spf-discuss
[Top] [All Lists]

RE: Microsoft & Sender ID - SPF confusion as of mid July 2004

2004-07-14 17:50:41
RFC 3688 - http://www.faqs.org/rfcs/rfc3668.html

"3.1. General Policy

   In all matters of Intellectual Property Rights, the
intent is to benefit the Internet community and the public
at large, while respecting the legitimate rights of others."

<snip>

"8.  Evaluating alternative technologies in IETF working
groups

   In general, IETF working groups prefer technologies with
no known IPR claims or, for technologies with claims
against them, an offer of royalty-free licensing.  But IETF
working groups have the discretion to adopt technology with
a commitment of fair and non-discriminatory terms, or even
with no licensing commitment, if they feel that this
technology is superior enough to alternatives with fewer
IPR claims or free licensing to outweigh the potential cost
of the licenses.

Over the last few years the IETF has adopted stricter
requirements for some security technologies.  It has become
common to have a mandatory-to-implement security technology
in IETF technology specifications.  This is to ensure that
there will be at least one common security technology
present in all implementations of such a specification that
can be used in all cases.  This does not limit the
specification from including other security technologies,
the use of which could be negotiated between
implementations.  An IETF consensus has developed that no
mandatory-to-implement security technology can be specified
in an IETF specification unless it has no known IPR claims
against it or a royalty-free license is available to
implementers of the specification unless there is a very
good reason to do so.  This limitation does not extend to
other security technologies in the same specification if
they are not listed as mandatory-to-implement."

<snip>

Keep in mind the old adage "honey attracts more flies than
vinegar," how about putting forward the following to the
IETF and politics is the art of compromise:

"Email is a fundamental part of the Internet. Spam
threatens the very viability of email. Implementation of
sender authentication will enhance the Internet experience
by helping to deal with this scourge.

The desired goal is to have as widespread an implementation
as quickly as possible.

Some participants in the present process have made known
claims of Intellectual property rights.

The Internet Society provides leadership in addressing
issues that confront the future of the Internet, serving as
the international organization for global coordination and
cooperation on the Internet.

In the best interests of the Internet and to enhance the
desired objective, keeping in mind the general policy as
set out in section 3.1 of RFC 3688 and the evaluation
criteria as found in section 8 of this document, it is
preferable for the IETF to select a standard which has no
known claims, or for which claims have been disclosed,
these claims are assigned to The Internet Society.

For these reasons, as individuals we urge all participants
to grant any known claims to The Internet Society, allowing
the IETF to more easily select the proposal which best
suits the Internet's interests.

Should all participants not do so, we call upon the IETF to
select a standard which allows email to continue as a
viable communication medium for the benefit of all Internet
users free of any property claims."

The reason I suggest assigning the claims to the Internet
Society, rather than waiving any claims, is this allows The
Internet Society to thwart any one from coming forward in
the future to claim an interest and to act for the common
good. 

It also sets a precedent as further developments occur.
This helps to prevent anyone group from laying claim to
email as we move from an open to a closed standard. It
allows email to continue as the preferred communication
vehicle without being subject to control by any single
interested party.

Having said this, if others want to waive the stick to
emphasize the point, hey let it rip.

John Glube
Toronto, Canada

The FTC Calls For Sender Authentication
http://www.learnsteps4profit.com/dne.html
 

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.718 / Virus Database: 474 - Release Date: 09/07/2004