Re: [OAUTH-WG] Fw: IPR Disclosure:

This is certainly a good point. Stating whether certain claims are valid 
or not valid is not a good use of our time and may lead to legal 
problems later on.

So, read through the patents and make your own assessment whether this 
IPRs are a concern for you and whether you want anything in the drafts 
to be changed.

On 02/28/2013 11:53 PM, prateek mishra wrote:
> Two points  -
>
> 1) I request that this mailing list NOT be used for any substantive
> discussion of patent claims and so on. This will create difficulties for
> many participants and
> I dont believe is within the charter of this effort.
>
> 2) I would encourage interested parties to review the following
> document, which may be relevant to this discussion
>
> http://www.w3.org/2011/xmlsec-pag/
>
> - prateek
>
>> Hi Oleg,
>>
>> my personal experience with Certicom's IPR disclosures is that they
>> focus on Elliptic Curve Cryptography. There were several IPR
>> disclosures on documents in the JOSE WG and some of them contain ECC
>> algorithms.
>>
>> The JWT does not list an ECC algorithm but the referenced documents do.
>>
>> Having said that the two cited IPRs seem to be:
>> http://www.google.com/patents/US6704870
>> http://www.google.com/patents/US7215773
>>
>> Take a look at it and make your assessment whether there is anything
>> we can change.
>>
>> Ciao
>> Hannes
>>
>>
>> On 02/28/2013 09:21 PM, Oleg Gryb wrote:
>>> Dear OAuth WG and Chairs,
>>>
>>> Can somebody please comment the Certicom's disclosure below? If the
>>> purpose of this disclosure is to inform us that JWT can be potentially a
>>> subject of royalties and other possible legal actions, the value of
>>> adopting JWT in the scope of OAuth 2.0 IETF standard would definitely
>>> diminish and if this is the case shouldn't we consider replacing it with
>>> something similar, but different, which would not be a subject of the
>>> future possible litigation?
>>>
>>> I'm not a lawyer and might not understand the statement below correctly,
>>> so please let me know if/where I'm wrong. Please keep in mind also that
>>> the popularity of JWT is growing fast along with the implementations, so
>>> we need to do something quickly.
>>>
>>> Thanks,
>>> Oleg.
>>>
>>>
>>> --- On *Wed, 2/27/13, IETF Secretariat /<ietf-ipr@ietf.org>/* wrote:
>>>
>>>
>>>     From: IETF Secretariat <ietf-ipr@ietf.org>
>>>     Subject: [OAUTH-WG] IPR Disclosure: Certicom Corporation's Statement
>>>     about IPR related to draft-ietf-oauth-json-web-token-06 (2)
>>>     To: mbj@microsoft.com, ve7jtb@ve7jtb.com, n-sakimura@nri.co.jp
>>>     Cc: derek@ihtfp.com, oauth@ietf.org, ipr-announce@ietf.org
>>>     Date: Wednesday, February 27, 2013, 4:16 PM
>>>
>>>
>>>     Dear Michael Jones, John Bradley, Nat Sakimura:
>>>
>>>     An IPR disclosure that pertains to your Internet-Draft entitled
>>>     "JSON Web Token
>>>     (JWT)" (draft-ietf-oauth-json-web-token) was submitted to the IETF
>>>     Secretariat
>>>     on 2013-02-20 and has been posted on the "IETF Page of Intellectual
>>>     Property
>>>     Rights Disclosures" (https://datatracker.ietf.org/ipr/1968/). The
>>>     title of the
>>>     IPR disclosure is "Certicom Corporation's Statement about IPR
>>>     related to draft-
>>>     ietf-oauth-json-web-token-06 (2)."");
>>>
>>>     The IETF Secretariat
>>>
>>>     _______________________________________________
>>>     OAuth mailing list
>>>     OAuth@ietf.org </mc/compose?to=OAuth@ietf.org>
>>>     https://www.ietf.org/mailman/listinfo/oauth
>>>
>>>
>>>
>>> _______________________________________________
>>> OAuth mailing list
>>> OAuth@ietf.org
>>> https://www.ietf.org/mailman/listinfo/oauth
>>>
>> _______________________________________________
>> OAuth mailing list
>> OAuth@ietf.org
>> https://www.ietf.org/mailman/listinfo/oauth
>

Re: [OAUTH-WG] Fw: IPR Disclosure: - What to Do with JWT ?