9m definitely not >suggesting that OpenSSL rollback to a dumber GCM implementation. But >troubling patent issues have become a part of our landscape. Somehow we >get by. Intel has released a GCM implementation that uses PCLMULDQ and granted its use under a BSD-style license = . It says: Copyright =A9 2012, Intel Corporation All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. Neither the name of the Intel Corporation nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. Like you, I would rather be discussing technical issues, but I wanted to pass along the relevant info to people who might be interested. David From ted@krovetz.net Wed Feb 13 07:56:00 2013 Return-Path: X-Original-To: cfrg@ietfa.amsl.com Delivered-To: cfrg@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2DFC121F87BA for ; Wed, 13 Feb 2013 07:56:00 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.8 X-Spam-Level: X-Spam-Status: No, score=-2.8 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1, SARE_SUB_RAND_LETTRS4=0.799] Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8GE3PS+0FAbf for ; Wed, 13 Feb 2013 07:55:59 -0800 (PST) Received: from mail-pa0-f49.google.com (mail-pa0-f49.google.com [209.85.220.49]) by ietfa.amsl.com (Postfix) with ESMTP id 96BEB21F86E8 for ; Wed, 13 Feb 2013 07:55:56 -0800 (PST) Received: by mail-pa0-f49.google.com with SMTP id kp6so781285pab.36 for ; Wed, 13 Feb 2013 07:55:56 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=x-received:content-type:mime-version:subject:from:in-reply-to:date :content-transfer-encoding:message-id:references:to:x-mailer :x-gm-message-state; bh=vlL21g6p/6fI/oHbTpCdQsNnjOaQhJo8r+l27KvawK4=; b=QWpL3Hdk5UlW6YjGmqH2Gbi/kjE/JbKPVTHUf/gjW1rz9L78leSbdhhfWcClMeVVdb 9mllMHBTZ1Yq/GwDqswBCe3IiOSNseDaIDdKPFEt0tuA98AxLIor1MLzQEsl3e0A0N5X ygv3Z7hqhUc0pdUo0layDgE9A8gz8AXZsWDfd1zJG/Lu+8bOP9hmhZ/8sw2tgagwDtMK 7wz023YqINI3kDa9xRndTxiiwLIvRS9Ldriq727GYQt9n5eJBS36yHtoIYiN5bPBZljJ HI9KbC09jcA+6QPsAtK35yuVmppdMBMywzziTkNONbxS0grZCv6Y2a5HkT7bwBHKTNV2 SsdQ== X-Received: by 10.66.82.67 with SMTP id g3mr64551037pay.58.1360770955942; Wed, 13 Feb 2013 07:55:55 -0800 (PST) Received: from isis.ecs.csus.edu ([130.86.68.216]) by mx.google.com with ESMTPS id o1sm7589171pax.2.2013.02.13.07.55.54 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Wed, 13 Feb 2013 07:55:54 -0800 (PST) Content-Type: text/plain; charset=iso-8859-1 Mime-Version: 1.0 (Mac OS X Mail 6.2 \(1499\)) From: Ted Krovetz In-Reply-To: <747787E65E3FBD4E93F0EB2F14DB556B183DEA81@xmb-rcd-x04.cisco.com> Date: Wed, 13 Feb 2013 07:55:52 -0800 Content-Transfer-Encoding: quoted-printable Message-Id: <1CB36B31-C730-4E59-A8E3-DE3B3AFC48BE@krovetz.net> References: <747787E65E3FBD4E93F0EB2F14DB556B183DEA81@xmb-rcd-x04.cisco.com> To: "cfrg@irtf.org" X-Mailer: Apple Mail (2.1499) X-Gm-Message-State: ALoCoQk1aMbbWG3RB3eReiK6LA8tooOnGjPlxEL+3sJ1FcynmgAXBIxIdqI42KmfEUgb06YswmXC Subject: Re: [Cfrg] intel license (was: Re: RG Last Call - draft-irtf-cfrg-ocb-00) X-BeenThere: cfrg@irtf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Crypto Forum Research Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 13 Feb 2013 15:56:00 -0000 > Intel has released a GCM implementation that uses PCLMULDQ and granted = its > use under a BSD-style license I believe this style of license is saying that you have permission to = use the code -- thus you are not violating copyright by using it. But = there is no explicit patent grant from Intel in the license. If you want to use a patented algorithm, you need both source code to = execute and a grant to use the invention. This BSD-style license gives = access to Intel's code, but is there a patent grant somewhere allowing = us to use the invention too? Phil's patent grant is giving lots and lots of people free use of his = invention, and my OCB source code has a BSD-style license attached, = allowing free use of an implementation. You really need both to use = something patented. -Ted= From prvs=5756adbbc7=uri@ll.mit.edu Wed Feb 13 12:40:38 2013 Return-Path: X-Original-To: cfrg@ietfa.amsl.com Delivered-To: cfrg@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B5A3C21E8055 for ; Wed, 13 Feb 2013 12:40:38 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -5.506 X-Spam-Level: X-Spam-Status: No, score=-5.506 tagged_above=-999 required=5 tests=[AWL=0.293, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, SARE_SUB_RAND_LETTRS4=0.799, UNPARSEABLE_RELAY=0.001] Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id krafrlPruK0c for ; Wed, 13 Feb 2013 12:40:37 -0800 (PST) Received: from mx2.ll.mit.edu (MX2.LL.MIT.EDU [129.55.12.46]) by ietfa.amsl.com (Postfix) with ESMTP id 8524421E803D for ; Wed, 13 Feb 2013 12:40:37 -0800 (PST) Received: from LLE2K7-HUB02.mitll.ad.local (LLE2K7-HUB02.mitll.ad.local) by mx2.ll.mit.edu (unknown) with ESMTP id r1DKeMTx008477; Wed, 13 Feb 2013 15:40:35 -0500 From: "Blumenthal, Uri - 0558 - MITLL" To: Ted Krovetz , "cfrg@irtf.org" Date: