Hello, I was worried by the information about a new Internet Draft which seems to be troubled by patent claims even before its approval. [http://www.fsf.org/news/reoppose-tls-authz-standard] So, I decided to read a bit before forming a final opinion. First I've read the following link from 19-Nov-2008: https://datatracker.ietf.org/ipr/1026/ IANL but the language looks too familiar... "RedPhone Security agrees to grant licenses for such uses in a fair and nondiscriminatory manner. This statement applies to the Disclosed Patent Information, including all amendments in all nations as published during the course of prosecution." I'm sure you are well aware that "fair and nondiscriminatory manner" is the usual "newspeak" term for discriminating free software. E.g: if someone only ask 10$ per-copy it means you cannot distribute without having some copy counting mechanisms in place. Looking further I've read the following link from 26-Nov-2008: https://datatracker.ietf.org/ipr/767/ So, about two weeks later, the same company says: "Any party wishing to request a license under the patent applications listed in Schedule A and/or any issued patents from such applications is encouraged to contact RedPhone Security." Which clarifies they reserve the right to provide licenses on a case by case basis (yes, under the non-yada-yada etc). This is very different from cases where comprehensive blanket licenses are given by relevant companies for inclusion of their technologies in standard setting papers. Which begs the question -- why all this is disclosed barely two months before the (supposed) approval of this draft standard? To hush criticism? To make IETF think harder about withdrawing after investing a lot of time and work into this? Regretfully, we already saw in some industries the advent of litigious companies messing with industry standards (you can head on to http://en.wikipedia.org/wiki/Rambus for a sad refresher). Not long ago, we saw other important standard bodies loses much of their credibility due to similar tactics (I obviously refer to the ISO/IEC DIS 29500 farce). I obviously don't want IETF to fall into a similar trap. It's important to reject this proposal so all of us can trust any RFC or STD for what they are -- a free specification for anybody to implement as it wish. Furthermore. Patent disclosure at the end of the process instead of the beginning is not an example of honesty (do you think they "forgot" they applied for these patents?) IMHO, the only way for the IETF to protect itself and its reputation from such predatory behaviour is to apply a mechanism to deter such companies. Maybe something along the line of: "You made us work X months without trusting us with your secret plan? Good. You lost our trust for the same time frame. You are welcome to propose other free standards *after* this grace time passes." I urge you to reconsider and not risk the great achievements of Internet in general and the IETF in particular for a short term "gain". Thank you very much for all your efforts, [This mail was prepared and sent by free software, running on a free operating system, abiding by freely available Internet standards] -- Oron Peled Voice: +972-4-8228492 oron@xxxxxxxxxxxx http://www.actcom.co.il/~oron "There has grown up in the minds of certain groups in this country the notion that because a man or a corporation has made a profit out of the public for a number of years, the government and the courts are charged with the duty of guaranteeing such profit in the future, even in the face of changing circumstances and contrary public interest." -- Robert Heinlein, "Life-Line" (1939) _______________________________________________ Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf