RE: Going too far: draft-josefsson-ipr-rules-update-00 and draft- ietf-ipr-rules-update-01
Black_David@emc.com Tue, 01 November 2005 00:08 UTC
Received: from localhost.cnri.reston.va.us ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1EWjhD-0000aC-If; Mon, 31 Oct 2005 19:08:11 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1EWjhA-0000Zm-Is for ipr-wg@megatron.ietf.org; Mon, 31 Oct 2005 19:08:10 -0500
Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id TAA22486 for <ipr-wg@ietf.org>; Mon, 31 Oct 2005 19:07:47 -0500 (EST)
From: Black_David@emc.com
Received: from mailhub.lss.emc.com ([168.159.2.31]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1EWjvR-0007sK-Id for ipr-wg@ietf.org; Mon, 31 Oct 2005 19:22:54 -0500
Received: from mxic2.corp.emc.com (mxic2.corp.emc.com [128.221.12.9]) by mailhub.lss.emc.com (Switch-3.1.6/Switch-3.1.6) with ESMTP id jA107uvO011685; Mon, 31 Oct 2005 19:08:02 -0500 (EST)
Received: by mxic2.corp.emc.com with Internet Mail Service (5.5.2653.19) id <RT6C27Y2>; Mon, 31 Oct 2005 19:07:56 -0500
Message-ID: <F222151D3323874393F83102D614E0557A713C@CORPUSMX20A.corp.emc.com>
To: john-ietf@jck.com
Date: Mon, 31 Oct 2005 19:07:48 -0500
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2653.19)
Content-Type: text/plain
X-PMX-Version: 4.7.1.128075, Antispam-Engine: 2.1.0.0, Antispam-Data: 2005.10.31.30
X-PerlMx-Spam: Gauge=, SPAM=0%, Reasons='EMC_BODY_1+ -5, EMC_FROM_00+ -3, NO_REAL_NAME 0, __C230066_P5 0, __CT 0, __CT_TEXT_PLAIN 0, __HAS_MSGID 0, __HAS_X_MAILER 0, __IMS_MSGID 0, __IMS_MUA 0, __MIME_TEXT_ONLY 0, __MIME_VERSION 0, __SANE_MSGID 0, __STOCK_CRUFT 0'
X-Spam-Score: 0.3 (/)
X-Scan-Signature: bcd240e64c427d3d3617cfc704e7fd7f
Cc: ipr-wg@ietf.org
Subject: RE: Going too far: draft-josefsson-ipr-rules-update-00 and draft- ietf-ipr-rules-update-01
X-BeenThere: ipr-wg@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IPR-WG <ipr-wg.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ipr-wg>, <mailto:ipr-wg-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ipr-wg@ietf.org>
List-Help: <mailto:ipr-wg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ipr-wg>, <mailto:ipr-wg-request@ietf.org?subject=subscribe>
Sender: ipr-wg-bounces@ietf.org
Errors-To: ipr-wg-bounces@ietf.org
John,
> Were the IETF to adopt the position that anything that it posts
> as an I-D or publishes as a standard can be used, in any way,
> with or without modification, and for any purpose --which is
> what you appear to want-- I believe that we would see the range
> of participation decrease. I also believe that would weaken our
> standards as credible interoperability specifications, perhaps
> to the point of uselessness.
I think "gets as an I-D" may be the problem here. Once something
is published as an RFC, that text (IMHO) has essentially no economic
value from a copyright standpoint, and it's in the IETF's interest
to make RFCs widely available. Would it be useful to put or allow
a "sunset clause" on the rights granted to the IETF for an I-D,
so that if the I-D expires, the rights grant expires with it?
More to the point, doesn't the current optional restriction in
Section 5.3 of RFC 3978:
"This document may only be posted in an Internet-Draft."
already accomplish this purpose? When the I-D expires, it ceases
to exist, and hence any rights transferred to the IETF to enable
its posting should likewise cease to exist, right? Jorge?
This can't be used for a standards-track draft, but once a draft
has been designated as standards-track, it seems to me that the
authors (and their employers) should be behaving as if the draft
will become an RFC. In turn, I think Simon's only interested in
RFCs, and primarily standards track RFCs, so I don't see this
as a problem for his goals.
> While the example given in the I-D:
>
> One example of where the IETF might grant such a right
> is the case where another standards development
> organization (SDO) wants to update or extend an IETF
> technology (which would normally be done by the SDO
> sending their requirements to the IETF) but the IETF no
> longer has a working group focused on the particular
> technology and the IETF does not have the interest to
> create a new working group.
>
> seems quite reasonable to me, that need could be captured by
> language authorizing the IETF to permit derivative works to
> facilitate further development of standards directly related to
> IETF work. That should be fairly clear as to intent and would
> make a judgment about "directly related" appealable, if
> necessary. By contrast, authorization for any use other than
> exact excerpts (or translations of them) with attribution seems
> to me something that should come from the author (or not), given
> our current authorship model.
Unfortunately, (IMHO) that won't solve the problem because "directly
related" is too restrictive. I would suggest that for a technology
to be "directly related" to the IETF's work, the technology has to
run over IP or something like MPLS, or at least interoperate with
the IETF protocol.
I have the following unfortunate worked example that may be the
"poster child" for the above proposal:
- A non-IP communication technology needed a security protocol.
- Rather than design their own protocol, the standards body for
that technology wisely decided to reuse and adapt an existing
IETF protocol. This was done with the knowledge and
encouragement of the IETF Security ADs.
- The "best" way to reuse that protocol was to copy large amounts
of text in order to reduce the likelihood of a subtle change
to the protocol courtesy of editorial "cleanup". OTOH, serious
text and protocol changes were needed because the other
technology is not based directly on IP or MPLS, etc. The goal
was to avoid changes in text that did not require changes, but
the result necessarily cannot directly interoperate with the
original IETF protocol.
- The result was large text extracts with significant modifications,
a "derivative work" well beyond "fair use", and hence one for
which copyright permission needed to be obtained.
- Much as the IETF might like to, under both RFC 2026 and RFC 3978,
the IETF does not have sufficient rights to grant the
necessary copyright permission.
- The IETF protocol document had a single author/editor who was
willing to grant any reasonable requested permission, but ...
- That author worked for a company, causing a "work for hire"
issue that required a signature of a corporate officer in
order to grant any permission ...
- Obtaining that signature required involvement of the company's
legal department ...
- That legal department raised a number of legal issues requiring
involvement of the standards body's lawyer. Apparently moving
copyright permissions across standards bodies with different
legal frameworks is a non-trivial legal accomplishment.
- Getting to that accomplishment had the potential to take
*forever* with no predictable outcome.
Despite the good intentions of all involved, it was necessary to
throw in the towel at this juncture. The situation had become
LP-Complete (Legal Process Complete) and there was no confidence
that the lawyers and organizations involved could be managed to
a predictable conclusion in a predictable period of time. Therefore,
the editor for the security standard for this other communication
technology is rewriting significant portions of IETF RFC text
because that's easier to do than managing the lawyers.
This particular situation is final because we cannot change the
rules retroactively, but it would be a good thing for IETF to
figure out how to avoid this in the future. Believe it or not,
going to the IESG to obtain the required permission would be easier
than having the lawyers try to figure it out (I can usually
figure out how to work with engineers) :-(.
FYI,
--David
----------------------------------------------------
David L. Black, Senior Technologist
EMC Corporation, 176 South St., Hopkinton, MA 01748
+1 (508) 293-7953 FAX: +1 (508) 293-7786
black_david@emc.com Mobile: +1 (978) 394-7754
----------------------------------------------------
> -----Original Message-----
> From: ipr-wg-bounces@ietf.org
> [mailto:ipr-wg-bounces@ietf.org] On Behalf Of John C Klensin
> Sent: Monday, October 17, 2005 1:30 PM
> To: Simon Josefsson
> Cc: brc@zurich.ibm.com; Scott Bradner; ipr-wg@ietf.org
> Subject: Going too far: draft-josefsson-ipr-rules-update-00
> and draft-ietf-ipr-rules-update-01
>
> I've been trying to stay out of this discussion -- there are
> only so many hours in the day. However...
>
> I've spent too much of my life trying to convince companies who
> are very sensitive about their internal thinking about designs,
> and IPR more generally, to participate in standards activities.
