SRP Patch Integration?

Tom Wu tom at
Wed Feb 13 05:26:58 EST 2002

Theo de Raadt wrote:
> > Are you referring to the distinction between SRP and SRP-Z?  The SRP
> > userauth mechansim is specifically based on RFC2945, which is
> > royalty-free, and does not use SRP-Z in any way.  Or were there some
> > other "restrictions" you were concerned about?
> The space is specifically not free.

It's no less free than the public-key signature space, yet you use
digital signature algorithms in OpenSSH.

> > > As far as I see it, everything that is patented is tainted.
> > > Somebody who has money to pay a lawer needs to investigate
> > > this further.
> >
> > This is an unreasonable position.  Are you familiar with U.S. Patent
> > number 5,231,668?  Its title is "Digital Signature Algorithm".  Doesn't
> > OpenSSH uses DSA?  Who paid for that investigation?
> I read a decleration that the US government, in making DSA a standard,
> protects the community from patent issues.  As I understand, the same
> kind of protection exists for DES and now for AES.

Where can I find a copy of this statement?  I'd like to see if Stanford
can be persuaded to issue a similar statement, since it appears to offer
you sufficient assurance.  AFAIK, the USG said, "we don't think there
are any patent concerns" and that was it.  In _Applied Cryptography_, p.
493, Schneier gives a more in-depth detailing of the IP situation, which
mirrors that of SRP precisely.

> I've had other dealings with Stanford over patents and such.  They've
> been the biggest assholes I've ever had to deal with.  Xerox was
> easier to deal with.  I don't even want to bother touching anything in
> their space.

Can you give an example of this behavior?  Are you honestly saying that
it's fair to punish someone (me) for behavior that I had no control or
knowledge of?  Are you saying that even if Stanford makes an effort to
improve its practices, that it's too late and that your mind is closed
to the possibility?

> > The reasoning is backwards, that's the problem.  Being patented is
> > clearly not the issue here.  If it were, half the algorithms in OpenSSH
> > would fail that test.  One still needs to come up with a reason why a
> > patent would pose a problem for OpenSSH, and no such good reason has
> > surfaced for SRP, which leads me to believe the IP issue is a red
> > herring.
> Well, tough.
> You just seem to be upset because we've decided to wait for something
> else to show up in the field.

I'm upset because you seem to be giving a (poor) reason for refusing to
consider SRP, and then refusing even to apply that same reasoning to
other technologies that OpenSSH already uses.  It's the lack of
integrity that bothers me.

> I think the benefit to threat ratio is bad enough that we should just
> wait.
> Sorry Tom.  You should have fought the lawyers more when you sold your
> soul.

The ad-homming doesn't really help either.  I suppose fighting to make a
technology royalty-free is "selling one's soul" given sufficiently
twisted definitions.

Tom Wu
Principal Software Engineer
Arcot Systems
(408) 969-6124
"The Borg?  Sounds Swedish..."

More information about the openssh-unix-dev mailing list