ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Last Call: draft-ietf-tls-extractor (Keying Material Exportersfor Transport Layer Security (TLS)) to Proposed Standard

2009-07-22 17:30:37
from [Simon Josefsson] [Permanent Link] 
Let's go back to RFC 3979:

  6.4.  What Must be in a Disclosure?

  6.4.1.  The disclosure must list the numbers of any issued patents or
   published patent applications or indicate that the claim is based on
   unpublished patent applications.  The disclosure must also list the
   specific IETF or RFC Editor Document(s) or activity affected.

The "draft-ietf-tls-extractor-06" name is mentioned in the disclosure.

For what it's worth, the PDF referenced in the disclosure also mentions
draft-ietf-tls-extractor-06.

Together, I can't read this in any other way that Certicom believes they
have some patents covering draft-ietf-tls-extractor-06 and have followed
the RFC 3979 rules and informed the IETF about this.

If Certicom didn't intend to claim they believe they own patents that
they believe covers draft-ietf-tls-extractor-06 they need to supersede
the disclosure with one that does not mention that document.

The reason for this situation may be the poor terminology used by the
IETF IPR web pages.  I understand and appreciate that Certicom has tried
to clarify the situation, but to me the updated form does not improve
the situation.  Perhaps Certicom would be able to more easily create a
disclosure that matches RFC 3979 rules if the web pages were improved.

/Simon

"Joseph Salowey (jsalowey)" <jsalowey(_at_)cisco(_dot_)com> writes:


While I see that draft-ietf-tls-extractor is listed in section IV of
#1154 IPR disclosure as related material,  I see that it is explicitly
not listed in section V part C which lists what is specifically covered
by the disclosure.  I don't think Certicom is claiming IPR on
draft-ietf-tls-extractor because it is not among the list of documents
in section V.   

Joe


-----Original Message-----
From: ietf-bounces(_at_)ietf(_dot_)org 
[mailto:ietf-bounces(_at_)ietf(_dot_)org] On 
Behalf Of Simon Josefsson
Sent: Wednesday, July 22, 2009 12:32 PM
To: ietf(_at_)ietf(_dot_)org; tls(_at_)ietf(_dot_)org
Subject: Re: Last Call: draft-ietf-tls-extractor (Keying 
Material Exportersfor Transport Layer Security (TLS)) to 
Proposed Standard

With the caveat that I have recently returned from vacation, 
and consequently may have missed some clarifications or paged out some
context:

If the #1154 IPR disclosure is the final word from Certicom 
on this document, I don't support advancing this document on 
the standards track.  My concern remains that Certicom claims 
they have IPR that covers the document -- that is what the 
#1154 disclosure says (section IV).  The additional 
information provided in the PDF is not helping: it grants a 
license for use together with ECC.  It doesn't say anything 
about the use without ECC.

The way I see it, TLS implementers and the broader Internet 
does not gain something significant by having this document 
published.  Other IETF documents can use the TLS PRF to 
derive keying material.  On the contrary, it seems both TLS 
implementers and the broader Internet community would be hurt 
by publishing the document since having patent threats 
looming over widely used techniques has stability and 
interoperability impacts.

I recall that Certicom was positive about clarifying their 
intentions so maybe we can continue that discussion and get 
something more useful than the recent disclosure.

Speaking as TLS implementer of the document and document [1] 
author that reference this document, /Simon

[1] 
http://tools.ietf.org/html/draft-josefsson-krb5starttls-bootstrap-02

The IESG <iesg-secretary(_at_)ietf(_dot_)org> writes:


The IESG has received a request from the Transport Layer Security WG
(tls) to consider the following document:

- 'Keying Material Exporters for Transport Layer Security (TLS) '
   <draft-ietf-tls-extractor-06.txt> as a Proposed Standard

The IESG plans to make a decision in the next few weeks, 

and solicits 

final comments on this action.  Please send substantive comments to 
the ietf(_at_)ietf(_dot_)org mailing lists by 2009-08-10. 

Exceptionally, comments 

may be sent to iesg(_at_)ietf(_dot_)org instead. In either case, please 
retain 
the beginning of the Subject line to allow automated sorting.

The file can be obtained via
http://www.ietf.org/internet-drafts/draft-ietf-tls-extractor-06.txt


IESG discussion can be tracked via


https://datatracker.ietf.org/public/pidtracker.cgi?command=view_id&dTa

g=16821&rfc_flag=0

_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf


_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Last Call: draft-ietf-tls-extractor (Keying Material Exportersfor Transport Layer Security (TLS)) to Proposed Standard, Joseph Salowey (jsalowey)
Next by Date:  RE: [TLS] Last Call: draft-ietf-tls-extractor (Keying Material Exportersfor Transport Layer Security (TLS)) to Proposed Standard, Joseph Salowey (jsalowey)
Previous by Thread:  RE: Last Call: draft-ietf-tls-extractor (Keying Material Exportersfor Transport Layer Security (TLS)) to Proposed Standard, Joseph Salowey (jsalowey)
Next by Thread:  RE: [TLS] Last Call: draft-ietf-tls-extractor (Keying Material Exportersfor Transport Layer Security (TLS)) to Proposed Standard, Joseph Salowey (jsalowey)
Indexes:  [Date] [Thread] [Top] [All Lists]