Return-Path: X-Original-To: ietf@core3.amsl.com Delivered-To: ietf@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 55CAF28C0CF for ; Wed, 11 Feb 2009 07:14:16 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.988 X-Spam-Level: X-Spam-Status: No, score=-1.988 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, HELO_MISMATCH_NET=0.611] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9aysATQfHndS for ; Wed, 11 Feb 2009 07:14:15 -0800 (PST) Received: from smtp.lon.dcn.colt.net (smtp.lon.server.COLT.NET [212.74.77.49]) by core3.amsl.com (Postfix) with ESMTP id 3B9313A69B5 for ; Wed, 11 Feb 2009 07:14:15 -0800 (PST) Received: from [194.45.79.6] (quo.fra.ws.colt.net [212.74.79.242]) by smtp.lon.dcn.colt.net (Postfix) with ESMTP id 2F9DA358A1; Wed, 11 Feb 2009 16:14:17 +0100 (CET) From: Ralf Weber To: ietf@ietf.org In-Reply-To: <20090211131613.GE29220@mini-me.lan> Subject: Re: draft-housley-tls-authz-extns-07.txt to Proposed Standard References: <73E1DD05-C75B-47F5-92C5-21780818C0F7@colt.net> <20090211131613.GE29220@mini-me.lan> Message-Id: <1F36D2E0-49C1-4237-AF34-38C9C4CFAE0C@colt.net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed; delsp=yes Content-Transfer-Encoding: quoted-printable Mime-Version: 1.0 (Apple Message framework v930.3) Date: Wed, 11 Feb 2009 16:14:16 +0100 X-Mailer: Apple Mail (2.930.3) Cc: Theodore Tso X-BeenThere: ietf@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: IETF-Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 Feb 2009 15:14:16 -0000 Moin! On 11.02.2009, at 14:16, Theodore Tso wrote: > No, actually. Point 3 is very tightly constrained to certain types of > Agreements, where Agreements is defined in point 2. Point 4 is about > countersigning authorizations, presumably with the intention of > forwawrding them to a 3rd party. There is plenty of prior art for > point 4 all by itself (Kerberos V5, for one, and it was certainly not > the first system to do that). So your statement is that the patent claim is invalid, because of =20 prior art? If so we are not 100% sure unless someone questions the =20 patent claim in court - Volunteers ;-). > There are plenty of ways in which authorization data could be passed > via TLS that would clearly not violate RedPhone Security's claimed > patent claims. There is over 30 years of prior art involving > cryptographically sealed authorization data that could be passed via > this protocol extension. I think the difference is that the authorization is exchanged as part =20= of the setup rather then over the established channel, but as Sam =20 Hartmann pointed out there may be other use cases for these protocol =20 extensions so I think the best way to advance with the document would =20= be to run it again in the TLS working group. So long -Ralf --- Ralf Weber Platform Infrastructure Manager Colt Telecom GmbH Herriotstrasse 4 60528 Frankfurt Germany DDI: +49 (0)69 56606 2780 Internal OneDial: 8 491 2780 Fax: +49 (0)69 56606 6280 Email: rw@colt.net http://www.colt.net/ Data | Voice | Managed Services Sch=FCtze Deine Umwelt | Erst denken, dann drucken ***************************************** COLT Telecom GmbH, Herriotstra=DFe 4, 60528 Frankfurt/Main, Deutschland =20= * Tel +49 (0)69 56606 0 * Fax +49 (0)69 56606 2222 * Gesch=E4ftsf=FChrer: Dr. J=FCrgen Hernichel (Vors.), Rita Thies * =20 Amtsgericht Frankfurt/Main HRB 46123 * USt.-IdNr. DE 197 498 400