The IESG <iesg-secretary@xxxxxxxx> writes: > Since the third Last Call, RedPhone Security filed IETF IPR disclosure > 1026. This disclosure statement asserts in part that "the techniques > for sending and receiving authorizations defined in TLS Authorizations > Extensions (version draft-housley-tls-authz-extns-07.txt) do not > infringe upon RedPhone Security's intellectual property rights". The > full text of IPR disclosure 1026 is available at: > > https://datatracker.ietf.org/ipr/1026/ > > This Last Call is intended to determine whether the IETF community > had consensus to publish draft-housley-tls-authz-extns as a > proposed standard given IPR Disclosure 1026. Given the patent disclaimer from RedPhone, I'm against publishing this as a proposed standard. It seems no license is demanded to implement the technology, which is a step in the right direction. It also seems clear that RedPhone will demand a license for _use_ of the technology. Practical use-cases appears to be covered by this demand. That makes the technology unsuitable as a proposed standard to me. I am also concerned that the earlier patent disclaimer #765 is not available: https://datatracker.ietf.org/ipr/765/ This makes it impossible for the community to review the history around the licensing conditions. This seems contrary to the requirements of RFC 3979 aka BCP 0079: Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr. Thus it seems the policies around patent disclosures have not been followed by the IETF itself here. /Simon _______________________________________________ Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf