In <0E45024F-FAAF-11D8-B42B-000A95AC5778(_at_)isipp(_dot_)com> "Anne P.
Mitchell, Esq." <amitchell(_at_)isipp(_dot_)com> writes:
Can anyone say with 100% certainty that there is *zero* technology,
software, or process, which can be reasonably argued by Microsoft to
belong to them, with regards to *checking*? [...]
IANAL and I feel a little nervous providing answers to a lawyer, but
here it goes anway.
I believe that MS's claims do not cover the marid-protocol draft,
which is basically SPF checks, with only the identity used by SPF
removed.
First off, this question was explicitly asked at the IETF-60
MARID session and the answer that Harry Katz gave was that the patents
applied to only marid-core. (marid-core has since been broken into
two I-Ds, both of which have the MS IPR claim.)
See the timestamp around 17:25. psa was the jabber scribe.
http://www.xmpp.org/ietf-logs/marid(_at_)ietf(_dot_)xmpp(_dot_)org/2004-08-04.html
Audio archives of this session are also, so if you poke around to find
the right spot, you can hear Harry's answers directly.
Secondly, by participating in the MARID mailing list, you are required
to read the "NOTE WELL" IETF information (see
http://www.ietf.org/NOTEWELL.html ). This refers you to RFC3667 and
RFC3668. In RFC3667 section 5.1, says that people who submit I-Ds
must disclose IPR claims, although it is not clear tome if this means
for all I-Ds that they know of, or only the one that they are
submitting. RFC3668 section 6 is much clear and explicitly says that
you must disclose IPR that you know of that are contributed by
others. See: http://www.ietf.org/rfc/rfc3668.txt
Since MS has not give such notices on the marid-protocl I-D, I am 99%
certain that MS is not claiming any IPR on it.
*PLEASE* correct me if I'm wrong.
Is the method for checking under Sender I.D. *identical* to the method
for checking for SPF?
Well, there have been some changes in the marid-protocol spec compared
with earlier SPF specs, but they are pretty minor. (e.g.,
marid-protocl uses a different version string.) So, I think for all
practical purposes, the answer is "yes".
And to be honest, for the life of me, I don't understand why SPF,
which already had a lot of support from other corners, isn't what's
being pushed now.
The two main claimed reasons for using the PRA algorithm in the merged
SPF and CallerID proposals are:
1) The PRA "protects what users see, e.g. the From: header". (Never
mind that the PRA really just protects the Resent-Sender: header
which almost no one sees.)
2) Using the PRA makes it easier for mail forwarders to comply.
(Never mind that support for mail forwarders on many open source
MTAs has been around for a fair while now. OTOH, I know of *no*
support for forwarders to add the headers required for the PRA.
Even the just announced milter from Sendmail doesn't appear have
the required support.)
While those are the claimed reasons, I think it is quite clear from
talking to quite a few people involved with this working group that
the REAL reason is:
* People want MS on board because it would *really* help deployment
and MS *really* wants their PRA algorithm.
-wayne