IETF Logo Mail Archive

Re: [TLS] Last Call: draft-ietf-tls-extractor (Keying Material Exporters for Transport Layer Security (TLS)) to Proposed Standard

Erick O <ericko0@yahoo.com> Fri, 18 September 2009 14:47 UTC

Return-Path: <ericko0@yahoo.com>
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id F2D1528C1EA for <tls@core3.amsl.com>; Fri, 18 Sep 2009 07:47:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.542
X-Spam-Level:
X-Spam-Status: No, score=-2.542 tagged_above=-999 required=5 tests=[AWL=0.056, BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WA9WwWi2Y4DQ for <tls@core3.amsl.com>; Fri, 18 Sep 2009 07:47:10 -0700 (PDT)
Received: from web45506.mail.sp1.yahoo.com (web45506.mail.sp1.yahoo.com [68.180.197.98]) by core3.amsl.com (Postfix) with SMTP id 677143A6AD2 for <tls@ietf.org>; Fri, 18 Sep 2009 07:47:10 -0700 (PDT)
Received: (qmail 87870 invoked by uid 60001); 18 Sep 2009 14:48:05 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1253285284; bh=1uSbJRBfzOda8z+Wj/RTUZTkjusRaUsrKjn0e2bymGQ=; h=Message-ID:X-YMail-OSG:Received:X-Mailer:References:Date:From:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type; b=Tph+BA0FExvaSoT78SeajmkJk8AO3lQYTt4LN0ngdWG3n97iQ6TmFc4oaebAh6KJPOXzpe61H7Jr8ODWV/Y3fGdujOQ5oPAOgPL40WAe8vaHOHUPqqi28UAG4z/qlMWD8kNSfUid2siK0+air5p+0nkwjvyzFNtprqvM2z4DA7s=
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Message-ID:X-YMail-OSG:Received:X-Mailer:References:Date:From:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type; b=ylFbat7JBeHE5k1Dll2RAD9pXqO2s+YuGPH6z1lEfI31lX5WXvi2IqGQD/hYKjX3YVuAhUVegUY69uH6rRqEzwH//2DSHHXLaL/Og5gu0DtOJnd6BywZUPmA2XEGh7RiwjiEb+ltAMqj/ZfdxCv3XPEohRFZDo/p7rCEAY0ZafQ=;
Message-ID: <964455.86466.qm@web45506.mail.sp1.yahoo.com>
X-YMail-OSG: ydk7xSkVM1k2C3sm5.mdXdCa.uPYc7vGR.Bv1cHHU08kNAO5zDiT2MrH
Received: from [68.106.217.192] by web45506.mail.sp1.yahoo.com via HTTP; Fri, 18 Sep 2009 07:48:04 PDT
X-Mailer: YahooMailRC/157.18 YahooMailWebService/0.7.347.2
References: <Pine.LNX.4.44.0907201436360.16218-100000@citation2.av8.net> <026364d64021d6cef8b930cf16df1221.squirrel@www.trepanning.net> <c331d99a0907210748o1c342a7at1cbd34b587da304c@mail.gmail.com>
Date: Fri, 18 Sep 2009 07:48:04 -0700
From: Erick O <ericko0@yahoo.com>
To: Nikos Mavrogiannopoulos <nmav@gnutls.org>, Dan Harkins <dharkins@lounge.org>
In-Reply-To: <c331d99a0907210748o1c342a7at1cbd34b587da304c@mail.gmail.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="0-312350525-1253285284=:86466"
Cc: tls@ietf.org, rms@gnu.org, ietf@ietf.org
Subject: Re: [TLS] Last Call: draft-ietf-tls-extractor (Keying Material Exporters for Transport Layer Security (TLS)) to Proposed Standard
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Sep 2009 14:47:12 -0000





________________________________
From: Nikos Mavrogiannopoulos <nmav@gnutls.org>
To: Dan Harkins <dharkins@lounge.org>
Cc: tls@ietf.org; ietf@ietf.org; rms@gnu.org
Sent: Tuesday, July 21, 2009 7:48:53 AM
Subject: Re: [TLS] Last Call: draft-ietf-tls-extractor (Keying Material Exporters for Transport Layer Security (TLS)) to Proposed Standard

I'd propose to add this text to the standard:
This protocol MUST NOT be used with RFC4492, RFC5289 and
draft-rescorla-tls-suiteb.

That way the certicom's patents are not applicable.

