How IETF treats contributors

Hadmut Danisch <> Mon, 30 August 2004 09:11 UTC

Received: from ( []) by (8.9.1a/8.9.1a) with ESMTP id FAA03862; Mon, 30 Aug 2004 05:11:57 -0400 (EDT)
Received: from ([]) by with esmtp (Exim 4.33) id 1C1iEV-0006bv-Vp; Mon, 30 Aug 2004 05:13:48 -0400
Received: from localhost.localdomain ([] by with esmtp (Exim 4.32) id 1C1iAm-0004z4-MT; Mon, 30 Aug 2004 05:09:56 -0400
Received: from ([] by with esmtp (Exim 4.32) id 1C1i7V-0004gZ-10 for; Mon, 30 Aug 2004 05:06:33 -0400
Received: from ( []) by (8.9.1a/8.9.1a) with ESMTP id FAA03513 for <>; Mon, 30 Aug 2004 05:06:30 -0400 (EDT)
Received: from ([]) by with esmtp (Exim 4.33) id 1C1i9E-0006Tl-OC for; Mon, 30 Aug 2004 05:08:21 -0400
Received: (from hadmut@localhost) by (8.12.10/8.12.10/Debian-1) id i7U96SQk023999; Mon, 30 Aug 2004 11:06:28 +0200
From: Hadmut Danisch <>
Date: Mon, 30 Aug 2004 11:06:28 +0200
Message-ID: <>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
User-Agent: Mutt/1.5.6i
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 3002fc2e661cd7f114cb6bae92fe88f1
Subject: How IETF treats contributors
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IETF-Discussion <>
List-Unsubscribe: <>, <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-Spam-Score: 0.0 (/)
X-Scan-Signature: f66b12316365a3fe519e75911daf28a8


If I understood the IETF correctly, it is an organization based 
on the work of volunteers and their contributions. Correct me, if 
I'm wrong.

I'd like to question the way IETF treats it's contributors.

Some time ago I've written a proposal about how to prevent 
forged e-mails in order to fight spam and published it as an 
I-D (RMX). This was also the first posting ever to the IRTF's 
ASRG mailing list and subject of discussion for months. 

Within this discussion another proposal (SPF) was raised, 
explicitely introduced as based on RMX and intended to cover it. 
Some time later, Microsoft published it's CallerID proposal, again 
influenced by RMX. 

The IETF founded the MARID working group which solely focussed on 
those mailer authorization records in DNS (MARID is exactly that

MARID produced a new proposal called SenderID, which was introduced
as a melt of SPF and CallerID. Actually, some properties
characteristic for CallerID and newer versions of SPF have been
omitted, thus the SenderID core draft does not significantly
differ from RMX and the results of discussions about RMX. SenderID 
is mostly taken from RMX.

Is that bad? No. Contributing to IETF means feeding for derivative
work. Developing network protocols means necessarily cooperation and 
evolution, and that's impossible without derivative work. After all,
why should someone submit an I-D, if not to get other people's
comments and to invite other's for derivative work. If someone
derivates his work from your's, then this is a validation that your 
work was usable and interesting, and that someone actually read your 
paper. So there's nothing wrong about derivative work per se, and
that's an essential part of the way, the IETF works (at least in my
eyes, correct me if I'm wrong).

But in my opinion, the least a contributor can expect is that
derivative work based on his contribution does acknowledge and cite 
the contribution correctly and does not pass the contribution as
someone else's work. Correct me if I'm wrong.

The SenderID core draft does not cite RMX adequatly.
I have asked the MARID and ASRG chairs that RMX is cited correctly 
when turning the SenderID draft into an RFC. They denied. It's a
commercial Microsoft and Pobox show.

While on one hand the chairs do more or less acknowledge or at least
not deny, that SenderID is based on and close to RMX, they do on the
other hand refuse to cite RMX properly. As a reason they give, that
IETF is under US law, and under US law the copyright protects only
against literal plagiarisms, i.e. cut-and-paste, but not against
paraphrased derivatives. Since I had therefore no legal copyright
claims against SenderID, I will not be cited, as I was told.

I am not that experienced with US laws yet, but I can hardly imagine
that this is correct. If this was correct, I could easily republish any
book under my name just by paraphrasing it's contents. I bet I'd be in
trouble if I tried to do so. 

But forget legal issues for a moment, these are to be discussed
elsewhere. I'd like to ask you for your personal opinion, not your 
legal knowledge or appraisal:

Is that the way IETF treats it's contributors? 
Is that considered as fair and honest?

Hadmut Danisch


Ietf mailing list