David Stutzman wrote:
Rob Stradling wrote:
A question for the NSS devs:
Is there any reason why NSS couldn't be changed to assume
"NSS_ENABLE_ECC=1" by default?
Yes...
http://fedoraproject.org/wiki/User:Peter/Disabled_applications
Disabled features:
Elliptic Curve crypto algorithm
Reasons:
software patents and US Laws (?)
I think these reasons are out of date and not applicable.
Re patents, Entrust freely licensed enough of their ECC-relevant patents
to permit it to be implemented in NSS (though IIRC Entrust retains
rights to certain ECC-related patent, which is why the NSS
implementation doesn't include as many ECC features as it otherwise might).
Re US laws, to my knowledge there are no US laws or regulations that
would specifically affect ECC as opposed to other encryption mechanisms.
US encryption export control regulations don't distinguish between ECC
and (e.g.) RSA, AES, etc., and have permitted export of open source
encryption code since 2000 or so.
Frank
--
Frank Hecker
hec...@mozillafoundation.org
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
