I’ve got a quick question regarding the integration of Kyber into NSS that was recently done in support of #1826451.
It’s believed that U.S. patents no. 9094189 and 9246675 may apply to Kyber.
Of course, this should not be a problem, because NIST claims that it secured a license to allow anyone to use these patents for the purpose of implementing Kyber, for no charge.
However, it seems that no-one has ever actually seen this license. Due to this, Cisco has preliminarily considered Kyber unusable; they are by no means alone in their hesitation.
Therefore I ask: What is Mozilla’s position on these patents?
-
Does Mozilla hold that those patents are invalid, or otherwise inapplicable to Kyber?
-
Does Mozilla simply take NIST’s bizarre, cagey press release at face value?
-
Does Mozilla hold some other stance?
-
Has Mozilla not considered the issue at all yet?
Thanks for any responses.
I reached out to the committer privately by e-mail with this question over a month ago, but haven’t heard back, which is why I’m asking publicly now.