This IPR disclosure is relevant to this discussion: https://datatracker.ietf.org/ipr/63/
Thanks, --David > -----Original Message----- > From: ipsec-boun...@ietf.org [mailto:ipsec-boun...@ietf.org] On Behalf Of Blumenthal, Uri - 0662 - > MITLL > Sent: Wednesday, March 03, 2010 9:26 AM > To: 'pgut...@cs.auckland.ac.nz' > Cc: 'ipsec@ietf.org'; 'c...@irtf.org' > Subject: Re: [IPsec] [Cfrg] Beginning discussion on secure password-only authentication for IKEv2 > > You're good! :-) > > On the vendor side - perhaps EKE patent concern was the cause (you implement/sell free SRP and get > slapped with EKE licensing)? And the users found alternative solutions in the meanwhile? > > Do you think weak passwords are too dangerous overall (many other ways of attacking them outside of > direct protocol attempts that we try to defend against), and so we shouldn't entertain them at all? > > Tnx! > Regards, > Uri > > ----- Original Message ----- > From: pgut001 <pgut...@wintermute02.cs.auckland.ac.nz> > To: s...@cs.columbia.edu <s...@cs.columbia.edu>; Blumenthal, Uri - 0662 - MITLL > Cc: c...@irtf.org <c...@irtf.org>; hannes.tschofe...@gmx.net <hannes.tschofe...@gmx.net>; > ipsec@ietf.org <ipsec@ietf.org>; paul.hoff...@vpnc.org <paul.hoff...@vpnc.org> > Sent: Tue Mar 02 19:41:43 2010 > Subject: Re: [Cfrg] [IPsec] Beginning discussion on secure password-only authentication for IKEv2 > > "Steven M. Bellovin" <s...@cs.columbia.edu> writes: > > >Note that the EKE patent expires in October 2011. (At least I think it does; > >it was filed in October 1991.) Depending on when you expect implementations > >to appear-- and given how long it takes to produce standards-track documents > >in the IETF -- it might not be a problem. > > Given that SRP implementations have been available and more or less freely > usable for quite some time and TLS-PSK is completely unencumbered anyway, I > think the real issue won't be "when will implementations appear" but "why > isn't anyone using them when they are available"? > > (Mind you that's a layer 8 issue, and therefore not our problem :-). > > Peter. > _______________________________________________ > IPsec mailing list > IPsec@ietf.org > https://www.ietf.org/mailman/listinfo/ipsec _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
