Fwd: Re: RFE kmail with S/MIME

Miguel Coca mcoca@gnu.org
Sun May 18 22:03:02 2003 

--mYCpIKhGyMATD0i+
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Sat, May 17, 2003 at 20:11:35 +0200, Werner Koch wrote:
> On Sat, 17 May 2003 01:48:05 +0200, Ingo Kl=F6cker said:
>=20
> > I'm passing the ball to the Aegypten developers: Have the Aegypten=20
> > people obtained rights to use IBM patent 5953420? Do they know about=20
> > that IBM patent? Can an implementation of S/MIME be free considered=20
>=20
> We don't implement the DH key agreement method.=20
>=20
> Anyway, the DH key agreement patent expired in 1997.  Hmm, this is
> patent no 4200770. I don't know what's up with 5953420.

The patent is online at:

http://patft.uspto.gov/netacgi/nph-Parser?Sect2=3DPTO1&Sect2=3DHITOFF&p=3D1=
&u=3D%2Fnetahtml%2Fsearch-bool.html&r=3D1&f=3DG&l=3D50&d=3DPALL&RefSrch=3Dy=
es&Query=3DPN%2F5953420

It begins:

        "A method and apparatus for generating authenticated
        Diffie-Hellman keys. Each user first generates an
        authenticated first shared secret value from a first nonshared
        persistent secret value generated by that user and an
        authenticated first transformed value received from the other
        user over a trusted communications channel. Each user then
        dynamically generates a second shared secret value from a
        second nonshared secret value dynamically generated by that
        user and a dynamically generated second transformed value
        received from the other user. Each user thereafter generates
        one or more keys by concatenating the first and second shared
        secret values together with a count to form a concatenated
        value and passing the concatenated value through a one-way
        hash function to generate a hash value from which the keys are
        extracted. Since only the legitimate users possess the
        information necessary to construct the first shared secret
        value, a spoofer interacting with a user to generate a second
        shared secret value cannot generate the same key. Incrementing
        the count for successive hashes allows a multiplicity of keys
        to be generated from a given pair of shared secret values."

I'll leave it to the experts here to interpret it :-)

Regards,
--=20
Miguel Coca (mcoca@gnu.org)                http://zipi.fi.upm.es/~e970095/
       OpenPGP: E60A CBF4 5C6F 914E B6C1  C402 8C4D C7B6 27FC 3CA8

--mYCpIKhGyMATD0i+
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3-cvs (GNU/Linux)

iD8DBQE+x+c3jE3Htif8PKgRAiJLAJ4jm9gMDlyHgLzLUObdtie6nst30wCfQZBu
h13rbdJuY/3EklhvSS7C1io=
=Geq3
-----END PGP SIGNATURE-----

--mYCpIKhGyMATD0i+--