The IPR applies to Since we're talking about patents, calling them "IPR" just introduces gratuitous vagueness. Patent law and copyright law have very little in common, so lumping them together is basically a mistake. And there are a dozen other areas of laws which you're generalizing about each time you say "IPR". See http://www.gnu.org/philosophy/not-ipr.html for more explaation of why the term "intellectual property" is harmful. If you call them "patents", it takes 4 more characters and avoids the confusion. So the real question is this: Suppose you have an implementation of TLS that has a license to Certicom's ECC patents, and suppose that you have an application that uses draft-ietf-tls-extractor, and the application does not have its own license to Certicom's ECC patents -- is the application then infringing Certicom's patents? (An analogous question about copyrights would not be meaningful or interesting, because copyright does totally different things.) I don't know the answer to that question, but I can follow you in considering the consequences of a possible yes answer. However if the answer is yes, then the TLS implementation must not export the TLS extractor to applications when doing so would cause the applications to infringe. There is no technical way that the TLS implementation can tell whether the application has a patent license. That could be changed from the day to the next, by the actions of lawyers and businessmen, without any change in the code of the application. So the question that would follow is, what good is a standard which people are free to implement in a library, but cannot actually use without asking permission? _______________________________________________ Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf