Hi. If I understood the IETF correctly, it is an organization based on the work of volunteers and their contributions. Correct me, if I'm wrong. I'd like to question the way IETF treats it's contributors. Some time ago I've written a proposal about how to prevent forged e-mails in order to fight spam and published it as an I-D (RMX). This was also the first posting ever to the IRTF's ASRG mailing list and subject of discussion for months. Within this discussion another proposal (SPF) was raised, explicitely introduced as based on RMX and intended to cover it. Some time later, Microsoft published it's CallerID proposal, again influenced by RMX. The IETF founded the MARID working group which solely focussed on those mailer authorization records in DNS (MARID is exactly that acronym). MARID produced a new proposal called SenderID, which was introduced as a melt of SPF and CallerID. Actually, some properties characteristic for CallerID and newer versions of SPF have been omitted, thus the SenderID core draft does not significantly differ from RMX and the results of discussions about RMX. SenderID is mostly taken from RMX. Is that bad? No. Contributing to IETF means feeding for derivative work. Developing network protocols means necessarily cooperation and evolution, and that's impossible without derivative work. After all, why should someone submit an I-D, if not to get other people's comments and to invite other's for derivative work. If someone derivates his work from your's, then this is a validation that your work was usable and interesting, and that someone actually read your paper. So there's nothing wrong about derivative work per se, and that's an essential part of the way, the IETF works (at least in my eyes, correct me if I'm wrong). But in my opinion, the least a contributor can expect is that derivative work based on his contribution does acknowledge and cite the contribution correctly and does not pass the contribution as someone else's work. Correct me if I'm wrong. The SenderID core draft does not cite RMX adequatly. I have asked the MARID and ASRG chairs that RMX is cited correctly when turning the SenderID draft into an RFC. They denied. It's a commercial Microsoft and Pobox show. While on one hand the chairs do more or less acknowledge or at least not deny, that SenderID is based on and close to RMX, they do on the other hand refuse to cite RMX properly. As a reason they give, that IETF is under US law, and under US law the copyright protects only against literal plagiarisms, i.e. cut-and-paste, but not against paraphrased derivatives. Since I had therefore no legal copyright claims against SenderID, I will not be cited, as I was told. I am not that experienced with US laws yet, but I can hardly imagine that this is correct. If this was correct, I could easily republish any book under my name just by paraphrasing it's contents. I bet I'd be in trouble if I tried to do so. But forget legal issues for a moment, these are to be discussed elsewhere. I'd like to ask you for your personal opinion, not your legal knowledge or appraisal: Is that the way IETF treats it's contributors? Is that considered as fair and honest? regards Hadmut Danisch _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf