[openssl-users] ECC patent status questions

Jakob Bohm jb-openssl at wisemo.com
Thu Sep 1 22:24:46 UTC 2016

On 01/09/2016 20:11, Steve Marquess wrote:
> On 09/01/2016 08:22 AM, Jakob Bohm wrote:
>> Dear OpenSSL team,
>> Given the recent patent lawsuit between RIM/CertiCom and Avaya
>> mentioning the ECC code in OpenSSL, what is (according to the
>> OpenSSL team) the patent status of the ECC code in OpenSSL?
>> Specifically:
>> - Was the OpenSSL ECC code provided under a still-valid patent
>>   license from someone in the power to grant it, perhaps Sun
>>   (now Oracle America)?
>> - Is the FIPS mode ECC covered through some US Government or
>>   sponsor license?,  And if so, does this license extend to
>>   some non-FIPS scenarios, such as invoking the FIPS blob ECC
>>   code from a non-FIPS application (perhaps by modifying a
>>   FIPS-capable OpenSSL library to do so even in non-FIPS
>>   mode)?
>> - Are there portions of the ECC code in OpenSSL which one
>>   should disable at configure time, similar to how RSA and
>>   IDEA were often disabled in the past?
>> - Is this situation different depending on the OpenSSL
>>   library version?
> Jacob, for any patent or licensing issues you really need to consult
> competent legal counsel. Under the U.S. legal system anyone with deep
> pockets can bring suit against anyone for frivolous reasons.  You'll
> want to consult with your counsel to determine the level of risk for
> your particular circumstances. If a patent troll targets you for a
> shakedown the legal virtues of your defense are far less relevant than
> the size of your pocketbook.
What on earth made you think I was asking about "legal advice"?

My questions were being very specific precisely to avoid that,
and to be of general interest rather than anything specific
to what I do myself.

> I do know that some OpenSSL end users have chosen to omit certain
> algorithm implementations for perceived legal reasons.  The OpenSSL FIPS
> Object Module is provided in both full and ECC-free versions; the latter
> at the request of a validation sponsor. As far as I know that ECC-free
> version (openssl-fips-ecp-2.0.N.tar.gz) has seen very little use though,
> even by that original sponsor.
Indeed, my main point is that there seem to have been a somewhat
sudden shift in policy from the company (Certicom/RIM) that
generally holds most ECC patents, and that this shift in policy
might change the /practical/ advice as to which portions of OpenSSL
should be used in typical deployments.

> All that said, we believe all code in OpenSSL to be properly licensed
> under the legal systems of most countries. We are also members of the
> Open Invention Network. We have a NSA ECC sublicense
> (https://www.openssl.org/source/NSA-PLA.pdf). I'm not going to try and
> offer any legal advice, though; for that you'll need to check with your
> own legal counsel.
As far as I understand, the OIN helps only if the OpenSSL Foundation
itself became a defendant needing to counter sue etc. (I presume
the OIN is one of those nice patent pools that generally promise
not to sue non-aggressors, making their patents a non-issue for
non-member non-aggressors).

The existence of the NSA agreement is a partial answer to the first
question, though it seems unclear if this license is recursively
sublicensed through 3rd parties or not.

Again not asking for legal advice, merely the general extent of the
(sub-)license provided by the OpenSSL Foundation to the rest of the
community (not just me, but almost everyone).


Jakob Bohm, CIO, Partner, WiseMo A/S.  https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded

More information about the openssl-users mailing list