Wed, 13 Feb 2013 15:33:29 -0500 Thread-Topic: [Cfrg] intel license (was: Re: RG Last Call - draft-irtf-cfrg-ocb-00) Thread-Index: Ac4KKWNupXvGGcLPQiuaXSHivX8Hfw== Message-ID: In-Reply-To: <1CB36B31-C730-4E59-A8E3-DE3B3AFC48BE@krovetz.net> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: yes X-MS-TNEF-Correlator: user-agent: Microsoft-MacOutlook/14.2.5.121010 acceptlanguage: en-US Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha1; boundary="B_3443614409_12402440" MIME-Version: 1.0 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.9.8327, 1.0.431, 0.0.0000 definitions=2013-02-13_03:2013-02-13, 2013-02-13, 1970-01-01 signatures=0 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 ipscore=0 suspectscore=9 phishscore=0 bulkscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=6.0.2-1211240000 definitions=main-1302130184 Subject: Re: [Cfrg] intel license (was: Re: RG Last Call - draft-irtf-cfrg-ocb-00) X-BeenThere: cfrg@irtf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Crypto Forum Research Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 13 Feb 2013 20:40:38 -0000 --B_3443614409_12402440 Content-type: text/plain; charset="US-ASCII" Content-transfer-encoding: 7bit Of course Intel has a ton of patents around their CPU and instruction set, granted - including this one for doing those weird multiplications. But who in the right mind can imagine Intel suing a software developer (not a chip cloner!) for using an instruction from the CPU instruction set? Let's not be ridiculous, OK? The _license_ (not a copyright) quoted by David is both clear enough and permissive enough. FUD aside, it seems painfully obvious that anybody can write code using Intel AESNI instructions (and other IA64 instructions too, if it matters) without legal repercussions. On top of that, Intel allows unrestricted use of their ("highly optimized") assembly code that implements GCM and uses AESNI instructions. AESNI-assisted GCM is fast enough for at least some of us, and free enough for all of us to use. OCB has legal restrictions. Call me back in 2021? P.S. If you plan to start a company (say, Outtel :) and clone an Intel CPU chip - then you would probably hear from Intel lawyers, and this patent #8,340,280 could be one of the many thrown at you. :-) -- Regards, Uri Blumenthal On 2/13/13 10:55 , "Ted Krovetz" wrote: > >> Intel has released a GCM implementation that uses PCLMULDQ and granted >>its >> use under a BSD-style license > >I believe this style of license is saying that you have permission to use >the code -- thus you are not violating copyright by using it. But there >is no explicit patent grant from Intel in the license. > >If you want to use a patented algorithm, you need both source code to >execute and a grant to use the invention. This BSD-style license gives >access to Intel's code, but is there a patent grant somewhere allowing us >to use the invention too? > >Phil's patent grant is giving lots and lots of people free use of his >invention, and my OCB source code has a BSD-style license attached, >allowing free use of an implementation. You really need both to use >something patented. > >-Ted >_______________________________________________ >Cfrg mailing list >Cfrg@irtf.org >http://www.irtf.org/mailman/listinfo/cfrg --B_3443614409_12402440 Content-Type: application/pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" MIIUAAYJKoZIhvcNAQcCoIIT8TCCE+0CAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHAaCC EeMwggTLMIIDs6ADAgECAgoTvp8EAAAAAEiAMA0GCSqGSIb3DQEBCwUAMFExCzAJBgNVBAYT AlVTMR8wHQYDVQQKExZNSVQgTGluY29sbiBMYWJvcmF0b3J5MQwwCgYDVQQLEwNQS0kxEzAR BgNVBAMTCk1JVExMIENBLTIwHhcNMTIwNzE2MTgwNzA2WhcNMTMwNzE2MTgwNzA2WjBhMQsw CQYDVQQGEwJVUzEfMB0GA1UEChMWTUlUIExpbmNvbG4gTGFib3JhdG9yeTEPMA0GA1UECxMG UGVvcGxlMSAwHgYDVQQDExdCbHVtZW50aGFsLlVyaS41MDAxMDU4NDCCASIwDQYJKoZIhvcN AQEBBQADggEPADCCAQoCggEBALQbhERcgi7bVsw6WLXunsi9ymPD09JMrF1iGlCDF4ZO1+W5 Lp6znDFyubLdbP3qikgcXWfByMzsHUzoSQD1Bp9O7mKa656rMu3mez/ItydJBw/LMZYSYc+6 4DB4KuzvA2DnTaQ41I0SqFE0DrksfBi8ePO/Xv7PQRNUl45Y7VSB6xoA7DfTZO5IZ4e6Om90 /AnVBE+aee40kxvmDWGr1jvFxv/gSvQA3PxcwnCxzn699bpAtz8VUdfTsewhy+g5OonBLSzg I/yIyCd6g2eQQcw6g10eQJopUnoKv1o0TIss1pwK5SZG3mM2FCFECL1vV8NMTQ4AuS3OSO7i 3AX2g1cCAwEAAaOCAZMwggGPMB0GA1UdDgQWBBSw8IXAP4OJKTOqBKNPgRR1LceLVzAOBgNV HQ8BAf8EBAMCBsAwHwYDVR0jBBgwFoAUjkp9iaFjFxyBiDRXNyZFXhmKfiQwMwYDVR0fBCww KjAooCagJIYiaHR0cDovL2NybC5sbC5taXQuZWR1L2dldGNybC9MTENBMjBiBggrBgEFBQcB AQRWMFQwLQYIKwYBBQUHMAKGIWh0dHA6Ly9jcmwubGwubWl0LmVkdS9nZXR0by9MTENBMjAj BggrBgEFBQcwAYYXaHR0cDovL29jc3AubGwubWl0LmVkdS8wDAYDVR0TAQH/BAIwADA9Bgkr BgEEAYI3FQcEMDAuBiYrBgEEAYI3FQiDg+Udh+ynZoathxWD6vBFhbahHx2Fy94yh/+KcwIB ZAIBBTAiBgNVHSUBAf8EGDAWBggrBgEFBQcDBAYKKwYBBAGCNwoDDDAYBgNVHSAEETAPMA0G CyqGSIb3EgIBAwEIMBkGA1UdEQQSMBCBDnVyaUBsbC5taXQuZWR1MA0GCSqGSIb3DQEBCwUA A4IBAQCheTHY3ppuUbzU5Quma4TR1Rhr0r+BfIMJyrfrmA9gNIoFzK0MbK1xxRv/9Nz/9sRQ ukIWIIfjyQlNDIiCl+8yut3V31v5NW+T0NB4GGIYicWI+ID8tBfvaHaniZ+bP/wEsZMOPq1J kh4E28mRAsHMuYhu6kraGj0yRi4Y3zuxJIeRN7NGYFCglFaPSeOQ33m0o5oyyMNfdDcDX7T/ 3pSSNFk/gAcPoI+XvC0sXS2cVYqvDGwzsT58M+6jvg0FDb8z/BIO2OL2KpO+ojeNSNud4Cf4 7gEpChuvx36vgLLq+J1s9BIXKk7FVAIdbD5KKnO/HiDpqamScI6p3Lc3PQZuMIIEtzCCA5+g AwIBAgIBFDANBgkqhkiG9w0BAQsFADBUMQswCQYDVQQGEwJVUzEfMB0GA1UEChMWTUlUIExp bmNvbG4gTGFib3JhdG9yeTEMMAoGA1UECxMDUEtJMRYwFAYDVQQDEw1NSVRMTCBSb290IENB MB4XDTA5MTIxNDEyMDAwMFoXDTE1MTIzMTIzNTk1OVowUTELMAkGA1UEBhMCVVMxHzAdBgNV BAoTFk1JVCBMaW5jb2xuIExhYm9yYXRvcnkxDDAKBgNVBAsTA1BLSTETMBEGA1UEAxMKTUlU TEwgQ0EtMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKcEyyNhSIfsN6AzBwVh Zkzo6SdjNGAQ7mA2A8T0kmdCB8MH6jWjVVMwFZwlg9cgjgLKEuEO9KN8K9M8jgeZEMoinlRf k3YELPC7sEkkzBQkcVpLhEwALue9iHowgSLGmXZpYKmRhfvhvYJ4MNCuIaWpcK/GaDZCE+U2 aTg42kv/zQrH3AoqFX81OF7niwXNnanP1hQRfkMTRrnaEW8DX0TMaG/t9Ry5xSMrLTNc9DvQ tjA5ZcuWnECiUpyDBFWxLr9yx7xgf1/LwgCxcoBeKSBBoWzkQmKAsgMo9Mq1Fp/nnIqw5FKm gOs7Vy+6e0Dk+cgf+oAV8AK8ZFMQrVE0uH0CAwEAAaOCAZUwggGRMBIGA1UdEwEB/wQIMAYB Af8CAQAwHQYDVR0OBBYEFI5KfYmhYxccgYg0VzcmRV4Zin4kMB8GA1UdIwQYMBaAFGeqes/0 Cqa5crWKoNKd8hDDQ+0pMA4GA1UdDwEB/wQEAwIBhjBhBggrBgEFBQcBAQRVMFMwLQYIKwYB BQUHMAKGIWh0dHA6Ly9jcmwubGwubWl0LmVkdS9nZXR0bz9MTFJDQTAiBggrBgEFBQcwAYYW aHR0cDovL29jc3AubGwubWl0LmVkdTAzBgNVHR8ELDAqMCigJqAkhiJodHRwOi8vY3JsLmxs Lm1pdC5lZHUvZ2V0Y3JsP0xMUkNBMIGSBgNVHSAEgYowgYcwDQYLKoZIhvcSAgEDAQYwDQYL KoZIhvcSAgEDAQgwDQYLKoZIhvcSAgEDAQcwDQYLKoZIhvcSAgEDAQkwDQYLKoZIhvcSAgED AQowDQYLKoZIhvcSAgEDAQswDQYLKoZIhvcSAgEDAQ4wDQYLKoZIhvcSAgEDAQ8wDQYLKoZI hvcSAgEDARAwDQYJKoZIhvcNAQELBQADggEBAIh3BqHQ/XH8C6DCL+eEGroOzxBcCqTNItms v4MANaOTodgU2jrjHcGjXlzqhpb8ZxOlkAK3dK09rc6+yACcoK2TzVtDRZXYxov/SqZRjI3d ufU2JatAPxosCyy/1otjl1TKUY47Wvft31vdf5i0XK2DQVEJ+XlqtgBiFTVIMIfBJwPajrsi z+pgFEYwhhwJxvs8flSi0FLCE77VYLEioP5hxG6zIPeQRxzh1bogbfphWHHtoiTDkBSZ4Ufv GXQTVf7QjhD5yYw10yICtjHmtgbfgBkH5/vvR92NY9RSlNPzZqmGKIia61bJCmagRYGyexfe dVNF0cJWL4J/cLHhgNYwggODMIICa6ADAgECAgEBMA0GCSqGSIb3DQEBBQUAMFQxCzAJBgNV BAYTAlVTMR8wHQYDVQQKExZNSVQgTGluY29sbiBMYWJvcmF0b3J5MQwwCgYDVQQLEwNQS0kx FjAUBgNVBAMTDU1JVExMIFJvb3QgQ0EwHhcNMDgwOTIzMTIwMDAwWhcNMjkxMjMxMjM1OTU5 WjBUMQswCQYDVQQGEwJVUzEfMB0GA1UEChMWTUlUIExpbmNvbG4gTGFib3JhdG9yeTEMMAoG A1UECxMDUEtJMRYwFAYDVQQDEw1NSVRMTCBSb290IENBMIIBIjANBgkqhkiG9w0BAQEFAAOC AQ8AMIIBCgKCAQEAxU4pF1iyJrL5rYq/XBAKg93kCTATG7Bw0NGFpEJ1A3Xsr6UIIq9/1VJB OgCwDqrVsAK1lRwy/lkrHzPkobiMr1wzjQ28SR/9sg5kAcmrMqBYbc302qtwCGKZxdNdhAh2 nUOCO10AMpUsCNdpikPY9ukT8lsA+eorM4Q1rc/L0J6AHRptOU7IuDBdZj+tdNb7gv+GKknr 6wj9m2sVGawoaG7AAqhsWvQUM/q4h/H5FpYlwnVAEh2AzhqiG9bwl6uJJIzJ/8uUWldNkVwz 1I5fR/vCaxiLXIW4oUydBuRKTG+ekEoxHGuD73yx5JtsSciS8HQL2oEM8tv+VAC+albqgwID AQABo2AwXjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRnqnrP9AqmuXK1iqDSnfIQw0Pt KTAfBgNVHSMEGDAWgBRnqnrP9AqmuXK1iqDSnfIQw0PtKTALBgNVHQ8EBAMCAYYwDQYJKoZI hvcNAQEFBQADggEBAD4bbQVg0Hh42EpYX4/JPkNS3OUAEWR/YgzZUY1QGi9rQZ4pfcjU1/Ta oNT8Y7Yf0RO+e9NiG9+BDhQH/kQiZOQo9rv9NUb8xDtKCYCad7zEQtVsYsWuvK2XLw/Ji1m2 eBvoOB4RS/5LAWfNws7W+DWt2ayzeTCyrLSrx7ZVgBjzNOm0TPIkbfppdwgxuo7FZL8ts+M2 492Al87d3VasevUS1pprRBEupChmPTt1hjtajkQOpT4BQAzP1lVEYrWzlv+O/lbP9iujKpYW cfYqQ3FGf37YCvuDeues4xm+nqmyraNsNeI8Gh3XDIwqfzHnLhy4Y80VyqN/Jj8df3SK9AAw ggTOMIIDtqADAgECAgpDgT5qAAAAADKHMA0GCSqGSIb3DQEBCwUAMFExCzAJBgNVBAYTAlVT MR8wHQYDVQQKExZNSVQgTGluY29sbiBMYWJvcmF0b3J5MQwwCgYDVQQLEwNQS0kxEzARBgNV BAMTCk1JVExMIENBLTIwHhcNMTIwMzA1MTUxODA3WhcNMTMwMzA1MTUxODA3WjBhMQswCQYD VQQGEwJVUzEfMB0GA1UEChMWTUlUIExpbmNvbG4gTGFib3JhdG9yeTEPMA0GA1UECxMGUGVv cGxlMSAwHgYDVQQDExdCbHVtZW50aGFsLlVyaS41MDAxMDU4NDCCASIwDQYJKoZIhvcNAQEB BQADggEPADCCAQoCggEBAM1hd7gYE3EAuUHpQXBAAsld4ttPFF2dJILTwLxpMAwAOeuCE2FN Qm7r5aIXSmwfYReSBSvZ01k6YOx3hqxMUJYgDTWvQ9A5OEufC3aD71g18VhHvqMs8uBEj7aX Na6dNd8V10yl4GZ4pXffNSN1Qb1S6pQ0r9NNILb+ZSevs3DGNE5rZwHxM0Ed62MjDyR4r7tL pFbkvlEFDdj8epEz7C6zEUPLyr8JjCDbLqhV4uoNdQQxweEPhSVadd5bDoT5w9OM4h4g/1hU PI/zuzp1pZLWiRigsmsCiT2YQUs3phYnRGkRzyenY3Usu+HtXtG1fSleaoeZtOqlcT01RBtP K1MCAwEAAaOCAZYwggGSMB0GA1UdDgQWBBShib6es0uFKEYxkMQRe+e7efVhBzAOBgNVHQ8B Af8EBAMCBSAwHwYDVR0jBBgwFoAUjkp9iaFjFxyBiDRXNyZFXhmKfiQwMwYDVR0fBCwwKjAo oCagJIYiaHR0cDovL2NybC5sbC5taXQuZWR1L2dldGNybC9MTENBMjBiBggrBgEFBQcBAQRW MFQwLQYIKwYBBQUHMAKGIWh0dHA6Ly9jcmwubGwubWl0LmVkdS9nZXR0by9MTENBMjAjBggr BgEFBQcwAYYXaHR0cDovL29jc3AubGwubWl0LmVkdS8wDAYDVR0TAQH/BAIwADA9BgkrBgEE AYI3FQcEMDAuBiYrBgEEAYI3FQiDg+Udh+ynZoathxWD6vBFhbahHx2F69Bwg+vtIAIBZAIB BDAlBgNVHSUEHjAcBgRVHSUABggrBgEFBQcDBAYKKwYBBAGCNwoDBDAYBgNVHSAEETAPMA0G CyqGSIb3EgIBAwEIMBkGA1UdEQQSMBCBDnVyaUBsbC5taXQuZWR1MA0GCSqGSIb3DQEBCwUA A4IBAQBqmZjWIBD5zFsLODc5rYV8zKQKukfF+u4DpNFzEHbCjNn1TBLBa0HVy1kLBA1ZwQPi cOw/XFgW8GHJo6Zpnd0NWwr02KbzJEn3wm5NmYWRTvuW9ld9O8/vkoPl0EmOfCbLoeQHNiEM lkBgoiC3nx54JaUTubWVcY7/caYldaT+VllH+y3PDB5yfO0YnAXkDbDqr+OBAM7dRe0QhcgS ZxTcRnrWGTUHwVV1yl4+Mxc++V1iLX1HdC1IdfKYHhswJbKOteuuCRLuhbKLpX/+y5cl6I/w 9u44Y86l34NExCasoNebcTzSVR5bKEWGhbntpDULl8cLMzXGlPQ5Oh614HeSMYIB5TCCAeEC AQEwXzBRMQswCQYDVQQGEwJVUzEfMB0GA1UEChMWTUlUIExpbmNvbG4gTGFib3JhdG9yeTEM MAoGA1UECxMDUEtJMRMwEQYDVQQDEwpNSVRMTCBDQS0yAgoTvp8EAAAAAEiAMAkGBSsOAwIa BQCgXTAjBgkqhkiG9w0BCQQxFgQUCVYB+wajpC05Sy6RxVpx2rxsTEEwGAYJKoZIhvcNAQkD MQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMTMwMjEzMjAzMzI5WjANBgkqhkiG9w0B AQEFAASCAQAT4JBYhjiwG2qLvRvOos6Z/OpeIIAO2hQvj77xMPNOgCSneKreWrvtjCwLTGqc UTMzcvEx5wWEGsSn1VQfwMkb70wbBRubDlpzPNiHLbyHMESsOy+IIN8tztVwRdUjLpc6ywHF E2+jJxnU+DvSWNAGrjIbZholDyinQ4UO8dJrYYtdB2D+5AqbenuIhVEApzN/2epfltPtCs5T rFqUp1fNfbC+s4ZIXXH7D4p4VGP6GGGIi/DfZNE/XFjDs0uqzD7VCjprS7qSUUlSzMT21yL5 xlf6wqCJq884UqburlDzlccA6Jh72igL5HWK/3g93LANwGaiodruSkVC3fOQFBuF --B_3443614409_12402440-- From Joachim@Strombergson.com Fri Feb 15 00:01:18 2013 Return-Path: X-Original-To: cfrg@ietfa.amsl.com Delivered-To: cfrg@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 32D0921F861F for ; Fri, 15 Feb 2013 00:01:18 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.463 X-Spam-Level: X-Spam-Status: No, score=-0.463 tagged_above=-999 required=5 tests=[AWL=0.547, BAYES_05=-1.11, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_LOW=-1, SARE_SUB_RAND_LETTRS4=0.799] Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2BP-LhEenjDY for ; Fri, 15 Feb 2013 00:01:17 -0800 (PST) Received: from susano.oderland.com (susano.oderland.com [91.201.63.143]) by ietfa.amsl.com (Postfix) with ESMTP id 4B5F321F8610 for ; Fri, 15 Feb 2013 00:01:16 -0800 (PST) Received: from 2.67.227.87.static.g-sn.siw.siwnet.net ([87.227.67.2]:39427 helo=tunnis.local) by susano.oderland.com with esmtpsa (TLSv1:DHE-RSA-AES256-SHA:256) (Exim 4.80) (envelope-from ) id 1U6GEM-003qn6-Su for cfrg@irtf.org; Fri, 15 Feb 2013 09:01:14 +0100 Message-ID: <511DEB4F.9000107@Strombergson.com> Date: Fri, 15 Feb 2013 09:01:19 +0100 From: =?UTF-8?B?Sm9hY2hpbSBTdHLDtm1iZXJnc29u?= Organization: Kryptologik User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:17.0) Gecko/20130107 Thunderbird/17.0.2 MIME-Version: 1.0 To: cfrg@irtf.org References: In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - susano.oderland.com X-AntiAbuse: Original Domain - irtf.org X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - Strombergson.com X-Get-Message-Sender-Via: susano.oderland.com: authenticated_id: joachim@strombergson.com Subject: Re: [Cfrg] RG Last Call - draft-irtf-cfrg-ocb-00 X-BeenThere: cfrg@irtf.org X-Mailman-Version: 2.1.12 Precedence: list Reply-To: Joachim@Strombergson.com List-Id: Crypto Forum Research Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 15 Feb 2013 08:01:18 -0000 Aloha! On 2013-02-13 08:27 , Phillip Rogaway wrote: > Someone else on this list asked: why open-source SW but not open-source > HW. The answer is that I know nothing about the latter domain. If > needed, please make a specific request (by private email) and I’ll try > to make sure you’re covered. Since I was the one asking about this: Why do you feel that you need to make the distinction, thereby infering a limitation? Esp if you don't know anything about the domain? (Fear of the unknown? ;-) If you look at OpenCores for example you will find quite a lot of implementations of different cryptographic algoritms licensed under (L)GPL- and BSD-licenses http://opencores.org/ OCB is IMHO very interesting for embedded systems, systems that often are implemented using FPGAs with soft microcontroller cores augumented with application specific cores for things like I/O, crypto etc. Being able to offload the mode processing would free the MCU to handle events or be less expensive. The latter being the driving force in embedded space. -- Med vänlig hälsning, Yours Joachim Strömbergson - Alltid i harmonisk svängning. ======================================================================== From mcgrew@cisco.com Fri Feb 15 05:34:11 2013 Return-Path: X-Original-To: cfrg@ietfa.amsl.com Delivered-To: cfrg@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AF64421F8AF8 for ; Fri, 15 Feb 2013 05:34:11 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -109.8 X-Spam-Level: X-Spam-Status: No, score=-109.8 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8, SARE_SUB_RAND_LETTRS4=0.799, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DiuD1gnyX5sR for ; Fri, 15 Feb 2013 05:34:10 -0800 (PST) Received: from rcdn-iport-6.cisco.com (rcdn-iport-6.cisco.com [173.37.86.77]) by ietfa.amsl.com (Postfix) with ESMTP id A5AC521F8AE6 for ; Fri, 15 Feb 2013 05:34:10 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=2265; q=dns/txt; s=iport; t=1360935250; x=1362144850; h=from:to:subject:date:message-id:in-reply-to:content-id: content-transfer-encoding:mime-version; bh=WMmCR8YN9C/NeVUPocelzN+1GmVNpju04l3S0VmioL4=; b=flhs2AtOpcq7fJv3NYjHdPRXevej1ToSBB/aqXhokV1XyT7dV54f8zWw HlC1Ei399rBdf/+wLTQr2+cSXp4uTSEnUopz9lpdBvl6s/WlhSXNrlYpR RCNN5KpZj45Jvxk7Uz7iG9/myTjTFYvFrzgIo/d5JS6SFNZvItLuvfDZV k=; X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: AgAFAFA4HlGtJV2Z/2dsb2JhbABEv297FnOCGAMEAQEBBAEBAWsdAQgYCksLJQIEARIIAYVAB4IkHgy9EY1dgRsCOIJfYQOIMI8VjziDB4FyNQ X-IronPort-AV: E=Sophos;i="4.84,673,1355097600"; d="scan'208";a="177531861" Received: from rcdn-core-2.cisco.com ([173.37.93.153]) by rcdn-iport-6.cisco.com with ESMTP; 15 Feb 2013 13:34:10 +0000 Received: from xhc-rcd-x01.cisco.com (xhc-rcd-x01.cisco.com [173.37.183.75]) by rcdn-core-2.cisco.com (8.14.5/8.14.5) with ESMTP id r1FDYA61007386 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Fri, 15 Feb 2013 13:34:10 GMT Received: from xmb-rcd-x04.cisco.com ([169.254.8.112]) by xhc-rcd-x01.cisco.com ([173.37.183.75]) with mapi id 14.02.0318.004; Fri, 15 Feb 2013 07:34:09 -0600 From: "David McGrew (mcgrew)" To: "Joachim@Strombergson.com" , "cfrg@irtf.org" Thread-Topic: [Cfrg] RG Last Call - draft-irtf-cfrg-ocb-00 Thread-Index: AQHOCbuYJvaAhcymBkmt/Ok73yAjpZh69mOAgAAJK4A= Date: Fri, 15 Feb 2013 13:34:09 +0000 Message-ID: <747787E65E3FBD4E93F0EB2F14DB556B183DFC2D@xmb-rcd-x04.cisco.com> In-Reply-To: <511DEB4F.9000107@Strombergson.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: user-agent: Microsoft-MacOutlook/14.2.1.120420 x-originating-ip: [10.117.10.227] Content-Type: text/plain; charset="iso-8859-1" Content-ID: <77D296DFFED85F4EA8C50DE7372E0160@cisco.com> Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Subject: Re: [Cfrg] RG Last Call - draft-irtf-cfrg-ocb-00 X-BeenThere: cfrg@irtf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Crypto Forum Research Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 15 Feb 2013 13:34:11 -0000 Hi Joachim, On 2/15/13 3:01 AM, "Joachim Str=F6mbergson" wrote: >Aloha! > >On 2013-02-13 08:27 , Phillip Rogaway wrote: >> Someone else on this list asked: why open-source SW but not open-source >> HW. The answer is that I know nothing about the latter domain. If >> needed, please make a specific request (by private email) and I=B9ll try >> to make sure you=B9re covered. > >Since I was the one asking about this: Why do you feel that you need to >make the distinction, thereby infering a limitation? Esp if you don't >know anything about the domain? (Fear of the unknown? ;-) > >If you look at OpenCores for example you will find quite a lot of >implementations of different cryptographic algoritms licensed under >(L)GPL- and BSD-licenses > >http://opencores.org/ Thanks for providing the URL and the good suggestion to consider HW in licensing terms. =20 > >OCB is IMHO very interesting for embedded systems, systems that often >are implemented using FPGAs with soft microcontroller cores augumented >with application specific cores for things like I/O, crypto etc. Being >able to offload the mode processing would free the MCU to handle events >or be less expensive. The latter being the driving force in embedded >space. What aspect of OCB do you see as interesting for embedded systems? If an implementation of AES encrypt and decrypt functions are available, then the additional circuit or code size of OCB is small. However, if you are designing circuits (as seems to be what you are interested in) then there are other modes that are more compact. I'm not trying to start a debate on comparing modes, I just want to make sure that I understand the issues that you see for embedded crypto. Thanks, David > >--=20 >Med v=E4nlig h=E4lsning, Yours > >Joachim Str=F6mbergson - Alltid i harmonisk sv=E4ngning. >=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > >_______________________________________________ >Cfrg mailing list >Cfrg@irtf.org >http://www.irtf.org/mailman/listinfo/cfrg From ted@krovetz.net Fri Feb 15 07:11:19 2013 Return-Path: X-Original-To: cfrg@ietfa.amsl.com Delivered-To: cfrg@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CF72121F887D for ; Fri, 15 Feb 2013 07:11:19 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.8 X-Spam-Level: X-Spam-Status: No, score=-2.8 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1, SARE_SUB_RAND_LETTRS4=0.799] Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HayyMnvPpaJG for ; Fri, 15 Feb 2013 07:11:19 -0800 (PST) Received: from mail-pb0-f53.google.com (mail-pb0-f53.google.com [209.85.160.53]) by ietfa.amsl.com (Postfix) with ESMTP id 3A55221F8871 for ; Fri, 15 Feb 2013 07:11:19 -0800 (PST) Received: by mail-pb0-f53.google.com with SMTP id un1so640111pbc.40 for ; Fri, 15 Feb 2013 07:11:18 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=x-received:content-type:mime-version:subject:from:in-reply-to:date :content-transfer-encoding:message-id:references:to:x-mailer :x-gm-message-state; bh=+3eJmePwSuIYJZvQnk9nEoDJkQbpCuEGOPH/CqOYTEo=; b=BGJnORCPdFv3DDnpQNKXzoEKUQeeG7Iqut9nRnBgCT23Ss15F/AtDoNf938AtHySir ApQJwo7e1o5nackvEWJC4NF5EZpa5B0htfNF9cExftdVIY6dNxRiYOo8VVrrGuSWwVYn FeO2rLWzsVj+BySniYPnBg/WSwtTVWlkVDgYiEK1+rMdRvGawDUizFK6pZ1Q6Diguyt2 3V+4j/1jXw6Cuhhj5RMxSmbDcePEqfyIJzK/AJJNKoMB36EgG8GaZe5eZdqTGtq8EkNI 7TntSfDfVUHJy9I5+YW0ARzf3BDwnNNh/Sxcr35UnILXHWuBxvFoTTL3Xk5zGGBUTjFQ k3Ww== X-Received: by 10.68.83.38 with SMTP id n6mr6812787pby.28.1360941078920; Fri, 15 Feb 2013 07:11:18 -0800 (PST) Received: from [192.168.1.73] (c-67-166-145-119.hsd1.ca.comcast.net. [67.166.145.119]) by mx.google.com with ESMTPS id z6sm67886326pav.3.2013.02.15.07.11.16 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Fri, 15 Feb 2013 07:11:17 -0800 (PST) Content-Type: text/plain; charset=iso-8859-1 Mime-Version: 1.0 (Mac OS X Mail 6.2 \(1499\)) From: Ted Krovetz In-Reply-To: <747787E65E3FBD4E93F0EB2F14DB556B183DFC2D@xmb-rcd-x04.cisco.com> Date: Fri, 15 Feb 2013 07:11:15 -0800 Content-Transfer-Encoding: quoted-printable Message-Id: <363287D0-635D-4498-B96D-DC13DD54ACA0@krovetz.net> References: <747787E65E3FBD4E93F0EB2F14DB556B183DFC2D@xmb-rcd-x04.cisco.com> To: "cfrg@irtf.org" X-Mailer: Apple Mail (2.1499) X-Gm-Message-State: ALoCoQntk5zkHUE4YoO4odSg88IXJALL5UeQCyRhQFp5Qsy7nzJv2vxAGa6yAkmjfZzAS6phJfoG Subject: Re: [Cfrg] RG Last Call - draft-irtf-cfrg-ocb-00 X-BeenThere: cfrg@irtf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Crypto Forum Research Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 15 Feb 2013 15:11:19 -0000 > What aspect of OCB do you see as interesting for embedded systems? = If an > implementation of AES encrypt and decrypt functions are available, = then > the additional circuit or code size of OCB is small. However, if you = are > designing circuits (as seems to be what you are interested in) then = there > are other modes that are more compact. >=20 > I'm not trying to start a debate on comparing modes, I just want to = make > sure that I understand the issues that you see for embedded crypto. While not addressing exactly what you're asking Joachim, a lot of = system-on-a-chip implementations include an AES engine but pathetic = multiplication. In such situations OCB and CCM have a big advantage over = other modes because they do very little else besides AES calls. I have one of these = http://www.marvell.com/embedded-processors/kirkwood/assets/HW_88F6281_Open= Source.pdf and have been meaning to implement OCB on it for a while.= From Joachim@Strombergson.com Wed Feb 20 02:33:50 2013 Return-Path: X-Original-To: cfrg@ietfa.amsl.com Delivered-To: cfrg@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2916821F8759 for ; Wed, 20 Feb 2013 02:33:50 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.179 X-Spam-Level: X-Spam-Status: No, score=-1.179 tagged_above=-999 required=5 tests=[AWL=0.538, BAYES_00=-2.599, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_LOW=-1, SARE_SUB_RAND_LETTRS4=0.799, SARE_URI_DIGITS4=0.415, URI_HEX=0.368] Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sm3RGRw2ZQC9 for ; Wed, 20 Feb 2013 02:33:49 -0800 (PST) Received: from susano.oderland.com (susano.oderland.com [91.201.63.143]) by ietfa.amsl.com (Postfix) with ESMTP id CC6B221F8754 for ; Wed, 20 Feb 2013 02:33:48 -0800 (PST) Received: from [62.80.223.82] (port=50671 helo=secworks82.gotanet.se) by susano.oderland.com with esmtpsa (TLSv1:DHE-RSA-AES256-SHA:256) (Exim 4.80) (envelope-from ) id 1U86zh-001eXu-Lb; Wed, 20 Feb 2013 11:33:45 +0100 Message-ID: <5124A689.7090703@Strombergson.com> Date: Wed, 20 Feb 2013 11:33:45 +0100 From: =?UTF-8?B?Sm9hY2hpbSBTdHLDtm1iZXJnc29u?= Organization: Kryptologik User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:17.0) Gecko/20130107 Thunderbird/17.0.2 MIME-Version: 1.0 To: "David McGrew (mcgrew)" , "cfrg@irtf.org" References: <747787E65E3FBD4E93F0EB2F14DB556B183DFC2D@xmb-rcd-x04.cisco.com> In-Reply-To: <747787E65E3FBD4E93F0EB2F14DB556B183DFC2D@xmb-rcd-x04.cisco.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - susano.oderland.com X-AntiAbuse: Original Domain - irtf.org X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - Strombergson.com X-Get-Message-Sender-Via: susano.oderland.com: authenticated_id: joachim@strombergson.com Subject: Re: [Cfrg] RG Last Call - draft-irtf-cfrg-ocb-00 X-BeenThere: cfrg@irtf.org X-Mailman-Version: 2.1.12 Precedence: list Reply-To: Joachim@Strombergson.com List-Id: Crypto Forum Research Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 20 Feb 2013 10:33:50 -0000 Aloha! Sorry for a late answer. On 2013-02-15 14:34 , David McGrew (mcgrew) wrote: > What aspect of OCB do you see as interesting for embedded systems? If an > implementation of AES encrypt and decrypt functions are available, then > the additional circuit or code size of OCB is small. However, if you are > designing circuits (as seems to be what you are interested in) then there > are other modes that are more compact. > > I'm not trying to start a debate on comparing modes, I just want to make > sure that I understand the issues that you see for embedded crypto. Thanks for asking. There are several aspects to this and I'll try to explain my view. For many embedded applications authentication and integrity protection is much more important than confidentiality. OCB is an interesting AEAD mode due to the low complexity. The cost (in HW) compared to HMAC is lower and gives better performance. CCM requires about the same amount of hardware but with less performance. The stream cipher decoupling part (CTR) of GCM is very good, esp for systems with low power MCUs that communicate periodically and have extra RAM to spare (which quite often though is note the case). The Galois multiplier however is costly, and as Ted stated in his answer, even though your MCU contains a AES-128 engine (typically), multiplication is usually very weak. When designing embedded systems, being able to choose what is implemented in HW and in SW respectively affects things like cost, cost, physical size, power consumption, cost, ability to update in the field, cost, time to market, cost, security, availability, cost, support, cost. And cost. You get the idea. Sometimes the best solution is to build the solution around a MCU. Sometimes it is to use an ASIC or an FPGA and integrate a CPU core. The core itself might be extendable with new instructions to support, for example, a barrel shifter, a fast multiplier etc. Or the MCU is equipped with application specific hardware and coprocessors that offload the CPU from performing things like MAC calculations, protocol handling etc. This makes it possible to use a smaller CPU core, possibly removing the need for external RAM etc. An example of such a CPU core is the Altera Nios II 32-bit CPU that can scale in performance from the size of a small 8-bit CPU to a pretty high perfomance CPU, all using the same ABI. And this core supports adding new instructions, coprocessors etc. http://www.altera.com/devices/processor/nios2/ni2-index.html The important thing is that if there are limits to how you partition the system into SW and HW, then some of the optimizations and trade offs are removed, which might lead to, for example, higher cost. Having an interesting algorithm such as OCB that for some reason only allows it to be implemented in SW makes the partitioning harder thereby driving cost and reducing the number of algorithms to choose from. One recent algorithm that I find interesting both from a technical point of view and due to its non-discriminatory license is SipHash: https://131002.net/siphash/ SipHash can be used as MAC, needs very little registers/memories which makes it compact to implement and use in a system. However the 64 bit operations requires iterative processing on a MCU, which reduces the performance. I have therefore developed a hardware implementation of SipHash and made it available under a BSD license: https://gitorious.org/siphash_core Using this core, even the smallest Nios II CPU core can easily do MAC processing on traffic at Gbps wire speed and still spend cycles on the local application. What I'm getting at is that _why_ limit the use of you algorithms unless you really feel the need for it. Hifn, being a chip company in the RFC for the LZS compression and in the RFC Hifn specifically excludes hardware implementations: https://tools.ietf.org/html/rfc2395 But why do this for OCB? One other thing about algorithms and how to make them more attractive for system designers are how easy it is to follow the description and create a functionally correct implementation. Too often I see algorithm descriptions without examples or test vectors. Another common problem is that the reference code is poorly documented, don't conform to the written description, use variable names that are not the same as the written description and is generally hard to use. It is my belief that if you are developing algorithms such as ciphers, MACs etc and really want your creation to be analyzed, adopted, used and implemented then limiting its usage with patents, licensing (including SW vs HW), making it hard to understand and implement is counter productive. I therefore applaud the creators of SipHash - Jean-Philippe Aumasson and Daniel J. Bernstein for writing one of the algorithm descriptions I have read in a while. https://131002.net/siphash/siphash.pdf Ok, that was probably overly long. -- Med vänlig hälsning, Yours Joachim Strömbergson - Alltid i harmonisk svängning. ======================================================================== From internet-drafts@ietf.org Sun Feb 24 22:24:38 2013 Return-Path: X-Original-To: cfrg@ietfa.amsl.com Delivered-To: cfrg@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A64CE21F91DD; Sun, 24 Feb 2013 22:24:38 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.081 X-Spam-Level: X-Spam-Status: No, score=-102.081 tagged_above=-999 required=5 tests=[AWL=-0.281, BAYES_00=-2.599, SARE_SUB_RAND_LETTRS4=0.799, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id H8EoZZKIcwsp; Sun, 24 Feb 2013 22:24:38 -0800 (PST) Received: from ietfa.amsl.com (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2081A21F8E8F; Sun, 24 Feb 2013 22:24:38 -0800 (PST) MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable From: internet-drafts@ietf.org To: i-d-announce@ietf.org X-Test-IDTracker: no X-IETF-IDTracker: 4.40 Message-ID: <20130225062438.10115.87759.idtracker@ietfa.amsl.com> Date: Sun, 24 Feb 2013 22:24:38 -0800 Cc: cfrg@ietf.org Subject: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-01.txt X-BeenThere: cfrg@irtf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Crypto Forum Research Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 25 Feb 2013 06:24:38 -0000 A New Internet-Draft is available from the on-line Internet-Drafts director= ies. This draft is a work item of the Crypto Forum Research Group Working Group= of the IETF. Title : Dragonfly Key Exchange Author(s) : Dan Harkins Filename : draft-irtf-cfrg-dragonfly-01.txt Pages : 15 Date : 2013-02-24 Abstract: This document specifies a key exchange using discrete logarithm cryptogprahy that is authenticated using a password or passphrase. It is resistant to active attack, passive attack, and off-line dictionary attack. The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-irtf-cfrg-dragonfly There's also a htmlized version available at: http://tools.ietf.org/html/draft-irtf-cfrg-dragonfly-01 A diff from the previous version is available at: http://www.ietf.org/rfcdiff?url2=3Ddraft-irtf-cfrg-dragonfly-01 Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ From kmigoe@nsa.gov Tue Feb 26 06:57:31 2013 Return-Path: X-Original-To: cfrg@ietfa.amsl.com Delivered-To: cfrg@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 24EDF21F8697 for ; Tue, 26 Feb 2013 06:57:30 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -10.338 X-Spam-Level: X-Spam-Status: No, score=-10.338 tagged_above=-999 required=5 tests=[AWL=0.260, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8] Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BmFvwieoUiWR for ; Tue, 26 Feb 2013 06:57:29 -0800 (PST) Received: from nsa.gov (emvm-gh1-uea08.nsa.gov [63.239.67.9]) by ietfa.amsl.com (Postfix) with ESMTP id A589F21F8652 for ; Tue, 26 Feb 2013 06:57:27 -0800 (PST) X-TM-IMSS-Message-ID: <9a3be53b000b4ef3@nsa.gov> Received: from MSHT-GH1-UEA02.corp.nsa.gov ([10.215.227.181]) by nsa.gov ([63.239.67.9]) with ESMTP (TREND IMSS SMTP Service 7.1; TLSv1/SSLv3 AES128-SHA (128/128)) id 9a3be53b000b4ef3 ; Tue, 26 Feb 2013 09:56:46 -0500 Received: from MSMR-GH1-UEA09.corp.nsa.gov (10.215.224.12) by MSHT-GH1-UEA02.corp.nsa.gov (10.215.227.181) with Microsoft SMTP Server (TLS) id 14.1.289.1; Tue, 26 Feb 2013 09:57:25 -0500 Received: from MSMR-GH1-UEA03.corp.nsa.gov ([10.215.224.3]) by MSMR-GH1-UEA09.corp.nsa.gov ([10.215.224.12]) with mapi id 14.01.0289.001; Tue, 26 Feb 2013 09:57:25 -0500 From: "Igoe, Kevin M." To: "cfrg@irtf.org" Thread-Topic: Upcoming meeting Thread-Index: Ac4UMZZIs2aMFW+oTA6Ys9iMNXNqyA== Date: Tue, 26 Feb 2013 14:57:25 +0000 Message-ID: <3C4AAD4B5304AB44A6BA85173B4675CA751704D1@MSMR-GH1-UEA03.corp.nsa.gov> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.215.227.232] Content-Type: multipart/alternative; boundary="_000_3C4AAD4B5304AB44A6BA85173B4675CA751704D1MSMRGH1UEA03cor_" MIME-Version: 1.0 Subject: [Cfrg] Upcoming meeting X-BeenThere: cfrg@irtf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Crypto Forum Research Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 26 Feb 2013 14:57:33 -0000 --_000_3C4AAD4B5304AB44A6BA85173B4675CA751704D1MSMRGH1UEA03cor_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Just a reminder that the CFRG will be meeting in Orlando. Agenda is not ye= t set, but we do have one item of interest. Jim Schaad, co-chair of the JOSE= WG, has kindly volunteered to gives us a presentation on the cryptographic algorithms and protocols used in JOSE. Anyone who would like to make a presentation, please don't be shy about com= ing forward. This is a research group, not a working group, and we want to en= courage and nurture new ideas. ----------------+-------------------------------------------------- Kevin M. Igoe | "We can't solve problems by using the same kind kmigoe@nsa.gov | of thinking we used when we created them." | - Albert Einstein - ----------------+-------------------------------------------------- --_000_3C4AAD4B5304AB44A6BA85173B4675CA751704D1MSMRGH1UEA03cor_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable
Just a reminder that the CFRG will be meeting in Orlando.  Agenda= is not yet
set, but we do have one item of interest.  Jim Schaad, co-chair o= f the JOSE WG,
has kindly volunteered to gives us a presentation on the cryptographic=
algorithms and protocols used in  JOSE. 
 
Anyone who would like to make a presentation, please don’t be sh= y about coming
forward.  This is a research group, not a working group, and we w= ant  to encourage
and nurture new ideas.
 
 
----------------+------------------------------------= --------------
Kevin M. Igoe   | "We can't solve problems= by using the same kind
kmigoe@nsa.gov  | of thinking we used when we create= d them."
         &nb= sp;      |      &nbs= p;       - Albert Einstein -
----------------+------------------------------------= --------------
 
 
 
--_000_3C4AAD4B5304AB44A6BA85173B4675CA751704D1MSMRGH1UEA03cor_--