I oppose making TLS-authz an experimental standard

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I oppose publication of draft-housley-tls-authz-extns as an experimental
standard.

The patent application disclosed by RedPhone Security has put any free
software attempting to implement these extensions in a very difficult
position. Free software developers cannot safely code to the
specifications without risking infringement on RedPhone's patents. As a
result of these concerns and the uncertain situation they create, GnuTLS
has removed support for them in its latest release -- and no other
software maintained by the GNU Project will be written to them.

I know that the IETF and IESG largely share our view that
patent-encumbered standards are unacceptable. I believe that the process
has reached the proper conclusion -- the draft has been rejected as a
standard. Please do not allow this decision to be negated by publishing
it on the experimental track.

I agree with Sam Hartman that "often it seems that we use informational
as a way to publish things we cannot build a strong consensus behind. I
think that process is generally problematic and would like to avoid it
in this instance," and with Simon Josefsson that "[g]iven that the
initial last call was to put the document on the standards track, my
impression would be that this last call request for the experimental
track is indeed intended to circumvent the normal process."

In the long term, widespread adoption of something published on this
track would put software authors in the same bad position as if the
document were approved as a standard. Please respect the consensus that
has been reached and do not publish this draft.

_______________________________________________

Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf

[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]