At 12:28 PM -0500 2/11/09, John Sullivan wrote: >The Free Software Foundation and the GNU Project oppose publication >of "Transport Layer Security (TLS) Authorization Extensions" >(draft-housley-tls-authz-extns) as a proposed standard. We do not >think that RedPhone Security's 1026 disclosure filing provides >sufficient assurance to free software users that they will not be >considered in violation of RedPhone's patent. Serious question: what about every other protocol for which there are IPR claims in the IETF IPR repository? I suspect that most of those IPR statements do not give sufficient assurance to free software users that they will not be considered in violation of various patents. That is, you have made a call to action on one particular document: what about the rest of the ones that have IPR claimed on them? >In response to a previous RedPhone patent disclosure, GnuTLS removed >its support for these authorization extensions. The updated >Licensing Declaration does not provide assurance sufficient for >GnuTLS to restore this support, and the same unfortunately holds >true for any other software maintained by the GNU Project. Maybe that will lead you to think that you should just not implement the authorization extensions. Why does the standards status of the eventual RFC affect your implementation decisions? This is an age-old rathole^Wdebate in the IETF, but one that most participants have answered for themselves. >We know that the IETF and IESG largely share our view that >patent-encumbered standards are unacceptable. Then "know" is too strong a word, given that you are most likely wrong. >On a broader note, we'd like to suggest that the IETF consider the >impact of of patents and copyrights on proposed standards >specifically and separately, instead of under the umbrella of IPR or >"intellectual property." This sounds like you are suggesting that we spend much more time on our process to satisfy people who only contribute to the discussion (if I can call the recent mail flood a "contribution") only every few years. Please understand that we might not like that suggestion, any more than if we suggested to the FSF that they do extensive patent research on every protocol and format that is embodied in any GNU-licensed software anywhere. >Thank you for the opportunity to comment on these issues. This mailing list is open 24/7, not just when someone issues an call-to-arms. We would appreciate well-thought-out input at other times as well. >We >recognize that the volume of mail generated by our announcement >about this issue to the free software community may be causing >inconvenience, but causing inconvenience was not the point of that >call. Welcome to the world of calls for action having unintended negative consequences. The IETF has our own history with that... --Paul Hoffman, Director --VPN Consortium _______________________________________________ Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf