I do not support publication of this document as a Proposed Standard, for
several reasons:
a. I believe that the subject of this document (TLS authorization) is of
fundamental importance to a number of IETF WGs, and therefore it should
not be handled via AD-sponsorship, but rather within a WG. If the TLS
WG does not wish to deal with the document, then the IETF should
consider formation of a new WG to deal with this and other TLS extensions.
b. This document has become a lightening rod for attacks on the integrity
of the IETF and IESG. Rather than ignoring the concerns that have been
raised, I believe that the IETF needs to tackle them head on, by initiating
reforms in the areas of affiliation disclosure and conflict of interest within
the IESG. Given the current controversy, approving this document could
be interpretted as a lack of concern about those issues.
c. I'm not convinced that the latest Redphone IPR disclosure represents
a substantive rather than a cosmetic change from previous disclosures.
-----Original Message-----
From: ietf-announce-bounces at ietf.org
[mailto:ietf-announce-bounces at ietf.org] On Behalf Of The IESG
Sent: 14 January 2009 16:18
To: IETF-Announce
Subject: Fourth Last Call: draft-housley-tls-authz-extns
On June 27, 2006, the IESG approved "Transport Layer Security
(TLS) Authorization Extensions,"
(draft-housley-tls-authz-extns) as a proposed standard. On
November 29, 2006, Redphone Security (with whom Mark Brown, a
co-author of the draft is affiliated) filed IETF IPR disclosure 767.
Because of the timing of the IPR Disclosure, the IESG
withdrew its approval of draft-housley-tls-authz-extns. A
second IETF Last Call was initiated to determine whether the
IETF community still had consensus to publish
draft-housley-tls-authz-extns as a proposed standard given
the IPR claimed. Consensus to publish as a standards track
document was not demonstrated, and the document was withdrawn
from IESG consideration.
A third IETF Last Call was initiated to determine whether the
IETF community had consensus to publish
draft-housley-tls-authz-extns as an experimental track RFC
with knowledge of the IPR disclosure from Redphone Security.
Consensus to publish as experimental was not demonstrated; a
substantial segment of the community objected to publication
on any track in light of the IPR terms.
Since the third Last Call, RedPhone Security filed IETF IPR
disclosure 1026. This disclosure statement asserts in part
that "the techniques for sending and receiving authorizations
defined in TLS Authorizations Extensions (version
draft-housley-tls-authz-extns-07.txt) do not infringe upon
RedPhone Security's intellectual property rights". The full
text of IPR disclosure 1026 is available at:
https://datatracker.ietf.org/ipr/1026/
This Last Call is intended to determine whether the IETF
community had consensus to publish
draft-housley-tls-authz-extns as a proposed standard given
IPR Disclosure 1026.
The IESG is considering approving this draft as a standards
track RFC. The IESG solicits final comments on whether the
IETF community has consensus to publish
draft-housley-tls-authz-extns as a proposed standard.
Comments can be sent to ietf at ietf.org or exceptionally to
iesg at ietf.org. Comments should be sent by 2009-02-11.
A URL of this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-housley-tls-authz-extns-07.txt
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf