ned+ietf@xxxxxxxxxxxxxxxxx wrote: > I completely disagree with this assessment. The points you mention are quite > specifically talking about Agreements, not certificates. Yes, this is obviously right, "Agreements" are not certificates. But I don't think it's clear that storing Agreements covers only "a fairly specific set of use cases." Since Agreements include contracts and negotiable instruments, it seems that it could encompass most uses in e-commerce: for example an online store that requires buyers to use authorizations when making a purchase, and then stores the transaction details along with the authorization data. Sales transactions are a central use case for TLS, are they not? If online sales using the authz extensions are not within the scope of term 3, I don't think it is at all clear from the IPR Statement, and the onus should be on RedPhone to clarify this. If they are, I think RedPhone's restrictions can hardly be said to apply only to corner cases. Aaron _______________________________________________ Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf