Hello,
since Feb 2006 there is an ongoing proposal for an IETF
standard on "TLS authorization".
Unfortunately this standard is encumbered by a patent from
RedPhone Security. While this company has agreed to provide
a royalty-free license for implementors it has so far
refrained from doing so for users.
For me as an engineer this makes the proposed standard not
only worthless but also -- because it's aiming to become an
IETF standard -- dangerous.
I only see two possibilities:
Either RedPhone Security will provide a royalty-free license
for both users and developers or the IETF must decline to
approve the standard.
In my experience the IETF is a reasonable organization who
has so far always worked on standards that are both open
and free to everyone.
I will therefore assume that you will consider this issue
carefully and decide on a reasonable solution, most likely
one of the two I have just explained.
Thank you!
Leslie P. Polzer
Independent IT Professional
--
LinkedIn Profile: http://www.linkedin.com/in/polzer
Xing Profile: https://www.xing.com/profile/LeslieP_Polzer
Blog: http://blog.viridian-project.de/
_______________________________________________
Ietf@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ietf