[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [openpgp] Proposal to include AEAD OCB mode to 4880bis



"brian m. carlson" <sandals@xxxxxxxxxxxxxxxxxxxx> writes:

> On Tue, Oct 31, 2017 at 04:44:23PM +0100, Werner Koch wrote:
>> > I remain wholly opposed to including OCB in the OpenPGP specification,
>> 
>> Do you prefer that we put a "2 - reserved for OCB" into the specs and
>> have an I-D to specify the oue of OCB in OpenPGP?  This would make the
>> life for implementors and auditors harder.
>
> Yes, I would much prefer that we let OCB happen in a separate draft.
> Then all the patent problems occur in a separate specification that
> doesn't affect the core OpenPGP.

I don't think you understand the relationship between the specification
and IP.  Specifically, whether OCB is in the main spec or a secondard
spec does not affect any IP/patent "problems".  Put another way,
IP/patent "problems" occur for anyone who wants to implement OCB,
regardless of where it is specified.  However having it in the main
draft makes it easier to implement and audit, as Werner suggested.  The
more places you have to reference, the more likely you'll make a
mistake.

Note that just because OCB is in the spec does not mean you must
implement it -- it's not going in as a MUST.  If you don't implement it,
then there is no IP/patent worry on your part.

-derek

-- 
       Derek Atkins                 617-623-3745
       derek@xxxxxxxxx             www.ihtfp.com
       Computer and Internet Security Consultant

_______________________________________________
openpgp mailing list
openpgp@xxxxxxxx
https://www.ietf.org/mailman/listinfo/openpgp