Forwarded on behalf of Dean. /Simon Dean Anderson <dean@xxxxxxx> writes: > Simon, could you please forward this to the IETF list for me? > > Thanks, > > --Dean > > ---------- Forwarded message ---------- > Date: Fri, 27 Apr 2007 22:49:51 -0400 (EDT) > From: Dean Anderson <dean@xxxxxxx> > To: Thierry Moreau <thierry.moreau@xxxxxxxxxxxxx> > Cc: ietf@xxxxxxxx, mark@xxxxxxxxxxxxxxxxxxxx, > Simon Josefsson <simon@xxxxxxxxxxxxx>, ietf@xxxxxxxx, iesg@xxxxxxxx > Subject: RE: Withdrawal of Approval and Second Last Call: > draft-housley-tls-authz-extns > > On Fri, 27 Apr 2007, Thierry Moreau wrote: > >> Thus, look at the claims. Indeed, it >> needs training to read issued patent and patent applications, but that's >> the name of the game. > > The claims are important. But they aren't the only thing. The > description of the invention (the specification) is a technical paper > like any other, though nothing is left as an exercise for the reader. > The specification and drawings are usually written by the inventor, > perhaps with editing and prodding by a lawyer. The lawyer usually writes > the claims. A small amount of legal background and terminology is > sufficient to understand the claims---its a language that helps abstract > the elements of the invention so that an infringement can be tested > objectively against the claims. BTW, the patent examiner is usually not > a lawyer, but a scientist. > >> I don't see a logical relation between PAS functions and the patent >> application claims (it doesn't mean there isn't one). > > There isn't any relation beyond, 'A isn't patented, but B is'. > RedPhoneSecurity is saying that if you don't do A, it will give you > permission to do B (maybe for free for now, maybe not later). Of course, > they want to make money somehow: probably they bet you'll want to do A > if you do B according to their proposal, and they will be happy to sell > you A. at that time. Of course, if this doesn't work out, the > technology probably gets sold, and the new owner might not give our free > licenses anymore. Business conditions can change. > >> The ietf IPR disclosure 833 seems to be trying to force contractual >> obligations (assisting the enforcement of protected PAS functions) >> based on an assumed infringement threat which would induce some >> real/moral person to become a party to the contract (GUL). > > More or less, Yes. Though it isn't the disclosure that forces this. Its > the patent in combination with the standard. They are using this to > leverage to protect their PAS functions, which they obviously think have > the real added value. > > They may be trying to patent the PAS functions, too, for all we know. > Its hard to say, from our vantage point, what their interests are in the > the deal. But they are interested in negotation to obtain a standard; > it stands to reason, they expect to benefit. We can deduce some things. > > They will have a monopoly on the PAS functions by virtue of anyone who > doesn't license the patent and agree not to implement the PAS functions, > will be barred by the patent if they conform to the RFC--assuming we > accept the RFC as is, of course. So one is in the position of either > implementing non-standard behavior, or agreeing to non-competition with > RedPhoneSecurity. That's quite an advantage for RedPhoneSecurity. > That's probably worth a great deal of money, even. > >> I'm always astonished to see ietf discussions about IPR so remote from >> simple IPR management basics. > > Yes. > >> I looked at the specifics of the patent application, and "specification >> as filed" in the provisional application. Assuming the 5 independent >> claims are valid, > > You mean the 50 claims. There are 5 on the first page alone. > >> I expect the patentholder would have great difficulty >> in establishing infringement against a source code maintainer >> organization for software maintenance and distribution activities. > > This is a gray area. I staked out a position on the openssl distribution > years ago that source code is the same as the patent application > itself---protected public information. The patent holder cannot > prohibit the distribution of the patent documents. The holder cannot > prohibit a book describing the invention. But the patent holder can > prohibit anyone (except the government) from using their invention. They > are under no obligation to license at all (IBM is well-known to patents > stuff and sit on it--They invented RISC in the 70's and sat on it), and > are also under no obligation to license fairly or reasonably. > > The 64million dollar question is whether a source code infringes. I can > assure you that I have discussed the issue with very educated and > prominent patent attorneys who think that a source code implementation > [key word 'IMPLEMENTATION'] does infringe---plainly, using the source > code infringes. You see the question: is source code an > 'implementation' or a 'specification'? I say it is a "specification": > The patent specification also contains a sequence of steps just like a > program. The patent specification itself is software of a sort. I say it > becomes an implementation when you use it. None of these attorneys were > interested in testing their assertions with the openssl distribution, > and those patents have since expired. > > There are some very good attorneys who agree with me, too. But I've also > been called bad names and threatened with violence for holding views on > law that I am way more sure of winning. [e.g. that ECPA applies to ISPs, > that anti-trust applies to blacklists, etc] > > The law has actually gotten a bit worse in some ways, in that the RIAA > and others have won cases against those assisting or enabling > (copyright) infringing activities. This could change the balance > affecting source code distributors and patents. Its a riskier bet now > than it was when I was distributing openssl source in the 90's. While > the LPF and others have convinced many key patent constituencies that > the patent system needs to be fixed, and I am confident that it will > eventually get fixed, the situation has gotten worse in some ways and > this is one ways its worse. > > > --Dean > > -- > Av8 Internet Prepared to pay a premium for better service? > www.av8.net faster, more reliable, better service > 617 344 9000 _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf