ietf-mxcomp
[Top] [All Lists]

Re: Unencumbered Checking (was Re: DEPLOY: SPF/Sender ID support in Courier)

2004-08-31 09:27:17

wayne wrote:
In <0E45024F-FAAF-11D8-B42B-000A95AC5778(_at_)isipp(_dot_)com> "Anne P. Mitchell, 
Esq." <amitchell(_at_)isipp(_dot_)com> writes:


Can anyone say with 100% certainty that there is *zero* technology,
software, or process, which can be reasonably argued by Microsoft to
belong to them, with regards to *checking*? [...]


IANAL and I feel a little nervous providing answers to a lawyer, but
here it goes anway.

I believe that MS's claims do not cover the marid-protocol draft,
which is basically SPF checks, with only the identity used by SPF
removed.

First off, this question was explicitly asked at the IETF-60
MARID session and the answer that Harry Katz gave was that the patents
applied to only marid-core.  (marid-core has since been broken into
two I-Ds, both of which have the MS IPR claim.)

See the timestamp around 17:25. psa was the jabber scribe. http://www.xmpp.org/ietf-logs/marid(_at_)ietf(_dot_)xmpp(_dot_)org/2004-08-04.html

Audio archives of this session are also, so if you poke around to find
the right spot, you can hear Harry's answers directly.


To play devil's advocate, it really doesn't matter what he said until we see it in writing from Microsoft's lawyers.


Secondly, by participating in the MARID mailing list, you are required
to read the "NOTE WELL" IETF information (see
http://www.ietf.org/NOTEWELL.html ).  This refers you to RFC3667 and
RFC3668.  In RFC3667 section 5.1, says that people who submit I-Ds
must disclose IPR claims, although it is not clear tome if this means
for all I-Ds that they know of, or only the one that they are
submitting.  RFC3668 section 6 is much clear and explicitly says that
you must disclose IPR that you know of that are contributed by
others.  See: http://www.ietf.org/rfc/rfc3668.txt

Since MS has not give such notices on the marid-protocl I-D, I am 99%
certain that MS is not claiming any IPR on it.

*PLEASE* correct me if I'm wrong.


Lets add to that that the note well information may apply to list postings, including the ASRG list which is hosted at ietf.org, and you got yourself a can of legal worms. To my knowledge, Microsoft employees have never disclosed any potential IPR information on the ASRG list unlike what Phil Hallam-Baker and others have done.

And to be honest, for the life of me, I don't understand why SPF,
which already had a lot of support from other corners, isn't what's
being pushed now.


The two main claimed reasons for using the PRA algorithm in the merged
SPF and CallerID proposals are:

1) The PRA "protects what users see, e.g. the From: header".  (Never
   mind that the PRA really just protects the Resent-Sender: header
   which almost no one sees.)

2) Using the PRA makes it easier for mail forwarders to comply.
   (Never mind that support for mail forwarders on many open source
   MTAs has been around for a fair while now.  OTOH, I know of *no*
   support for forwarders to add the headers required for the PRA.
   Even the just announced milter from Sendmail doesn't appear have
   the required support.)

While those are the claimed reasons, I think it is quite clear from
talking to quite a few people involved with this working group that
the REAL reason is:

* People want MS on board because it would *really* help deployment
  and MS *really* wants their PRA algorithm.


It is also interesting to note that the protection of the "From:" header has been discussed at least a year and a half ago on the ASRG list here:
http://www1.ietf.org/mail-archive/web/asrg/current/msg04390.html

The use of XML for storing RMX records was first proposed on the ASRG list here:
http://www1.ietf.org/mail-archive/web/asrg/current/msg04302.html

I wonder how the IETF's IPR policy in the "note well" text applies here.

Yakov


<Prev in Thread] Current Thread [Next in Thread>