This campaign continues: ------ Forwarded Message From: Dave Farber <dave@xxxxxxxxxx> Reply-To: Dave Farber <dave@xxxxxxxxxx> Date: Wed, 11 Feb 2009 08:20:23 -0500 To: ip <ip@xxxxxxxxxxxxxx> Subject: [IP] TODAY: Stop IETF Enactment of Patented Standard for TLS Begin forwarded message: From: Seth Johnson <seth.johnson@xxxxxxxxxxxxxxxxxxxxxxx> Date: February 11, 2009 7:48:37 AM EST To: dave@xxxxxxxxxx Subject: TODAY: Stop IETF Enactment of Patented Standard for TLS Reply-To: seth.johnson@xxxxxxxxxxxxxxxxxxxxxxx Dave -- for IP, if deemed worthy . . . Seth Johnson Outreach Coordinator New Yorkers for Fair Use (Urgent. Send your note TODAY and CONFIRM the automatic reply from IETF. Three links below: Glyn Moody's blog, FSF's action page, and the latest IETF list announcement for TLS-AUTHZ. -- Seth) > http://www.computerworlduk.com/community/blogs/index.cfm?blogid=14&entryid=1845 Help Fight This Patent-Encumbered IETF Standard February 10, 2009 Posted by: Glyn Moody I've written numerous times about the importance of writing to governments about their hare-brained schemes, but this one is rather different. In this case, it's the normally sane Internet Engineering Task Force that wants to do something really daft. The FSF explains: Last January, the Free Software Foundation issued an alert to efforts at the Internet Engineering Task Force (IETF) to sneak a patent-encumbered standard for "TLS authorization" through a back-door approval process that was referenced as "experimental" or "informational". The many comments sent to IETF at that time alerted committee members to this attempt and successfully prevented the standard gaining approval. Unfortunately, attempts to push through this standard have been renewed and become more of a threat. The proposal now at the IETF has a changed status from "experimental" to "proposed standard". This is a throwback to the bad old days of sneaking patents into nominal standards. It is yet another reason why such patents should not be given in the first place. But until such time as the patent offices around the world come to their senses, the only option is to fight patent-encumbered standards on an individual basis. Here are the details for doing so: The FSF is again issuing an alert and request for comments to be sent urgently and prior to the February 11 deadline to ietf@xxxxxxxxx Please include us in your message by a CC to campaigns@xxxxxxxx You should also expect an automated reply from ietf@xxxxxxxx, which you will need to answer to confirm your original message. Here's what I've sent: I am writing to ask you not to approve the proposed patent-encumbered standard for TLS authorisation. To do so would fly in the face of the IETF's fundamental commitment to openness. It would weaken not just the standard itself, but the IETF's authority in this sphere. --- > http://www.fsf.org/news/reoppose-tls-authz-standard Send comments opposing TLS-authz standard by February 11 Last January, the Free Software Foundation issued an alert to efforts at the Internet Engineering Task Force (IETF) to sneak a patent-encumbered standard for "TLS authorization" through a back-door approval process that was referenced as "experimental" or "informational" (http://www.fsf.org/news/reoppose-tls-authz-standard/newsitem_view). The many comments sent to IETF at that time alerted committee members to this attempt and successfully prevented the standard gaining approval. Unfortunately, attempts to push through this standard have been renewed and become more of a threat. The proposal now at the IETF has a changed status from "experimental" to "proposed standard". The FSF is again issuing an alert and request for comments to be sent urgently and prior to the February 11 deadline to ietf@xxxxxxxxx Please include us in your message by a CC to campaigns@xxxxxxxx You should also expect an automated reply from ietf@xxxxxxxx, which you will need to answer to confirm your original message. That patent in question is claimed by RedPhone Security (https://datatracker.ietf.org/ipr/1026/). RedPhone has given a license to anyone who implements the protocol, but they still threaten to sue anyone that uses it. If our voice is strong enough, the IETF will not approve this standard on any level unless the patent threat is removed entirely with a royalty-free license for all users. Further background for your comment See the IETF summary: > http://www.ietf.org/mail-archive/web/ietf-announce/current/msg05617.html Much of the communication on the Internet happens between computers according to standards that define common languages. If we are going to live in a free world using free software, our software must be allowed to speak these languages. Unfortunately, discussions about possible new standards are tempting opportunities for people who would prefer to profit by extending proprietary control over our communities. If someone holds a software patent on a technique that a programmer or user has to use in order to make use of a standard, then no one is free without getting permission from and paying the patent holder (http://www.gnu.org/philosophy/fighting-software-patents.html). If we are not careful, standards can become major barriers to computer users having and exercising their freedom. We depend on organizations like the Internet Engineering Task Force (IETF) and the Internet Engineering Steering Group (IESG) to evaluate new proposals for standards and make sure that they are not encumbered by patents or any other sort of restriction that would prevent free software users and programmers from participating in the world they define. In February 2006, a standard for "TLS authorization" was introduced in the IETF for consideration (http://tools.ietf.org/wg/tls/draft-housley-tls-authz-extns-07.txt). Very late in the discussion, a company called RedPhone Security disclosed (this disclosure has subsequently been unpublished from the IETF website) that they applied for a patent which would need to be licensed to anyone wanting to practice the standard (https://datatracker.ietf.org/ipr/833/). After this disclosure, the proposal was rejected. Despite claims that RedPhone have offered a license for implementation of this protocol, users of this protocol would still be threatened by the patent. The IETF should continue to oppose this standard until RedPhone provide a royalty-free license for all users. Media Contacts Peter T. Brown Executive Director Free Software Foundation (617)542-5942 campaigns@xxxxxxx --- > http://www.ietf.org/mail-archive/web/ietf-announce/current/msg05617.html Fourth Last Call: draft-housley-tls-authz-extns * To: IETF-Announce <ietf-announce at ietf.org> * Subject: Fourth Last Call: draft-housley-tls-authz-extns * From: The IESG <iesg-secretary at ietf.org> * Date: Wed, 14 Jan 2009 08:18:20 -0800 (PST) * List-archive: <http://www.ietf.org/pipermail/ietf-announce> * Reply-to: ietf at ietf.org On June 27, 2006, the IESG approved "Transport Layer Security (TLS) Authorization Extensions," (draft-housley-tls-authz-extns) as a proposed standard. On November 29, 2006, Redphone Security (with whom Mark Brown, a co-author of the draft is affiliated) filed IETF IPR disclosure 767. Because of the timing of the IPR Disclosure, the IESG withdrew its approval of draft-housley-tls-authz-extns. A second IETF Last Call was initiated to determine whether the IETF community still had consensus to publish draft-housley-tls-authz-extns as a proposed standard given the IPR claimed. Consensus to publish as a standards track document was not demonstrated, and the document was withdrawn from IESG consideration. A third IETF Last Call was initiated to determine whether the IETF community had consensus to publish draft-housley-tls-authz-extns as an experimental track RFC with knowledge of the IPR disclosure from Redphone Security. Consensus to publish as experimental was not demonstrated; a substantial segment of the community objected to publication on any track in light of the IPR terms. Since the third Last Call, RedPhone Security filed IETF IPR disclosure 1026. This disclosure statement asserts in part that "the techniques for sending and receiving authorizations defined in TLS Authorizations Extensions (version draft-housley-tls-authz-extns-07.txt) do not infringe upon RedPhone Security's intellectual property rights". The full text of IPR disclosure 1026 is available at: https://datatracker.ietf.org/ipr/1026/ This Last Call is intended to determine whether the IETF community had consensus to publish draft-housley-tls-authz-extns as a proposed standard given IPR Disclosure 1026. The IESG is considering approving this draft as a standards track RFC. The IESG solicits final comments on whether the IETF community has consensus to publish draft-housley-tls-authz-extns as a proposed standard. Comments can be sent to ietf at ietf.org or exceptionally to iesg at ietf.org. Comments should be sent by 2009-02-11. A URL of this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-housley-tls-authz-extns-07.txt _______________________________________________ IETF-Announce mailing list IETF-Announce at ietf.org https://www.ietf.org/mailman/listinfo/ietf-announce ------------------------------------------- Archives: https://www.listbox.com/member/archive/247/=now RSS Feed: https://www.listbox.com/member/archive/rss/247/ Powered by Listbox: http://www.listbox.com ------ End of Forwarded Message _______________________________________________ Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf