Re: [regext] draft-ietf-eppext-keyrelay unreasonably stuck on IPR?

[Antoin Verschuren <ietf@antoin.nl>]

[Personal statement: Chair hat off]

Just so that everyone has the same information regarding the IPR we are discussing, the patent application and it’s EPO process can be found here:
https://register.epo.org/ipfwretrieve?apn=US.201113078643.A&lng=en

The patent application has been officially rejected by the patent office twice now in the past 5 years due to prior art.
This is without me as the original inventor of the secure dns-operator change method submitting any personal prior art that stems back to 2008 when I first thought of the idea during a DNSSEC workshop for operations staff while working for SIDN.
I have discussed this method in an IETF, DNS-OARC, CENTR and ICANN context with fellow IETFers including Verisign staff, and gave presentations about it, which led to the prior art before the first version of draft-koch-dnsop-dnssec-operator-change was published by the IETF in March 2011 and the Verisign patent application a month later.
This and the fact that I’m a co-author of both draft-ietf-eppext-keyrelay and draft-koch-dnsop-dnssec-operator-change is why my co-chair Jim is leading the process on draft-ietf-eppext-keyrelay and I attempt to state no personal opinions in this process or judgement of the opinions of others in this process.

[/Chair hat off]

Like most of you, I am no patent expert or lawyer.
Verisign is following the IETF IPR process as defined by the IETF, and it has every right to do so.
So please don’t blame Verisign or Scott personally.
The Patent office procedures are what they are, and we cannot change them or speed them up either.
Verisign can do the latter, but is not obliged to do so by any IETF rule, only by willingness.

That being said, we as a working group need to decide what we want to do.

I agree with Job that it is unfortunate that the IETF IPR process allows a pending patent application that has no licensing terms yet to stall the IETF process.
If this needs to change, I think we need to discuss this in a broader IETF context, but I think it will be very hard, if it is even possible legally to mandate licensing terms on IPR statements submitted to the IETF.

If we think Verisign has breached the IETF Note Well by patenting solutions after they were discussed during IETF meetings, that discussion also needs a broader IETF context than this working group. This will also mean a long legal battle which few individual IETF participants would be able to afford, and would require broader IETF consulting and guidance from the IESG.


So as a working group, we basically have only 2 options left:
1. We could kindly convince Verisign with arguments that stallment of this IPR claim is negatively impacting Internet security like Job has done, and ask them to withdraw or quickly proceed with their application. In this case, if Verisign is not willing to state licensing terms beforehand, we are still dependent on the Patent office procedures and timelines, and we will just have to wait for that.
2. We could jointly state that we took notice of the IPR claim, and that no matter what the licensing terms or outcome of the application is, we would like to standardize the solution in our Internet draft since it is the only best solution.

I would be hesitant to choose for option 2 on the argument that many believe the application will be rejected by the patent office in the end as there is sufficient prior art, since I am not a Lawyer, nor do I have the funds to pay for one in the small chance the patent office will make the wrong decision in approving the application to get it off their plate.
If we choose for option 2, we need to state why we think the patent application or it’s licensing terms don’t matter to us.

Jim has asked for this before, with little to no response to call consensus to have this draft proceed, so I would like to ask you again to state your opinion on this mailinglist so Jim can summarize them in a response to the IESG.


- --
Antoin Verschuren

Tweevoren 6, 5672 SB Nuenen, NL
M: +31 6 37682392






Op 9 nov. 2016, om 14:41 heeft Job Snijders <job@instituut.net> het volgende geschreven:

> On Wed, Nov 09, 2016 at 12:19:44PM +0000, Hollenbeck, Scott wrote:
>>> Because Verisign still has the option to provide a more detailed
>>> Licensing Declaration ahead of the issuance, covering whatever claims
>>> (if any) will be allowed.
>>> 
>>> Why has Versign choosen not to provide a Licensing Declaration such as
>>> option A ('no license'), B ('Free RAND'), C ('RAND') or E ('NOPE')?
>>> 
>>> In failing to provide clarity to the internet engineering community,
>>> Verisign is arguably obstructing much needed internet security
>>> mechanisms.
>> 
>> In my last note I explained why the decision was made to not update
>> the disclosure: we do not know if the patent will be granted, and we
>> do not know which, if any, of the claims will be allowed. We cannot
>> provide a definitive licensing declaration for something that remains
>> unknown.
> 
> No. Verisign has submitted a patent and is fully aware what the contents
> of that submission are. Verisign is also in a position to decide what
> the licensing will look like depending on the possible outcomes for the
> USPTO process.
> 
> Verisign chooses not to do so, and thus frustrates the process.
> 
> Kind regards,
> 
> Job