At 01:24 PM 11/17/99 -0500, David P. Kemp wrote:
If you are proposing to preclude discussion or progression of this
draft until an acceptable IPR statement has been provided to the IETF,
I support the proposal.
Thanks!
The PKIX WG was fully prepared to strike all mention of CRL
Distribution Points from the profile after an ugly IPR issue surfaced.
As a result of the Working Group's position a satisfactory IPR
statement was produced, in record time.
I'll disagree with you here. Many companies have been much speedier about
giving much more liberal licenses than Entrust did in the CRL DP case. And,
many other companies are much more forthright than Entrust was about their
patent applications *before* the WG tries to standardize technology.
The cellular telephone industry in particular does not automatically
disqualify a technology simply because it is encumbered, even if
royalties are involved. But it demands that the terms be spelled out
up front, so that the participants can make meaningful decisions on
whether to standardize or ignore a technology.
I'm certainly not saying we should disqualify EC in S/MIME; there may be
market demand for it. I'm saying that Certicom's IPR statement is so
purposely vague that we shouldn't be helping them in the market until they
do much more work to clarify what it is they claim. At that point, we can
decide whether or not to go ahead.
This is not a new issue with Certicom. They have claimed for years that
they have patents or pending patents on "all interesting variations of
elliptic curve cryptography". Such threats are what have made so many
companies stay away from them.
--Paul Hoffman, Director
--Internet Mail Consortium