IETF Logo Mail Archive

Re: [TLS] Last Call: draft-ietf-tls-extractor (Keying Material Exportersfor Transport Layer Security (TLS)) to Proposed Standard

"Joseph Salowey (jsalowey)" <jsalowey@cisco.com> Wed, 22 July 2009 22:39 UTC

Return-Path: <jsalowey@cisco.com>
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3D8493A6AB0; Wed, 22 Jul 2009 15:39:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.458
X-Spam-Level:
X-Spam-Status: No, score=-6.458 tagged_above=-999 required=5 tests=[AWL=0.141, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id G1OLR+qWnOgV; Wed, 22 Jul 2009 15:39:36 -0700 (PDT)
Received: from sj-iport-2.cisco.com (sj-iport-2.cisco.com [171.71.176.71]) by core3.amsl.com (Postfix) with ESMTP id 6C4D33A68A5; Wed, 22 Jul 2009 15:38:32 -0700 (PDT)
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: ApoEANIvZ0qrR7PD/2dsb2JhbAC5IoglNAmQRwWCTYFBgUQ
X-IronPort-AV: E=Sophos;i="4.43,248,1246838400"; d="scan'208";a="188766945"
Received: from sj-dkim-3.cisco.com ([171.71.179.195]) by sj-iport-2.cisco.com with ESMTP; 22 Jul 2009 22:31:02 +0000
Received: from sj-core-2.cisco.com (sj-core-2.cisco.com [171.71.177.254]) by sj-dkim-3.cisco.com (8.12.11/8.12.11) with ESMTP id n6MMV2FN020244; Wed, 22 Jul 2009 15:31:02 -0700
Received: from xbh-sjc-221.amer.cisco.com (xbh-sjc-221.cisco.com [128.107.191.63]) by sj-core-2.cisco.com (8.13.8/8.14.3) with ESMTP id n6MMV2Pv019987; Wed, 22 Jul 2009 22:31:02 GMT
Received: from xmb-sjc-225.amer.cisco.com ([128.107.191.38]) by xbh-sjc-221.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.3959); Wed, 22 Jul 2009 15:31:02 -0700
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: quoted-printable
Date: Wed, 22 Jul 2009 15:31:01 -0700
Message-ID: <AC1CFD94F59A264488DC2BEC3E890DE50867B79A@xmb-sjc-225.amer.cisco.com>
In-Reply-To: <Pine.LNX.4.44.0907221728450.6325-100000@citation2.av8.net>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [TLS] Last Call: draft-ietf-tls-extractor (Keying Material Exportersfor Transport Layer Security (TLS)) to Proposed Standard
Thread-Index: AcoLF422lXo1BnRWRsC/KsmTF1T41gAAYnyA
References: <AC1CFD94F59A264488DC2BEC3E890DE50867B6F2@xmb-sjc-225.amer.cisco.com> <Pine.LNX.4.44.0907221728450.6325-100000@citation2.av8.net>
From: "Joseph Salowey (jsalowey)" <jsalowey@cisco.com>
To: Dean Anderson <dean@av8.com>
X-OriginalArrivalTime: 22 Jul 2009 22:31:02.0551 (UTC) FILETIME=[18246A70:01CA0B1C]
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; l=5938; t=1248301862; x=1249165862; c=relaxed/simple; s=sjdkim3002; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=jsalowey@cisco.com; z=From:=20=22Joseph=20Salowey=20(jsalowey)=22=20<jsalowey@ci sco.com> |Subject:=20RE=3A=20[TLS]=20Last=20Call=3A=20draft-ietf-tls -extractor=20(Keying=20Material=20Exportersfor=20Transport=2 0Layer=20Security=20(TLS))=20to=20Proposed=20Standard |Sender:=20; bh=owtRFOrU30l7NRlCpt41DxDFoSMGXZ86TAiERWhFODg=; b=m8E1lBHw0eDU5uBfvzBJ4SG+WoG5COI/56bH26Rl3AQ+q/eT6zOC3JSmLk 31SLkA8Kl6Zqxr7s68LgVa/weWeIgSfffjkKZTuq2hxuS8gplgW+sPEAjm4r h7lZJ2kUnu;
Authentication-Results: sj-dkim-3; header.From=jsalowey@cisco.com; dkim=pass ( sig from cisco.com/sjdkim3002 verified; );
Cc: Simon Josefsson <simon@josefsson.org>, ietf-honest@lists.iadl.org, ietf@ietf.org, tls@ietf.org
Subject: Re: [TLS] Last Call: draft-ietf-tls-extractor (Keying Material Exportersfor Transport Layer Security (TLS)) to Proposed Standard
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Jul 2009 22:39:37 -0000

I agree with Simon that the IETF's disclosure page could use some work,
it seems rather confusing and it is not consistently filled out.

Comments inline below:   

> If your interpretation were correct, then we would have to 
> say that Certicom is not claiming IPR on _any_ IETF 
> document---draft or RFC---since none are listed in Section V. 
> But I think that is obviously incorrect---I think you have 
> misinterpreted what should be in which section.
>

[Joe] Are we both looking at https://datatracker.ietf.org/ipr/1154/?  In
section V I see several documents listed:

"RFC 3278, RFC 4109, RFC 4492, RFC 4753, RFC 4754, RFC 4869, RFC 5008,
RFC 5289, draft-rescorla-tls-suiteb-12, draft-green-secsh-ecc-07,
draft-igoe-secsh-suiteb-00, draft-ietf-smime-3278bis-07,
draft-ietf-smime-sha2-11"

> Section titles and descriptions: 
> 
>  Section IV. IETF Document or Other Contribution to Which 
> this IPR  Disclosure Relates: 
> 
>  Section V. Disclosure of Patent Information (i.e., patents 
> or patent  applications required to be disclosed by Section 6 
> of RFC 3979)
> 
> Section IV lists the drafts and RFCs.  Section V lists the patents.  
> One would not expect to find a draft or RFC listed in Section 
> V, nor a patent listed in Section IV.
> 
> Extractor and other documents are listed in section IV. 
> 

[Joe] Section V also has a sub-section C, which allows you to specify
what parts of IETF documents are covered by the patent information
disclosed in section V.  This section lists several documents which is a
subset of what is mentioned in section IV.  This seems straight forward
to me.  

Joe
> 		--Dean
> 
> On Wed, 22 Jul 2009, Joseph Salowey (jsalowey) wrote:
> 
> > While I see that draft-ietf-tls-extractor is listed in section IV of
> > #1154 IPR disclosure as related material,  I see that it is 
> explicitly 
> > not listed in section V part C which lists what is specifically 
> > covered by the disclosure.  I don't think Certicom is 
> claiming IPR on 
> > draft-ietf-tls-extractor because it is not among the list 
> of documents
> > in section V.   
> > 
> > Joe
> > 
> > > -----Original Message-----
> > > From: ietf-bounces@ietf.org 
> [mailto:ietf-bounces@ietf.org] On Behalf 
> > > Of Simon Josefsson
> > > Sent: Wednesday, July 22, 2009 12:32 PM
> > > To: ietf@ietf.org; tls@ietf.org
> > > Subject: Re: Last Call: draft-ietf-tls-extractor (Keying Material 
> > > Exportersfor Transport Layer Security (TLS)) to Proposed Standard
> > > 
> > > With the caveat that I have recently returned from vacation, and 
> > > consequently may have missed some clarifications or paged out some
> > > context:
> > > 
> > > If the #1154 IPR disclosure is the final word from 
> Certicom on this 
> > > document, I don't support advancing this document on the 
> standards 
> > > track.  My concern remains that Certicom claims they have 
> IPR that 
> > > covers the document -- that is what the
> > > #1154 disclosure says (section IV).  The additional information 
> > > provided in the PDF is not helping: it grants a license for use 
> > > together with ECC.  It doesn't say anything about the use without 
> > > ECC.
> > > 
> > > The way I see it, TLS implementers and the broader 
> Internet does not 
> > > gain something significant by having this document 
> published.  Other 
> > > IETF documents can use the TLS PRF to derive keying material.  On 
> > > the contrary, it seems both TLS implementers and the broader 
> > > Internet community would be hurt by publishing the document since 
> > > having patent threats looming over widely used techniques has 
> > > stability and interoperability impacts.
> > > 
> > > I recall that Certicom was positive about clarifying their 
> > > intentions so maybe we can continue that discussion and get 
> > > something more useful than the recent disclosure.
> > > 
> > > Speaking as TLS implementer of the document and document 
> [1] author 
> > > that reference this document, /Simon
> > > 
> > > [1]
> > > 
> http://tools.ietf.org/html/draft-josefsson-krb5starttls-bootstrap-02
> > > 
> > > The IESG <iesg-secretary@ietf.org> writes:
> > > 
> > > > The IESG has received a request from the Transport 
> Layer Security 
> > > > WG
> > > > (tls) to consider the following document:
> > > >
> > > > - 'Keying Material Exporters for Transport Layer 
> Security (TLS) '
> > > >    <draft-ietf-tls-extractor-06.txt> as a Proposed Standard
> > > >
> > > > The IESG plans to make a decision in the next few weeks,
> > > and solicits
> > > > final comments on this action.  Please send substantive 
> comments 
> > > > to the ietf@ietf.org mailing lists by 2009-08-10.
> > > Exceptionally, comments
> > > > may be sent to iesg@ietf.org instead. In either case, please 
> > > > retain the beginning of the Subject line to allow 
> automated sorting.
> > > >
> > > > The file can be obtained via
> > > > 
> http://www.ietf.org/internet-drafts/draft-ietf-tls-extractor-06.tx
> > > > t
> > > >
> > > >
> > > > IESG discussion can be tracked via
> > > > 
> > > 
> https://datatracker.ietf.org/public/pidtracker.cgi?command=view_id&d
> > > Ta
> > > > g=16821&rfc_flag=0
> > > _______________________________________________
> > > Ietf mailing list
> > > Ietf@ietf.org
> > > https://www.ietf.org/mailman/listinfo/ietf
> > > 
> > _______________________________________________
> > TLS mailing list
> > TLS@ietf.org
> > https://www.ietf.org/mailman/listinfo/tls
> > 
> > 
> 
> -- 
> Av8 Internet   Prepared to pay a premium for better service?
> www.av8.net         faster, more reliable, better service
> 617 344 9000   
> 
> 
> 
>

v2.23.0 | Report a Bug | By Email