On Mon, Jul 20, 2009 at 11:24 PM, Dan Harkins<dharkins@lounge.org> wrote:
>
>  Certicom's IPR statement dated 13 October 2008 lists some patents
> that "may be necessary and essential to implementations of..." the
> TLS extractor draft "when used with either: " RFC4492, RFC5289
> or draft-rescorla-tls-suiteb. Check it out:
>
> http://www.certicom.com/images/pdfs/certicom%20-ipr-contribution-to-ietfsept08.pdf
>
>  Don't use it with RFC4492, RFC5289 or draft-rescorla-tls-suiteb and
> then the IPR statement does not apply. If it's possible to use the TLS
> extractor draft in a way that the IPR statement doesn't apply then I
> don't think you can say "the TLS Extractor draft is patent-encumbered".
>
>  I support free software* and I have no problem with this draft being
> advanced as a Proposed Standard.
>
>  regards,
>
>  Dan.
>
> * http://www.lounge.org/siv_for_openssl.tgz is a free version of RFC5297
>  for OpenSSL, and check out the "authsae" project on Source Forge.
>
> On Mon, July 20, 2009 12:15 pm, Dean Anderson wrote:
>> I am against this standard because of its patent encumbrances and
>> non-free licencing terms.  The working group did not get any clear
>> answers on what particular patents this draft may infringe, but a patent
>> holder (Certicom) did assert an IPR disclosure (1004) listing many
>> patents.  We have no alternative but to accept the Certicom disclosure
>> statements as meaning that the TLS Extractor draft is patent-encumbered
>> without a universal, free defensive license.
>>
>> The statement by https://datatrackerietf.org/ipr/1004/ referring to
>> http://www.certicom.com/images/pdfs/certicom%20-ipr-contribution-to-ietfsept08.pdf
>> which states:
>>
>>   "Certicom will, upon request, provide a nonexclusive, royalty free
>> patent license, to manufacturers to permit end users (including both
>> client and server sides), to use the patents in schedule A when
>> implementing any of these protocols, including those requiring third
>> party certificates provided the certificate is obtained from a licensed
>> Certificate Authority (CA). This license does not cover the issuing of
>> certificates by a Certification Authority (CA)."
>>
>> That is not a free license, since Certicom must respond to the "request"
>> before any license is granted. After the IETF finally approves the
>> necessary standards, Certicom is free to stop approving the requests.
>>
>> I ask others who support free software to join me in opposing this
>> document by sending a message stating opposition to the IETF@IETF.ORG
>> mailing list.  IETF participation is open to the public, and anyone may
>> voice their view on IETF standards.  It is also substantive to oppose a
>> document because of its patent status, and in fact, any topic that is
>> considered during or related to the IETF process is substantive.
>>
>>               --Dean
>>
>>
>> On Mon, 20 Jul 2009, The IESG wrote:
>>
>>> The IESG has received a request from the Transport Layer Security WG
>>> (tls) to consider the following document:
>>>
>>> - 'Keying Material Exporters for Transport Layer Security (TLS) '
>>>    <draft-ietf-tls-extractor-06.txt> as a Proposed Standard
>>>
>>> The IESG plans to make a decision in the next few weeks, and solicits
>>> final comments on this action.  Please send substantive comments to the
>>> ietf@ietf.org mailing lists by 2009-08-10. Exceptionally,
>>> comments may be sent to iesg@ietf.org instead. In either case, please
>>> retain the beginning of the Subject line to allow automated sorting.
>>>
>>> The file can be obtained via
>>> http://www.ietf.org/internet-drafts/draft-ietf-tls-extractor-06.txt
>>>
>>>
>>> IESG discussion can be tracked via
>>> https://datatracker.ietf.org/public/pidtracker.cgi?command=view_id&dTag=16821&rfc_flag=0
>>>
>>> _______________________________________________
>>> TLS mailing list
>>> TLS@ietf.org
>>> https://www.ietf.org/mailman/listinfo/tls
>>>
>>>
>>
>> --
>> Av8 Internet   Prepared to pay a premium for better service?
>> www.av8.net         faster, more reliable, better service
>> 617 344 9000
>>
>>
>>
>>
>>
>>
>>
>> _______________________________________________
>> TLS mailing list
>> TLS@ietf.org
>> https://www.ietf.org/mailman/listinfo/tls
>>
>
>
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls
>
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls

v2.23.0 | Report a Bug | By Email