|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: New draft relevant to SRPRegarding the proposed alternatives to SRP-3 ... (http://search.ietf.org/internet-drafts/draft-jablon-speke-00.txt) At 03:31 PM 3/7/02 -0800, Tom Wu wrote: >The SPEKE techniques are, to my knowledge, patent-encumbered and >non-free, whereas SRP has a free patent license from Stanford and IP >issues that are nearing resolution. [...] First, your phrasing may suggest to some that the existence of the patent is or was hidden. The commercial intentions for the SPEKE protocols and their patent status have been public knowledge since the first published paper in 1996, and the draft is clear on this too. >[...] It seems that presenting these >techniques as fixes to "issues" with SRP (instead of as a supplement) is >misleading in this context. Stanford's generosity notwithstanding, today, there is an outstanding working group issue with SRP-3 and other patents. David Black has urged me to try to get Phoenix to clarify its position on SRP-3, and I'm in the process of doing just that. If you find specific text in the draft that is "misleading" in this context, or any other context, show me and I'll try to improve it promptly. I also see no problem with the supplement approach. The draft is intended to facilitate public analysis of both patent issues and the technical merits of SRP-3 and the SPEKE, B-SPEKE and SRP-4 alternatives. For some people, the relative technical merits of SRP-3 and these alternatives may be minor -- they may shop around, first, based on price, and only then based on these differences. The bigger concern is when people don't shop around at all and leave major technical issues unaddressed. >Unless SPEKE, or some variant thereof, is made available under a license >as liberal as the SRP license, it seems that it would be more >appropriate to consider it for a future optional authentication method, >as opposed to a mandatory one. There's also a lot of room between MUST and MAY, and between free and affordable. The only thing that I find really annoying, and kind of scary, is when standards preclude or actively discourage strong options. -- David
Home Last updated: Fri Mar 08 12:18:09 2002 9043 messages in chronological order |