Phil:
For the people who want this draft published (and perhaps have a pending
implementation), would you please humour me by offering some usage
scenarios, other than debugging or toys, which would meet security
review and which are not covered by the four points which the
patent-holder notes as potentially encumbered?
I'll offer one based on attribute certificates (see RFC 3281). If
the attribute certificate policy does not use a critical certificate
policy identifier that is within an arc registered to RedPhone
Security (e.g. iso.org.dod.internet.private.enterprise.23106), then
the most straightforward deployments would not encounter problems
with this IPR Statement. RFC 3281 specifies ways to carry access
identities, group memberships, roles, and clearances in attribute
certificates. As long as these are not coupled to signed agreements
such as contracts, as is their normal use, then I cannot see problems
with this IPR statement.
This is one example. I believe there are many more.
Russ
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf