FW: [IP] TODAY: Stop IETF Enactment of Patented Standard for TLS

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



This campaign continues:

------ Forwarded Message
From: Dave Farber <dave@xxxxxxxxxx>
Reply-To: Dave Farber <dave@xxxxxxxxxx>
Date: Wed, 11 Feb 2009 08:20:23 -0500
To: ip <ip@xxxxxxxxxxxxxx>
Subject: [IP] TODAY: Stop IETF Enactment of Patented Standard for TLS



Begin forwarded message:

From: Seth Johnson <seth.johnson@xxxxxxxxxxxxxxxxxxxxxxx>
Date: February 11, 2009 7:48:37 AM EST
To: dave@xxxxxxxxxx
Subject: TODAY: Stop IETF Enactment of Patented Standard for TLS
Reply-To: seth.johnson@xxxxxxxxxxxxxxxxxxxxxxx


Dave -- for IP, if deemed worthy . . .

Seth Johnson
Outreach Coordinator
New Yorkers for Fair Use


(Urgent.  Send your note TODAY and CONFIRM the automatic reply from
IETF.  Three links below: Glyn Moody's blog, FSF's action page, and
the latest IETF list announcement for TLS-AUTHZ.  -- Seth)


> 
http://www.computerworlduk.com/community/blogs/index.cfm?blogid=14&entryid=1845


Help Fight This Patent-Encumbered IETF Standard

February 10, 2009

Posted by: Glyn Moody

I've written numerous times about the importance of writing to
governments about their hare-brained schemes, but this one is rather
different. In this case, it's the normally sane Internet Engineering
Task Force that wants to do something really daft. The FSF explains:

Last January, the Free Software Foundation issued an alert to efforts
at the Internet Engineering Task Force (IETF) to sneak a
patent-encumbered standard for "TLS authorization" through a back-door
approval process that was referenced as "experimental" or
"informational". The many comments sent to IETF at that time alerted
committee members to this attempt and successfully prevented the
standard gaining approval.

Unfortunately, attempts to push through this standard have been
renewed and become more of a threat. The proposal now at the IETF has
a changed status from "experimental" to "proposed standard".

This is a throwback to the bad old days of sneaking patents into
nominal standards. It is yet another reason why such patents should
not be given in the first place. But until such time as the patent
offices around the world come to their senses, the only option is to
fight patent-encumbered standards on an individual basis. Here are the
details for doing so:

The FSF is again issuing an alert and request for comments to be sent
urgently and prior to the February 11 deadline to ietf@xxxxxxxxx
Please include us in your message by a CC to campaigns@xxxxxxxx You
should also expect an automated reply from ietf@xxxxxxxx, which you
will need to answer to confirm your original message.

Here's what I've sent:

I am writing to ask you not to approve the proposed patent-encumbered
standard for TLS authorisation. To do so would fly in the face of the
IETF's fundamental commitment to openness. It would weaken not just
the standard itself, but the IETF's authority in this sphere.

---

> http://www.fsf.org/news/reoppose-tls-authz-standard


Send comments opposing TLS-authz standard by February 11


Last January, the Free Software Foundation issued an alert to efforts
at the Internet Engineering Task Force (IETF) to sneak a
patent-encumbered standard for "TLS authorization" through a back-door
approval process that was referenced as "experimental" or
"informational"
(http://www.fsf.org/news/reoppose-tls-authz-standard/newsitem_view).
The many comments sent to IETF at that time alerted committee members
to this attempt and successfully prevented the standard gaining
approval.

Unfortunately, attempts to push through this standard have been
renewed and become more of a threat.  The proposal now at the IETF has
a changed status from "experimental" to "proposed standard".  The FSF
is again issuing an alert and request for comments to be sent urgently
and prior to the February 11 deadline to ietf@xxxxxxxxx  Please
include us in your message by a CC to campaigns@xxxxxxxx  You should
also expect an automated reply from ietf@xxxxxxxx, which you will need
to answer to confirm your original message.

That patent in question is claimed by RedPhone Security
(https://datatracker.ietf.org/ipr/1026/).  RedPhone has given a
license to anyone who implements the protocol, but they still threaten
to sue anyone that uses it.

If our voice is strong enough, the IETF will not approve this standard
on any level unless the patent threat is removed entirely with a
royalty-free license for all users.

Further background for your comment

See the IETF summary:
> http://www.ietf.org/mail-archive/web/ietf-announce/current/msg05617.html

Much of the communication on the Internet happens between computers
according to standards that define common languages.  If we are going
to live in a free world using free software, our software must be
allowed to speak these languages.

