Pithy wit and wisdom from New Zealand. lol.


-----Original Message-----
From: Peter Gutmann  <[EMAIL PROTECTED]>
Sent: Thursday, 23 March 2006 12:41 PM
Subject: RE: [Cfrg] Defining inter operable ECC keys in for IETF protocols

"Blumenthal, Uri" <[EMAIL PROTECTED]> writes:

>I would MUCH prefer ECC - but my lawyers (yuk!) are telling me that there are
>licensing problems, and supposed NSA contacts don't call them back.
>Anybody knows anything useful about licensing of ECC GF(p), that he can
>share with me?

Certicom have done such a good job of creating FUD about ECC legal issues that, unless you're a Certicom licensee, it's easier to not use it at all.

So far every time I've been asked about ECC support (which admittedly is once a blue moon anyway), I've asked the organisation who want it to come back to me with either proof of a Certicom license or a clear statement of which non- infringing mechanisms they want me to implement. In every case, after looking at what's involved, they've decided they didn't need ECC that much anyway.

It's like the conclusion from Wargames, the only way to win is not to play.


Cfrg mailing list

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to