> I know it is more extreme than anything you have said, but
> certainly one might say that they, and their attitudes that they
> can keep things proprietary, are wrongheaded and hence they
> don't deserve to participate in standards activities. However,
> standards become useless if not broadly adopted, and telling a
> significant number of materially-concerned organizations to kiss
> off is as, or more, likely to make standards useless as it is
> to, e.g., promote open source.
>
> It is often the case that agreement can be reached for a company
> to contribute to standards efforts --and to permit their staff/
> employees to participate-- if the release of rights is held to
> the minimum level possible consistent with getting standards
> produced. Many companies would prefer to participate in
> standards efforts only if they release IPR exclusively on a
> basis of "if, and only if, this is adopted as part of the
> standard, then we will release it, or even guarantee to license
> it --if it is not adopted, we will reclaim all rights, including
> trade secret claims to the extent possible". The IETF does not
> permit that, but some standards bodies and consortia do.
>
> Were the IETF to adopt the position that anything that it posts
> as an I-D or publishes as a standard can be used, in any way,
> with or without modification, and for any purpose --which is
> what you appear to want-- I believe that we would see the range
> of participation decrease. I also believe that would weaken our
> standards as credible interoperability specifications, perhaps
> to the point of uselessness.
>
> We need to find a balance between maximizing participation in
> the standards process and use of the standards, exactly as they
> are specified and written, and other goals and ancillary
> purposes. I think your proposal is somewhat over the line.
> Indeed, I suspect that the additional provisions of
> draft-ietf-ipr-rules-update-01.txt which gives the IETF, rather
> than the author, the ability to control derivative works outside
> the IETF standards process goes too far. I think that, if the
> IETF is given any additional rights to authorize uses outside
> its standards process, those actions need to be narrowly
> constrained to be in support of the standards process.
>
> While the example given in the I-D:
>
> One example of where the IETF might grant such a right
> is the case where another standards development
> organization (SDO) wants to update or extend an IETF
> technology (which would normally be done by the SDO
> sending their requirements to the IETF) but the IETF no
> longer has a working group focused on the particular
> technology and the IETF does not have the interest to
> create a new working group.
>
> seems quite reasonable to me, that need could be captured by
> language authorizing the IETF to permit derivative works to
> facilitate further development of standards directly related to
> IETF work. That should be fairly clear as to intent and would
> make a judgment about "directly related" appealable, if
> necessary. By contrast, authorization for any use other than
> exact excerpts (or translations of them) with attribution seems
> to me something that should come from the author (or not), given
> our current authorship model.
>
> An alternative model, which the IETF and its predecessors have
> never used, is actually used by several other standards bodies.
> That approach requires explicit release of any copyright or
> other rights in anything that might go into a document so that
> the documents themselves do not, formally, have authors other
> than the standards bodies and all participation in creating them
> is treated as a work for hire. For a whole series of reasons,
> I don't think we want to go there, but I don't want to slide
> down the slippery slope in that direction either.
>
> I also note that managing rights to derivative works that are
> not directly standards-related has costs in both volunteer and
> staff time. The notion of decisions on a case-by-case basis
> probably implies (the draft is not clear) IESG or IAOC (better,
> but not much) time to review those cases, potentially blocking
> other work. I am not enthused about having the IETF (or IASA)
> incur those costs or workflow delays. Perhaps it would be
> reasonable to _permit_ authors to voluntarily transfer the
> responsibility for authorizing such derivatives to the IETF,
> but, if so, I'd expect IASA to establish a fee structure for
> those who request such permission: the costs should not be
> passed on to the standards-producing community.
>
> john
>
>
> _______________________________________________
> Ipr-wg mailing list
> Ipr-wg@ietf.org
> https://www1.ietf.org/mailman/listinfo/ipr-wg
>
_______________________________________________
Ipr-wg mailing list
Ipr-wg@ietf.org
https://www1.ietf.org/mailman/listinfo/ipr-wg
- RE: Going too far: draft-josefsson-ipr-rules-upda… Black_David
- RE: Going too far: draft-josefsson-ipr-rules-upda… John C Klensin
- Re: Going too far: draft-josefsson-ipr-rules-upda… Simon Josefsson
- Re: Going too far: draft-josefsson-ipr-rules-upda… Brian E Carpenter
- Re: Going too far: draft-josefsson-ipr-rules-upda… John C Klensin
- Re: Going too far: draft-josefsson-ipr-rules-upda… Brian E Carpenter