So I did some digging and Certicom claims nothing against RFC 6090. They do claim 2 patents against the draft, but I doubt either of them check out. One is on point validation by substitution into a curve, the other on ECDSA for smart cards. If its a big worry Tor should get a lawyer to check this out, but I'm not that worried: Patents filled in the 2000s seem a bit late to the party anyway. Sincerely, Watson Ladd
On Tue, Nov 1, 2011 at 2:05 PM, Zooko O'Whielacronx zooko@zooko.com wrote:
A few pointers. On the happy "yay we can use it freely" side, we have:
- RFC 6090
Pure gold! A catalog of ECC techniques which were published so long ago that they cannot still be under patent. It includes digital signatures and Diffie-Hellman.
- DJB's page stating that certain patents don't apply to Curve25519
(which you mentioned): http://cr.yp.to/ecdh/patents.html
- Jack Lloyd's statement that he avoided techniques newer than about
1990 in Botan: https://bugzilla.redhat.com/show_bug.cgi?id=615372#c19
On the sad "no we can't use it" side, we have:
- Fedora's insistence on removing all elliptic curve cryptography from
their Linux distribution and refusing to answer questions about why: https://bugzilla.redhat.com/show_bug.cgi?id=615372
Regards,
Zooko _______________________________________________ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev