Folks,
After some time reflecting on the hundreds of messages submitted to
the IETF discussion list, I have come to several conclusions about
progressing draft-housley-tls-authz. I will summarize the conclusions
up front, then provide the rationale for those decisions in the
remainder of this message.
1. Last Call demonstrates that the community does not support
progression of this document on the standards track, but sufficient
support exists for publication as an Experimental RFC.
2. The community would like the TLS working group to develop a
standards track mechanism for TLS authorization, and strongly prefers
an unencumbered solution.
3. Publication of draft-housley-tls-authz should be timed to
ensure that it does not unduly interfere with acceptance and adoption
of a standards track solution.
As stated in the Last Call announcement, I had intended to request
IESG evaluation for publication on the standards track. It is clear
that the community does not support publication of this document on
the standards track. However, the Last Call comments show rough
consensus for publication as an Experimental RFC.
If one simply counts the messages sent to the IETF discussion list,
the conclusion would be that the document should not be published.
However, I did not weight all comments equally. In particular, I
discounted the large volume of messages from the Free Software
Foundation. To be clear, these messages were not ignored – they
represent a viewpoint shared by a significant number of IETF
participants, and the IETF has a clear preference for unencumbered
solutions.
However, many of the messages from the FSF campaign stated that it is
the IETF’s mission to develop unencumbered standards to satisfy the
FSF. That is not for the FSF to decide, and is not consistent with
the IETF’s traditional stance on IPR. For example:
We depend on organizations like the Internet Engineering Task Force
(IETF) and the Internet Engineering Steering Group (IESG) to
evaluate new proposals for standards and make sure that they are not
encumbered by patents or any other sort of restriction that would
prevent free software users and programmers from participating in
the world they define.
This position does not align with IETF IPR policy. It is therefore
inappropriate to impose the FSF’s requirements on this or any other
IETF specification.
It is very clear that the community would prefer a standards track
publication generated through the TLS working group process, assuming
sufficient interest exists to support the work. If the TLS working
group chooses to take on this work, this specification should not be
published until the standards track solution is published. This
ensures that publication of draft-housley-tls-authz does not unduly
interfere with acceptance and adoption of a standards track solution.
If publication of draft-housley-tls-authz is approved by the IESG but
delayed in deference to working group activities, I intend to request
early IANA assignment. This will permit experimental use of this
publication while the standards track publication is under development.
Thanks,
Tim Polk
_______________________________________________
Ietf@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ietf