Re: [Cfrg] Editing work on github of draft-ladd-safecurves

"Eggert, Lars" <lars@netapp.com> Thu, 16 January 2014 16:23 UTC

Return-Path: <lars@netapp.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 88A141AE35F for <cfrg@ietfa.amsl.com>; Thu, 16 Jan 2014 08:23:17 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.44
X-Spam-Level:
X-Spam-Status: No, score=-7.44 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.538, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zyhTqBCtKWLU for <cfrg@ietfa.amsl.com>; Thu, 16 Jan 2014 08:23:16 -0800 (PST)
Received: from mx12.netapp.com (mx12.netapp.com [216.240.18.77]) by ietfa.amsl.com (Postfix) with ESMTP id 1E1A61AE24D for <cfrg@irtf.org>; Thu, 16 Jan 2014 08:23:16 -0800 (PST)
X-IronPort-AV: E=Sophos; i="4.95,668,1384329600"; d="asc'?scan'208"; a="137339427"
Received: from vmwexceht02-prd.hq.netapp.com ([10.106.76.240]) by mx12-out.netapp.com with ESMTP; 16 Jan 2014 08:23:04 -0800
Received: from SACEXCMBX06-PRD.hq.netapp.com ([169.254.9.60]) by vmwexceht02-prd.hq.netapp.com ([10.106.76.240]) with mapi id 14.03.0123.003; Thu, 16 Jan 2014 08:23:04 -0800
From: "Eggert, Lars" <lars@netapp.com>
To: Watson Ladd <watsonbladd@gmail.com>
Thread-Topic: [Cfrg] Editing work on github of draft-ladd-safecurves
Thread-Index: AQHPDyTDJDIJMBmf5keQ7V7osdjDrpqHl5+AgABLFYCAACR8AIAADxQA
Date: Thu, 16 Jan 2014 16:23:03 +0000
Message-ID: <63242A6D-E955-443D-A55D-C6CE0020936B@netapp.com>
References: <CACsn0cn+83gSD8NuYk4KTVL_11ydi+WJbDLc5BAj7dBH13HXhw@mail.gmail.com> <45E1421E-4C32-44A1-9315-BFC48E7C0DD3@netapp.com> <52D7DC23.8080506@cisco.com> <CACsn0cn5FFLxKsiiWd7_6Fe1zz5LsB6KPQrvFr0ZkA9shDvf8g@mail.gmail.com>
In-Reply-To: <CACsn0cn5FFLxKsiiWd7_6Fe1zz5LsB6KPQrvFr0ZkA9shDvf8g@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-originating-ip: [10.106.53.51]
Content-Type: multipart/signed; boundary="Apple-Mail=_90CD09D6-00D9-48A1-BEF0-4E3A2BD6C61C"; protocol="application/pgp-signature"; micalg=pgp-sha1
MIME-Version: 1.0
Cc: David McGrew <mcgrew@cisco.com>, "cfrg@irtf.org" <cfrg@irtf.org>
Subject: Re: [Cfrg] Editing work on github of draft-ladd-safecurves
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 16 Jan 2014 16:23:17 -0000

Hi,

On 2014-1-16, at 16:29, Watson Ladd <watsonbladd@gmail.com> wrote:
> The only IPR issue is with patents, and I'm not incorporating new implementation
> methods.

that's great, but not really sufficient.

What matters is that others, who may actually believe that they hold IPR on something in your draft - whether that claim is valid or not (or sensible or not) - are put under an obligation to disclose this belief. That obligation only exists if such contributions are made to the IETF and IRTF. It does not exist when they make private comments to you personally.

The IETF process is carefully designed to bring such IPR claims into the open. That's valuable, and I'd hence recommending following it.

> With regards to copyright, so far it's been typos. I'll ask people to
> agree to license
> their contributions under the terms of BCP whatever it is before
> incorporating anything
> more substantive.

The IETF and IRTF already *have* a process that handles this automatically when such contributions are made on an IETF or IRTF mailing list, see BCP78. Why create more work for everyone involved?

> If your assessment of the draft depends on whether or not I work for the NSA,
> you are making a terrible mistake. At some point there will be a text
> freeze, for
> formal last call consideration. At that point, I hope you pretend
> every single word
> was written by an unholy consortium of everyone who ever wants to subvert
> a standard. Read it like a lawyer reading a deal with the devil.
> That suspicion and its discussion on the list is the best defense
> against mistakes and errors of all kinds.

I fully agree. However, information is lost when you incorporate ideas sent by third parties without being extremely diligent in acknowledging where they came from in the document. If you collect feedback on this list, everyone can follow who made what suggestion while the document is being worked on.

And then at the end, we still apply the "read it like a lawyer reading a deal with the devil"-approach.

Lars