[Cryptography] To what is Anderson referring here?
Christian Huitema
huitema at huitema.net
Thu Jun 5 01:12:18 EDT 2014
> I would call the RSA comment perverse but not entirely inaccurate. RSA
> patent was a hugely influential force in the choice of SSL/RSA/certs in
> the 1994 timeframe. This model was imposed more from a marketing pov
> (RSADSI had a patent to sell..).
I was not trying to be perverse. I remember big debates in the IETF in the
late 90's about default profiles for IPSEC/IKE, DNS SEC, etc. In all these
cases, the RSA patent issue was raised, and standards eventually settled to
some patent free option as the default. Why else do you believe we find all
these references to DSA in the 90's RFC?
Check for example RFC 2535 (http://www.rfc-editor.org/rfc/rfc2535.txt), the
specification of DNS SEC dating from 1999. You will see in the "KEY
Algorithm Number Specification" that RSA/MD5 [RFC 2537] is "recommended" but
DSA [RFC 2536] is "mandatory." Lots of time and energy was expanded dealing
with that...
-- Christian Huitema
More information about the cryptography
mailing list