I think we need to be careful when it comes to IPR, if we are not careful we
can allow anyone to exercise a veto on any spec they choose without being
required to substantiate it.
There is a balance here between ensuring that a patent holder does not unjustly
enrich themselves by enforcing rights to an inconsequential, undisclosed,
unnecessary or otherwise bogus patent claim on the one hand and ensuring that a
purported patent holder does not exercise undue influence on the standards
process by making a claim that they stand little or no chance of being able to
enforce in a court.
We have an IPR committee but I think that is part of the problem, not the
solution. The IETF should not sit down and draft IPR rules. We should act like
a standards body and recognize rules that have already been established
elsewhere. The W3C went through this whole process once and obtained the
agreement of the major IPR stakeholders and the open source movement. I see no
reason at all to duplicate that effort. Members of W3C staff have informally
indicated that they would be willing to release the document on a creative
commons license.
I don't think we should be having regular discussions on the details of IPR
policy here on the IETF list as we keep doing. Given the layer in the stack
where the IETF operates it is not practical for us to have a blanket policy as
W3C does that all standards be on completely open IPR terms. There are some
areas where this is simply not possible - PKI in the era of Public Key Partners
for example. We can however adopt rules similar to those at OASIS that create a
strong bias towards open IPR terms without making open IPR a mandatory
criteria.
What I would suggest is that new working groups be required to specify the
governing IPR rules in their charter, these would be either that all IPR must
be offered according to an open grant on W3C terms or that the working group
specifies at the outset that RAND terms are acceptable.
By making the process all or nothing the bargainng leverage of the IETF is
enhanced. Allowing each WG to negotiate separately weakens their bargaining
power as any agreement that the IPR holder makes will be applied as binding
precedent on them but not on others. Any future working group will expect to be
offered terms at least as generous as those offered in the past from that
particular IPR holder but the IPR holder cannot expect their competitors to be
held to the same standard.
________________________________
From: Simon Josefsson [mailto:simon(_at_)josefsson(_dot_)org]
Sent: Thu 18/10/2007 10:30 AM
To: Tim Polk
Cc: ietf(_at_)ietf(_dot_)org
Subject: Re: Third Last Call: draft-housley-tls-authz-extns
Tim Polk <tim(_dot_)polk(_at_)nist(_dot_)gov> writes:
The IESG solicits final comments on whether the IETF community has
consensus to publish draft-housley-tls-authz-extns as an experimental
standard given the IPR claimed. Comments can be sent to
ietf(_at_)ietf(_dot_)org
or exceptionally to iesg(_at_)ietf(_dot_)org(_dot_) Comments should be sent
by
2007-10-23.
I was negative to publication during the earlier last calls, and I
continue to be so. The primary reason remains the uncertainty of the
IPR situation. It is not clear to me that I can implement this
protocol
freely without the burden of patent licenses. I'm speaking as a free
software implementer of this document (see GnuTLS, <www.gnutls.org>).
As the sponsoring AD, I would like to explain why I support publication
as an Experimental RFC. To quote RFC 2026, "Such a specification is
published for the general information of the Internet technical
community
and as an archival record of the work." Given the technical merits of
the
document and the existence of independent implementations, I believe
it is in the interest of the community to have an archival record of
this work.
I believe that is a poor argument, because the only implementation I am
aware of is the one I wrote. And I'm opposed to publication of the
document.
To clarify that the part of the community that I'm a member of is not
interested in supporting this technology, we have decided to remove our
implementation. See the announcement for GnuTLS in:
** TLS authorization support removed.
This technique may be patented in the future, and it is not of crucial
importance for the Internet community. After deliberation we have
concluded that the best thing we can do in this situation is to
encourage society not to adopt this technique. We have decided to
lead the way with our own actions.
<http://permalink.gmane.org/gmane.network.gnutls.general/955>
I hope you will reconsider sponsoring the document.
/Simon
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf