Re: [TLS] TLS WG Chair Comments on draft-ietf-tls-authz-07

[Dean Anderson <dean@av8.com>]

Hi, 

I don't think it is true that these TLS-Authz-dependent drafts are not
encumbered. They are merely not specifically mentioned, and I didn't
even know about them until just now.  The patent covers broad categories
of authorizations, and it would seem that any framework for
authorization using TLS-authz, as these documents are, must necessarilly
fall into one of those categories for which a patent license is required
in order to use the TLS-authz drafts.

I think these drafts should wait until TLS-authz succeeds in being
accepted, particularly since it is very unlikely that TLS-authz will
ever be accepted or approved by any process involving community
consensus.  I think the significant opposition that has been 
demonstrated in the third and forth last calls demonstrates that this 
draft will not be approved.  I note that there were even more 
opposition in the forth last call than in the third last call. 

I think the combination of misconduct and patent encumbrance ensures
that a large part of the community will continue to oppose this
standard. Opposition is growing, not fading. The misconduct continues
with the recent destruction (spoliation) of evidence in removing IPR
765. IPR 765 was the first disclosure by Redphone of the patent and
license terms offered by Redphone.  While Alvestrand and the IESG
previously assured the community that IPR disclosures would never be
removed except for 'spam' and 'fiddling with the database', they reneged
on their promises and removed IPR 765 anyway. IPR 765 reflected poorly
on Redphone, and has been used to show their malfeasance. Destroying
such evidence as IPR 765 is legal misconduct.  A complaint was made to
the IESG and the IETF Lawyer Jorge Contreras, but was ignored. Contreras
also hasn't responded to email. The IESG has also recently stated to me
that it not asked for legal advice in complaints involving their
compliance with the law. This is all rather odd, and suggests that they
know that their actions violate the law and violate their duties and are
trying to avoid involving Contreras in unlawful acts.

But, anyway, these dependent documents should also have IPR disclosures
that reference the disclosures in TLS-authz, particularly IPR 765 and
IPR 1026.

			--Dean


On Thu, 12 Feb 2009, Angelos D. Keromytis wrote:

> Alfred,
> neither of the cited KeyNote drafts (nor the KeyNote system itself) is  
> patent-encumbered. However, I admit to not (yet) having paid close  
> attention to the details of the IPR issues around tls-authz-extns  
> itself and their potential impact to tls-authz-keynote.
> 
> I have started draft-keromytis-keynote-x509-01 through the RFC- 
> fication process (currently discussing with a reviewer), since it does  
> not depend on authz (or any other pending work in any WG). I have been  
> waiting for tls-authz-extns to go through the process before I start  
> with draft-keromytis-tls-authz-keynote-01. I invite every interested  
> party to send me comments. You may find it useful to first read RFCs  
> 2704 (at least the first few sections) and 2792.
> Best,
> -Angelos
> 
> 
> On Feb 11, 2009, at 7:02 PM, Alfred HÎnes wrote:
> 
> > At Wed, 11 Feb 2009 16:20:14 -0500 (EST), Dean Anderson  wrote:
> >
> >>                                                      ...  And as
> >> programmer and developer, I will probably have some non-patented
> >> alternatives to present.
> >>
> >>              --Dean
> >
> > Dean,
> > that's really laudable progress, leading back to technical discussion
> > of possible alternative solutions.
> > Please indeed prepare such I-D as soon as feasible.
> >
> >
> > I heartly invite other interested parties as well to submit their
> > proposals to the TLS WG, and I hereby explicitely would like to
> > address those many folks that newly started being interested in
> > IETF work in general and further development and application of
> > TLS in particular.
> >
> > In order to make life easier for all participants,
> > I suggest to start with streamlined draft names like
> > draft-<author>-tlz-authz-<xxx>-00 .
> >
> > The WG should be able to perform an unprejudized discussion
> > of alternative proposals before it comes to determine consensus
> > whether there is enough interest and support to warrant adopting
> > 'TLS Authorization' as a new work item, and if so, which
> > draft(s) to base the WG project on.
> >
> > I personally promise to review sound draft proposals in time
> > before such WG decision (perhaps not initial -00 versions,
> > only enough elaborate refined versions).
> >
> >
> > One immediate question to the group and the respective author:
> >
> > Draft-housley-tls-authz-extns only defines a framework, and
> > according to the past exegesis of the imprecise IPR statements
> > under discussion, only the application of that framework to
> > specific use cases might be encumbered by these claims.
> > However, the recent I-D, draft-keromytis-tls-authz-keynote-01,
> > together with a supporting sibling document,
> > draft-keromytis-keynote-x509-01 (both still rough and lacking
> > important details), defines a concrete instantiation of that
> > framework.
> > In how far is that instantiation encumbered by these IPR claims?
> > Is it burdened with other patent claims?
> >
> >
> > Kind regards,
> >  Alfred HÎnes.
> >
> > -- 
> >
> > +------------------------ 
> > +--------------------------------------------+
> > | TR-Sys Alfred Hoenes   |  Alfred Hoenes   Dipl.-Math., Dipl.- 
> > Phys.  |
> > | Gerlinger Strasse 12   |  Phone: (+49)7156/9635-0, Fax:  
> > -18         |
> > | D-71254  Ditzingen     |  E-Mail:  ah@TR- 
> > Sys.de                     |
> > +------------------------ 
> > +--------------------------------------------+
> >
> >
> 
> 
> 

-- 
Av8 Internet   Prepared to pay a premium for better service?
www.av8.net         faster, more reliable, better service
617 344 9000