W3C home > Mailing lists > Public > public-xmlsec@w3.org > February 2009

NSA ECC Certicom Licenses

From: Miller, Rob <RDMILLER@mitre.org>
Date: Fri, 6 Feb 2009 14:39:09 -0500
To: XMLSec WG XMLSec W3C <public-xmlsec@w3.org>
Message-ID: <70189427BD8CE046B781F28D29C21AEE0A81C3DBD6@IMCMBX4.MITRE.ORG>
I attended a Cryptographic Interoperability Brief at the DoD/IC Information
Assurance Symposium this week and asked questions about ECC IPR and the NSA
Certicom Licenses. An NSA representative made an interesting claim. She said
that NSA lawyers assert that the NSA Certicom licenses can be used to
implement ECC in COTS products without any distribution restrictions as long
as they are available for National Security implementations. This still
requires that the vendor get a license from NSA, but is a different position
than I have heard in the past.  I will see if I can track down anything in




Rob Miller





Robert D. Miller, CISSP, CISA, PMP

The MITRE Corporation

Lead Infosec Engineer

Secure Operations


rdmiller@mitre.org - (443) 695-1857




Received on Friday, 6 February 2009 19:39:46 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:55:10 UTC