Re: Fourth Last Call: draft-housley-tls-authz-extns
Simon Josefsson <simon@josefsson.org> Thu, 15 January 2009 17:11 UTC
Return-Path: <ietf-bounces@ietf.org>
X-Original-To: ietf-archive@megatron.ietf.org
Delivered-To: ietfarch-ietf-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 2A18628C245; Thu, 15 Jan 2009 09:11:33 -0800 (PST)
X-Original-To: ietf@core3.amsl.com
Delivered-To: ietf@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 12FBB28C245 for <ietf@core3.amsl.com>; Thu, 15 Jan 2009 09:11:32 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.593
X-Spam-Level:
X-Spam-Status: No, score=-2.593 tagged_above=-999 required=5 tests=[AWL=0.006, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xQHMzUiquVTC for <ietf@core3.amsl.com>; Thu, 15 Jan 2009 09:11:31 -0800 (PST)
Received: from yxa-v.extundo.com (yxa-v.extundo.com [83.241.177.39]) by core3.amsl.com (Postfix) with ESMTP id B710A28C22F for <ietf@ietf.org>; Thu, 15 Jan 2009 09:11:29 -0800 (PST)
Received: from c80-216-29-127.bredband.comhem.se ([80.216.29.127] helo=mocca.josefsson.org) by yxa-v.extundo.com with esmtpsa (TLS1.0:DHE_RSA_AES_128_CBC_SHA1:16) (Exim 4.69) (envelope-from <simon@josefsson.org>) id 1LNVkN-0001rY-1D; Thu, 15 Jan 2009 18:11:11 +0100
From: Simon Josefsson <simon@josefsson.org>
To: Russ Housley <housley@vigilsec.com>
Subject: Re: Fourth Last Call: draft-housley-tls-authz-extns
References: <20090114161820.BFA4228C1BB@core3.amsl.com> <20090115013244.GA20394@redoubt.spodhuis.org> <20090115162240.3DEC23A67F1@core3.amsl.com>
OpenPGP: id=B565716F; url=http://josefsson.org/key.txt
X-Hashcash: 1:22:090115:housley@vigilsec.com::kEdU5jUgqSv/u2kR:2Rlm
X-Hashcash: 1:22:090115:ietf@ietf.org::ju3W/rW+KCSHnD6K:2kxN
X-Hashcash: 1:22:090115:ietf-spodhuis@spodhuis.org::toLwBzemZ4DAT1zm:Ftzj
Date: Thu, 15 Jan 2009 18:11:09 +0100
In-Reply-To: <20090115162240.3DEC23A67F1@core3.amsl.com> (Russ Housley's message of "Thu, 15 Jan 2009 11:05:05 -0500")
Message-ID: <87d4eofqaa.fsf@mocca.josefsson.org>
User-Agent: Gnus/5.110011 (No Gnus v0.11) Emacs/23.0.60 (gnu/linux)
MIME-Version: 1.0
Cc: ietf@ietf.org
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: ietf-bounces@ietf.org
Errors-To: ietf-bounces@ietf.org
Russ Housley <housley@vigilsec.com> writes: > Phil: > >>For the people who want this draft published (and perhaps have a pending >>implementation), would you please humour me by offering some usage >>scenarios, other than debugging or toys, which would meet security >>review and which are not covered by the four points which the >>patent-holder notes as potentially encumbered? > > I'll offer one based on attribute certificates (see RFC 3281). If the > attribute certificate policy does not use a critical certificate > policy identifier that is within an arc registered to RedPhone > Security (e.g. iso.org.dod.internet.private.enterprise.23106), then > the most straightforward deployments would not encounter problems with > this IPR Statement. RFC 3281 specifies ways to carry access > identities, group memberships, roles, and clearances in attribute > certificates. As long as these are not coupled to signed agreements > such as contracts, as is their normal use, then I cannot see problems > with this IPR statement. What's the point of a certificate if you don't ultimately couple it with a contract? Identities, group memberships, roles, and clearances are all attributes defined by non-technical, real-world agreements, often documented in the form of a contract. /Simon _______________________________________________ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
- Re: Fourth Last Call: draft-housley-tls-authz-ext… Bernard Aboba
- Re: Fourth Last Call: draft-housley-tls-authz-ext… Russ Housley
- Re: Fourth Last Call: draft-housley-tls-authz-ext… Sam Hartman
- Re: Fourth Last Call: draft-housley-tls-authz-ext… Russ Housley
- Re: Fourth Last Call: draft-housley-tls-authz-ext… Peter Sylvester
- Re: Fourth Last Call: draft-housley-tls-authz-ext… Tim Polk
- Re: Fourth Last Call: draft-housley-tls-authz-ext… Russ Housley
- Re: Fourth Last Call: draft-housley-tls-authz-ext… Sam Hartman
- Re: Fourth Last Call: draft-housley-tls-authz-ext… Phil Pennock
- Re: Fourth Last Call: draft-housley-tls-authz-ext… Russ Housley
- Re: Fourth Last Call: draft-housley-tls-authz-ext… Simon Josefsson
- Re: Fourth Last Call: draft-housley-tls-authz-ext… Peter Sylvester
- Re: Fourth Last Call: draft-housley-tls-authz-ext… Simon Josefsson
- Re: Fourth Last Call: draft-housley-tls-authz-ext… Russ Housley
- Re: Fourth Last Call: draft-housley-tls-authz-ext… Simon Josefsson
- RE: Fourth Last Call: draft-housley-tls-authz-ext… Josh Howlett
- Re: Fourth Last Call: draft-housley-tls-authz-ext… Simon Josefsson
- Re: Fourth Last Call: draft-housley-tls-authz-ext… Sean Foy
- Re: Fourth Last Call: draft-housley-tls-authz-ext… SM
- RE: Fourth Last Call: draft-housley-tls-authz-ext… Bernard Aboba
- Re: Fourth Last Call: draft-housley-tls-authz-ext… Pablo 'merKur' Kohan
- RE: Fourth Last Call: draft-housley-tls-authz-ext… Robert Schott
- Re: Fourth Last Call: draft-housley-tls-authz-ext… Joachim Achtzehnter