SRP Patch Integration?

Theo de Raadt deraadt at
Wed Feb 13 09:25:25 EST 2002

> Again, remember that this has always been the case with public-key
> crypto.  If OpenSSH were to explore, for example, ECC, you'd be likely
> to find an even more tangled web of IP issues; at some point, reasonable
> decisions have to be made in good faith for any progress to occur.

That is a reason we will never move towards any of the ECC space.
There are free parts of the ECC space, but there are so many
conflicting threats, we just won't go there.

Don't you get it do you?  We don't investigate if there is a threat.
We assume the worst.  We're not stupid enough to play some stupid game
with possible future legal outcomes.

As markus says, "i think that even _having_ to ask a lawyer is a threat".

More information about the openssh-unix-dev mailing list