W3C home > Mailing lists > Public > public-xmlsec@w3.org > February 2009

NSA ECC Certicom Licenses

From: Miller, Rob <RDMILLER@mitre.org>
Date: Fri, 6 Feb 2009 14:39:09 -0500
To: XMLSec WG XMLSec W3C <public-xmlsec@w3.org>
Message-ID: <70189427BD8CE046B781F28D29C21AEE0A81C3DBD6@IMCMBX4.MITRE.ORG>
I attended a Cryptographic Interoperability Brief at the DoD/IC Information
Assurance Symposium this week and asked questions about ECC IPR and the NSA
Certicom Licenses. An NSA representative made an interesting claim. She said
that NSA lawyers assert that the NSA Certicom licenses can be used to
implement ECC in COTS products without any distribution restrictions as long
as they are available for National Security implementations. This still
requires that the vendor get a license from NSA, but is a different position
than I have heard in the past.  I will see if I can track down anything in
writing.

 

 

Regards,

Rob Miller

 

 

 

_____________________

Robert D. Miller, CISSP, CISA, PMP

The MITRE Corporation

Lead Infosec Engineer

Secure Operations

 

rdmiller@mitre.org - (443) 695-1857

 

CIIS/G025

 



Received on Friday, 6 February 2009 19:39:46 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 7 December 2009 10:43:57 GMT