At 12:28 PM -0500 2/11/09, John Sullivan wrote:
The Free Software Foundation and the GNU Project oppose publication
of "Transport Layer Security (TLS) Authorization Extensions"
(draft-housley-tls-authz-extns) as a proposed standard. We do not
think that RedPhone Security's 1026 disclosure filing provides
sufficient assurance to free software users that they will not be
considered in violation of RedPhone's patent.
Serious question: what about every other protocol for which there are IPR
claims in the IETF IPR repository? I suspect that most of those IPR statements
do not give sufficient assurance to free software users that they will not be
considered in violation of various patents.
That is, you have made a call to action on one particular document: what about
the rest of the ones that have IPR claimed on them?
In response to a previous RedPhone patent disclosure, GnuTLS removed
its support for these authorization extensions. The updated
Licensing Declaration does not provide assurance sufficient for
GnuTLS to restore this support, and the same unfortunately holds
true for any other software maintained by the GNU Project.
Maybe that will lead you to think that you should just not implement the
authorization extensions. Why does the standards status of the eventual RFC
affect your implementation decisions? This is an age-old rathole^Wdebate in the
IETF, but one that most participants have answered for themselves.
We know that the IETF and IESG largely share our view that
patent-encumbered standards are unacceptable.
Then "know" is too strong a word, given that you are most likely wrong.
On a broader note, we'd like to suggest that the IETF consider the
impact of of patents and copyrights on proposed standards
specifically and separately, instead of under the umbrella of IPR or
This sounds like you are suggesting that we spend much more time on our process
to satisfy people who only contribute to the discussion (if I can call the
recent mail flood a "contribution") only every few years. Please understand
that we might not like that suggestion, any more than if we suggested to the
FSF that they do extensive patent research on every protocol and format that is
embodied in any GNU-licensed software anywhere.
Thank you for the opportunity to comment on these issues.
This mailing list is open 24/7, not just when someone issues an call-to-arms.
We would appreciate well-thought-out input at other times as well.
recognize that the volume of mail generated by our announcement
about this issue to the free software community may be causing
inconvenience, but causing inconvenience was not the point of that
Welcome to the world of calls for action having unintended negative
consequences. The IETF has our own history with that...
--Paul Hoffman, Director
Ietf mailing list