"Dave Howe" writes:

I was under the impression they had just licenced their *patent*

Yup, and that's all they did. I've seen some downright bizarre interpretations of this particular portent on the web (<cough> slashdot</cough>), but the simple fact is that the NSA, in its role as the agency responsible for overseeing crypto use by the USG, got a blanket Certicom patent license for cases where ECC (of the Certicom-patented variety) is used, just as they got a blanket DSA license for DSA, and would have had to get a blanket RSA license before that if it hadn't been USG-funded work and a blanket DES license if IBM hadn't made the patent freely usable. Certicom's PR folks, seeing an opportunity, put out a press release saying that the NSA had licensed their patent(s). This does not mean that the NSA is about the drop their own crypto for ECC (definitely the silliest interpretation of Certicom's press release I've seen), nor is it a sign that they believe RSA is dead or that the end of the world is nigh, etc etc etc. Peter.