Originally Posted by Tuxavant
I would like someone to walk me through:
- Build OpenSSL with EC
- Write a RPM Spec file for installation
- Create a repository instance
- Add my RPM to the repository
Does anyone have the patience to guide me: Start here, do this, do that.
Nice idea - but it's not gonna happen.
The elliptic curve cryptography is controlled by patents by Certicom (a Canadian company)
It appears the patents are related to the implementation, not the mechanism of the crypto, so there is a good likelihood that in the future some algorithms based on RFC6090 will evolve. http://tools.ietf.org/html/rfc6090
This is a sad situation since the EC algorithms provide really great crypto - as you likely know.
If you pull the openssl source package from the fedora repo's you'll see they've zero'ed out all the patented algorithm code. So the fedora openssl source package includes no IDEA, RC5, EC, EDDH, ECSA algorithm code. This is to avoid getting involved in patent infringement cases. But here is what the openssl readme says ...
Various companies hold various patents for various algorithms in various
locations around the world. _YOU_ are responsible for ensuring that your use
of any algorithms is legal by checking if there are any patents in your
country. The file contains some of the patents that we know about or are
rumored to exist. This is not a definitive list. ...
So there is zero chance the current openssl EC algorthms will ever be accepted in the official repos. (until the patents expire I suppose).
You can pull and build the entire openssl from
using it has legal ramifications where I live.
If you want to be an open-source hero you could get involved in coding an open source version of the RFC6090 algorithms, but personally I'd still want to consult a patent atty on many detailed points before releasing anything.
Hate to crush your great idea - but blame the US patent law - not me.