ECC patent issues

Posted Nov 7, 2013 9:19 UTC (Thu) by istenrot (subscriber, #69564)
Parent article: Let's talk about perfect forward secrecy

> However, the majority of public web servers does not support DHE or ECDHE, so in practice most HTTPS connections are established without PFS.

Most Linux distros are forced to disable ECDHE cipher suites because of U.S. patent issues. Take a look at this discussion: https://bugzilla.redhat.com/show_bug.cgi?id=319901

ECC patent issues

Posted Nov 7, 2013 12:38 UTC (Thu) by jyaworski (guest, #83240) [Link] (1 responses)

Reading that page, it looks like the issue has been determined otherwise by Red Hat.

> As of the following update revisions, the "ec", "ecdh", and "ecdsa" options have been re-enabled in the openssl package:

> openssl-1.0.1e-4.fc18.1
> openssl-1.0.1e-4.fc19.1
> openssl-1.0.1e-27.fc20
> openssl-1.0.1e-27.fc21

ECC patent issues

Posted Nov 7, 2013 13:41 UTC (Thu) by cesarb (subscriber, #6266) [Link]

They have enabled NSA's Suite B curves (secp256r1 and secp384r1) in OpenSSL, and are working in enabling them in other packages (due to how openssl works, it needs at least a recompile). The tracking bug is https://bugzilla.redhat.com/show_bug.cgi?id=1019390. I also opened bugs for the other two curves most people are interested in, secp521r1 (the next one in the series, but AFAIK not part of NSA's Suite B) and secp256k1 (used by Bitcoin); they can be found as dependencies to that tracking bug.