[OTR-dev] RSA signatures again

Paul Wouters paul at cypherpunks.ca
Tue Aug 27 02:00:03 EDT 2013


On Mon, 26 Aug 2013, Tom Ritter wrote:

>>> Are all the ECC ciphers disabled in Fedora/RHEL?
>>
>> Yes. All ECC is currently banned. While the push to allow ECC is getting
>> stronger, we are not there yet.
>
> A small note - ECC is being enabled in RHEL[0], but not (yet) in
> Fedora.  If that sounds crazy, it is, but it's also the truth[1].

> (If anyone wants to help them, they basically just need to know the
> [specific, mathematical equations used in] ECC operations in openssl,
> and their publish date.[2])

It is easy for you to say "just". As the bugzilla said, we're talking about
lawyers, not engineers. A bugzilla entry is also not any official stance
from Red Hat, so I'm awaiting official news on this one.

As for ed25519, I have only heard djb's engineering opinion about patents on
the curve, not a lawyers opinion.

Certicom has granted a license for their ECC patents, as long as it
is part of an IETF standard, so ed25519 could be more encumbered than
any of the ones appearing in an RFC (although perhaps ed25519 appears,
I do not know)

Regardless, I guess you cannot assume ECC is available on linux systems
right now. And that probably won't change within the next 6-12 months.

Paul



More information about the OTR-dev mailing list