Re: OpenDNS today announced it has adopted DNSCurve to secure DNS

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The problem here is not that you might infringe the patent, the
problem is that if a patent suit is brought against you, it will cost
a minimum of about $5 million to defend. Just to get to the point of
having an opinion on the matter you would have to engage a competent
expert witness who was willing to work on patent stuff rather than
building stuff. Then they have to do maybe a months work on research
and explain the results to a group of lawyers. You are going to have
five or more people and rack up several thousand hours at lawyer
rates.

Those costs buy a lot of crypto accelerator boards.

I kept trying to explain this situation to the various people who
tried to sell their 'efficient CRL' hacks. Even if your system is the
greatest ever and you give it to me for free, it will cost more to
work out if it is legally safe than it costs to solve the problem with
raw CPU power.


If the 512 byte limit really is a problem, then the logical answer
would be to use DSA-SHA256 since the signatures generated in DSA are
not a function of the key size. DSA also allows for offline
calculation of the signature data which would address performance
issues for companies like Akamai.

There are also reasons to beware of DSA. Steve Bellovin pointed out
that if the random number generator is bad the private key can leak
out. But RSA is not without similar issues, companies that can't
generate a good random seed for DSA will probably not create secure
keypairs for RSA either.



On Wed, Feb 24, 2010 at 11:50 AM,  <tytso@xxxxxxx> wrote:
> I'm not a lawyer, and neither is Bruce Schneier who is quoted in the
> article below, but I suspect he's studied the ECC patent situation
> more than I have (and I looked it quite a bit back when I was chairing
> ipsec).
>
>        http://en.wikipedia.org/wiki/ECC_patents
>
> If it were up to me, I'm not sure I'd want to bet the DNS
> infrastructure on whether or not patent lawyers with shark-skin
> briefcases want to make a mint by instigating a lawsuit.  As we've
> seen with the SCO lawsuit, even completely groundless legal disputes
> can take years and years, and the only winner is the lawyers.  And
> we've seen how much public key deployment was held back because of the
> RSA patents; and most people who have lived through those dark times
> really don't want to revisit them again.
>
> As I told the Certicom folks over a decade ago, the best way they
> could make their (hardware implementation) patents more valuable is by
> explicitly making a non-assert pledge regarding software
> implementations of ECC.  That would have cleared away a lot of the
> hesitation around using ECC, since regardless of whether the claims of
> ECC proponents that "no really, there's no problems here!" are true or
> not, it would have calmed the fears who've looked at the situation and
> who have perceived real risks.
>
> Of course, the Certicom folks didn't listen to me back then, and I
> doubt any of them would listen to me now....
>
>                                                - Ted
> _______________________________________________
> Ietf mailing list
> Ietf@xxxxxxxx
> https://www.ietf.org/mailman/listinfo/ietf
>



-- 
-- 
New Website: http://hallambaker.com/
View Quantum of Stupid podcasts, Tuesday and Thursday each week,
http://quantumofstupid.com/
_______________________________________________
Ietf mailing list
Ietf@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ietf


[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]