Re: Fourth Last Call: draft-housley-tls-authz-extns

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Russ Housley <housley@xxxxxxxxxxxx> writes:

> Phil:
>
>>For the people who want this draft published (and perhaps have a pending
>>implementation), would you please humour me by offering some usage
>>scenarios, other than debugging or toys, which would meet security
>>review and which are not covered by the four points which the
>>patent-holder notes as potentially encumbered?
>
> I'll offer one based on attribute certificates (see RFC 3281).  If the
> attribute certificate policy does not use a critical certificate
> policy identifier that is within an arc registered to RedPhone
> Security (e.g. iso.org.dod.internet.private.enterprise.23106), then
> the most straightforward deployments would not encounter problems with
> this IPR Statement.  RFC 3281 specifies ways to carry access
> identities, group memberships, roles, and clearances in attribute
> certificates.  As long as these are not coupled to signed agreements
> such as contracts, as is their normal use, then I cannot see problems
> with this IPR statement.

What's the point of a certificate if you don't ultimately couple it with
a contract?  Identities, group memberships, roles, and clearances are
all attributes defined by non-technical, real-world agreements, often
documented in the form of a contract.

/Simon
_______________________________________________

Ietf@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ietf

[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]