On Sat, 1 Mar 2025 at 00:22, Stephen Farrell <stephen.farr...@cs.tcd.ie> wrote: > > > Hiya, > > On 28/02/2025 18:56, Sean Turner wrote: > > In response to the WG adoption call, Dan Bernstein pointed out some > > potential IPR (see [0]), but no IPR disclosure has been made in > > accordance with BCP 79. > > While I don't think the lack of an IPR declaration is fatal > here, I do think it'd be great if that uncertainty could be > reduced. I think I saw that Russ tried to reach out to one > of the possible patent holders to ask if they'd be willing > to make a declaration. I've no idea where that's at, but I'd > encourage the TLS chairs and SEC ADs to see if they can help > get that to happen as reducing uncertainty would be good and > if we can't, then this topic will just keep cropping up and > Dan is not the only person I've heard express concerns in > this regard. >
I agree with Dr Stephen on this one. It would help if we can get declarations from patent holders early. For example, OpenSSH implemented DSA as there was less risk of patents: " The second major variety of SSH is the SSH 2 protocol. SSH 2 was invented to avoid the patent issues regarding RSA (patent issues which no longer apply, since the patent has expired), to fix the CRC data integrity problem that SSH1 has, and for a number of other technical reasons. By requiring only the asymmetric DSA and DH algorithms, protocol 2 avoids all patents. " If there is any risk of a patent, can we look at a backup choice for ML-KEM in TLS, especially for implementers who are very patent averse ? Should I start a new thread ? > Cheers, > S. > > PS: I do realise we can't force someone to make an IPR > declaration. > > _______________________________________________ > TLS mailing list -- tls@ietf.org > To unsubscribe send an email to tls-le...@ietf.org _______________________________________________ TLS mailing list -- tls@ietf.org To unsubscribe send an email to tls-le...@ietf.org
