>> But IANAL (I Am Not A Lawyer)... I *can* understand vendors who would hold >> until either an explicit IPR release is posted, or the (potentially!) >> relevant patents expire. > > Then those hypothetical people should use RSA signatures and FFDHE key > exchange > Ah, but they are not hypothetical. For example, one OpenSSL customer commissioned the project to provide a modified EC implementation to avoid some of the potential patents. The result was the downloads with *-ecp in their name (ftp://ftp.openssl.org/source/).
I think the minefield in this discussion is the bikeshedding. External, non-technical pressures and requirements exists, and they are not easily dismissed with "Just use X". For example, in US Federal, its C&A and FIPS. In Europe or Asia, it might be political and distrust of NIST. I'd love to see one true cipher, but I don't think its going to happen. Its not feasible (and its not a technical limitation). Jeff _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