Unfortunately, discussions about possible new standards are tempting
opportunities for people who would prefer to profit by extending
proprietary control over our communities. If someone holds a software
patent on a technique that a programmer or user has to use in order to
make use of a standard, then no one is free without getting permission
from and paying the patent holder
(http://www.gnu.org/philosophy/fighting-software-patents.html). If we
are not careful, standards can become major barriers to computer users
having and exercising their freedom.

We depend on organizations like the Internet Engineering Task Force
(IETF) and the Internet Engineering Steering Group (IESG) to evaluate
new proposals for standards and make sure that they are not encumbered
by patents or any other sort of restriction that would prevent free
software users and programmers from participating in the world they
define.

In February 2006, a standard for "TLS authorization" was introduced in
the IETF for consideration
(http://tools.ietf.org/wg/tls/draft-housley-tls-authz-extns-07.txt).
Very late in the discussion, a company called RedPhone Security
disclosed (this disclosure has subsequently been unpublished from the
IETF website) that they applied for a patent which would need to be
licensed to anyone wanting to practice the standard
(https://datatracker.ietf.org/ipr/833/). After this disclosure, the
proposal was rejected.

Despite claims that RedPhone have offered a license for implementation
of this protocol, users of this protocol would still be threatened by
the patent. The IETF should continue to oppose this standard until
RedPhone provide a royalty-free license for all users.

Media Contacts

Peter T. Brown
Executive Director
Free Software Foundation
(617)542-5942
campaigns@xxxxxxx

---

> http://www.ietf.org/mail-archive/web/ietf-announce/current/msg05617.html


Fourth Last Call: draft-housley-tls-authz-extns

    * To: IETF-Announce <ietf-announce at ietf.org>
    * Subject: Fourth Last Call: draft-housley-tls-authz-extns
    * From: The IESG <iesg-secretary at ietf.org>
    * Date: Wed, 14 Jan 2009 08:18:20 -0800 (PST)
    * List-archive: <http://www.ietf.org/pipermail/ietf-announce>
    * Reply-to: ietf at ietf.org


On June 27, 2006, the IESG approved "Transport Layer Security (TLS)
Authorization Extensions," (draft-housley-tls-authz-extns) as a
proposed standard. On November 29, 2006, Redphone Security (with whom
Mark Brown, a co-author of the draft is affiliated) filed IETF IPR
disclosure 767.

Because of the timing of the IPR Disclosure, the IESG withdrew its
approval of draft-housley-tls-authz-extns.  A second IETF Last Call
was initiated to determine whether the IETF community still had
consensus to publish  draft-housley-tls-authz-extns as a proposed
standard given the IPR claimed.  Consensus to publish as a standards
track document was not demonstrated, and the document was withdrawn
from IESG consideration.

A third IETF Last Call was initiated to determine whether the IETF
community had consensus to publish draft-housley-tls-authz-extns as an
experimental track RFC with knowledge of the IPR disclosure from
Redphone Security.  Consensus to publish as experimental was not
demonstrated; a substantial segment of the community objected to
publication on any track in light of the IPR terms.

Since the third Last Call, RedPhone Security filed IETF IPR disclosure
1026.  This disclosure statement asserts in part that "the techniques
for sending and receiving authorizations defined in TLS Authorizations
Extensions (version draft-housley-tls-authz-extns-07.txt) do not
infringe upon RedPhone Security's intellectual property rights".  The
full text of IPR disclosure 1026 is available at:

 https://datatracker.ietf.org/ipr/1026/

This Last Call is intended to determine whether the IETF community had
consensus to publish  draft-housley-tls-authz-extns as a proposed
standard given IPR Disclosure 1026.

The IESG is considering approving this draft as a standards track RFC.
The IESG solicits final comments on whether the IETF community has
consensus to publish draft-housley-tls-authz-extns as a proposed
standard. Comments can be sent to ietf at ietf.org or exceptionally to
iesg at ietf.org. Comments should be sent by 2009-02-11.

A URL of this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-housley-tls-authz-extns-07.txt

_______________________________________________
IETF-Announce mailing list
IETF-Announce at ietf.org
https://www.ietf.org/mailman/listinfo/ietf-announce





-------------------------------------------
Archives: https://www.listbox.com/member/archive/247/=now
RSS Feed: https://www.listbox.com/member/archive/rss/247/
Powered by Listbox: http://www.listbox.com

------ End of Forwarded Message

_______________________________________________

Ietf@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ietf

[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]