The main issue I have been struggeling with these authorization extensions inside TLS is that they happen at the wrong layer. Today, we see similar functionality being deployed at higher layers. I doubt that a standardized authorization mechanism inside TLS will have a lot of impact. Ciao Hannes >-----Original Message----- >From: ietf-bounces@xxxxxxxx [mailto:ietf-bounces@xxxxxxxx] On >Behalf Of Angelos D. Keromytis >Sent: 12 February, 2009 11:21 >To: Alfred HÎnes >Cc: dean@xxxxxxx; tls@xxxxxxxx; ietf@xxxxxxxx >Subject: Re: [TLS] TLS WG Chair Comments on draft-ietf-tls-authz-07 > >Alfred, >neither of the cited KeyNote drafts (nor the KeyNote system >itself) is patent-encumbered. However, I admit to not (yet) >having paid close attention to the details of the IPR issues >around tls-authz-extns itself and their potential impact to >tls-authz-keynote. > >I have started draft-keromytis-keynote-x509-01 through the >RFC- fication process (currently discussing with a reviewer), >since it does not depend on authz (or any other pending work >in any WG). I have been waiting for tls-authz-extns to go >through the process before I start with >draft-keromytis-tls-authz-keynote-01. I invite every >interested party to send me comments. You may find it useful >to first read RFCs >2704 (at least the first few sections) and 2792. >Best, >-Angelos > > >On Feb 11, 2009, at 7:02 PM, Alfred HÎnes wrote: > >> At Wed, 11 Feb 2009 16:20:14 -0500 (EST), Dean Anderson wrote: >> >>> ... And as >>> programmer and developer, I will probably have some non-patented >>> alternatives to present. >>> >>> --Dean >> >> Dean, >> that's really laudable progress, leading back to technical >discussion >> of possible alternative solutions. >> Please indeed prepare such I-D as soon as feasible. >> >> >> I heartly invite other interested parties as well to submit their >> proposals to the TLS WG, and I hereby explicitely would like to >> address those many folks that newly started being interested in IETF >> work in general and further development and application of TLS in >> particular. >> >> In order to make life easier for all participants, I suggest >to start >> with streamlined draft names like draft-<author>-tlz-authz-<xxx>-00 . >> >> The WG should be able to perform an unprejudized discussion of >> alternative proposals before it comes to determine consensus whether >> there is enough interest and support to warrant adopting 'TLS >> Authorization' as a new work item, and if so, which >> draft(s) to base the WG project on. >> >> I personally promise to review sound draft proposals in time before >> such WG decision (perhaps not initial -00 versions, only enough >> elaborate refined versions). >> >> >> One immediate question to the group and the respective author: >> >> Draft-housley-tls-authz-extns only defines a framework, and >according >> to the past exegesis of the imprecise IPR statements under >discussion, >> only the application of that framework to specific use cases >might be >> encumbered by these claims. >> However, the recent I-D, draft-keromytis-tls-authz-keynote-01, >> together with a supporting sibling document, >> draft-keromytis-keynote-x509-01 (both still rough and lacking >> important details), defines a concrete instantiation of that >> framework. >> In how far is that instantiation encumbered by these IPR claims? >> Is it burdened with other patent claims? >> >> >> Kind regards, >> Alfred HÎnes. >> >> -- >> >> +------------------------ >> +--------------------------------------------+ >> | TR-Sys Alfred Hoenes | Alfred Hoenes Dipl.-Math., Dipl.- >> Phys. | >> | Gerlinger Strasse 12 | Phone: (+49)7156/9635-0, Fax: >> -18 | >> | D-71254 Ditzingen | E-Mail: ah@TR- >> Sys.de | >> +------------------------ >> +--------------------------------------------+ >> >> > >_______________________________________________ >Ietf mailing list >Ietf@xxxxxxxx >https://www.ietf.org/mailman/listinfo/ietf > _______________________________________________ Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf