Russ Housley <housley(_at_)vigilsec(_dot_)com> writes:
EXAMPLE
Clearance may be the easiest one. For simplicity, let's assume that
the client are server already have X.509 identity certificates.
Assume the server is operated by the military, and it includes some
information that its wants to share with the public, perhaps
recruiting data, and information that is available to anyone that has
a clearance. This latter information is released to any client that
presents a valid attribute certificate that is bound to the X.509
identity certificate used in client authentication and issued by any
of the military branches that demonstrates that the client holds a
clearance.
It seems to me that the authorization data passed in this way can be
used to "locate" an agreement, i.e., the legally binding document that
approve a certain individual for some clearance level. The 1026 patent
disclaimer text suggests this mode would be covered by their patent
application. So I don't follow how that would be an example of an
unencumbered way to use the protocol?
However, this is mostly a legal decision, to evaluate the risks to get
sued by implementing the technology, so I'll defer until I understand
what a lawyer thinks about the new situation.
/Simon
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf