A couple more comments, being a follow up to dip's note.
People may think, okay let's say Meng writes a note as
Glube suggests, what is to compel MS to respond and why
does Glube believe that MS will respond in the affirmative.
MS will only do that which it believes is in its
self-interest.
It is in the self-interest of MS to have Meng's
co-operation in writing the drafts for the Sender
Authentication Framework (SAF).
(I am not using Sender ID out of respect for the prior
ruling of the former MARID chairs on this point.)
Meng is involved in three documents, protocol, mailfrom and
core, along with the original SPF classic document.
The existing draft of the SAF protocol, being spf2.0 speaks
of two scopes, "pra" and "from."
Meng wants to specifically include a reference to the pra
scope in this document. My view on this, fine but you do so
on your own and not on behalf of the SPF community. Others
may disagree.
On the other hand, some people have said, if the document
is going to speak for the SPF community, neither include
nor exclude the PRA scope.
Fine. Then one could say something like:
|This is open protocol. If others wish to propose one or
|more additional scopes, they may do so, except that any
|additional scopes MUST be completely compatible and not in
|any way interfere with the interoperability of any records
|published in accordance with this protocol.
In any event, either way, since Mark and Meng control the
pen and since Meng is also on marid-core with Jim Lyon,
then MS needs Meng's co-operation.
As to spf1, the concept is open source. If others wish to
propose scopes for other methods of checking, do we have
any right to specifically exclude them from so doing?
Having said this, I believe the list consensus is clear.
There is no desire on the part of the community at large to
tamper with SPF classic by either specifically, or
implicitly allowing for the addition of other scopes.
In the circumstances, I see nothing wrong with Meng writing
a letter which both protects the SPF community at large
against excessive patent claims by MS.
There are specific reasons why it is in Microsoft's best
interest to respond affirmatively or not respond
negatively, depending on how the letter is written:
* It confirms there commitment to the representations made
during the MARID process. Should MS not confirm or object,
I suggest the IESG would have no choice but to reject SAF.
* It mitigates anti-trust concerns that may otherwise arise
should MS seek to claim an IPR interest in other sender
authentication techniques besides PRA that are DNS based
and don't involve cryptographic methods.
* By disclaiming patent claims involving forms of sender
authentication not related to PRA that are DNS based and
don't involve cryptographic methods this makes it easier
for MS to hold firm on the draft patent license.
In essence MS can say at this juncture:
|What's the problem? At present, we are the only people who
|believe in this method. So at least for experimental
|purposes, why force the issue. The open source community
|can move ahead with mail from checking without any
|encumbrance. That is what it believes in. Besides we are
|prepared to discuss the matter with representatives of the
|Open Source Community and we can revisit the draft patent
|license if (we believe when) it is decided to convert PRA
|checking into a formal standard.
By pointing out to MS the prior difficulties and urging MS
to reconsider its position, Meng has acted in a manner
which both re-assures the SPF community and says to MS:
|Look I am telling you this will be a problem. You folks
|proceed at your own risk.
Should it turn out the IESG is forced to withdraw PRA
checking because of the draft patent license, Meng can say,
|Don't blame me. I warned you in advance of the problem.
Having said this, these are simply my views. If people are
concerned that MS may not respond, another way to write the
letter and achieve the same goal follows:
|Dear Craig,
|
|I write further to your letter of September 24, 2004, copy
|posted to the spf-discuss list.
|
|There is some confusion as to what you meant by this letter.
|
|However, I take the letter as meaning despite the broad
|scope of the patent applications, as confirmed by:
|
|* the IPR claims as filed by Microsoft Corporation in
|relation to Caller-ID, marid-core and marid-pra operating
|in combination;
|
|* the specific exclusion of these methods from marid-core
|as originally presented;
|
|* the lack of any filing in relation to marid-protocol or
|marid-mailfrom prior to the closing of MARID; and
|
|* the specific representations made by Microsoft's
|representative to the MARID list;
|
|that Microsoft has disclaimed any patent claims concerning
|techniques involving authentication of the SMTIP mail from,
|HELO/EHELO or IP address using DNS.
|
|It is on this basis that:
|
|* That the SPF community has moved forward to date);
|
|* The SPF community will continue to move ahead with its
|work; and
|
|* Mark and I will be filing our various drafts for
|consideration as RFC Experimental Standards by the IESG.
|
|In the event my understanding is not correct, please let me
|know by reply correspondence immediately as there is some
|urgency in this matter.
|
|Failure to respond will be deemed acceptance.
|
|Thank you for your attention to these matters.
|
|Yours truly,
|
|Meng Weng Wong
|
|P.S. As to Microsoft's draft patent license, there is a
|strong consensus within many parts of the Internet
|community that this license, although it may meet IETF
|requirements, is not suitable for use with an open
|standard, especially given the importance of email.
|
|Therefore, for reasons which have been previously expressed
|and for the sake of the whole project, I urge Microsoft to
|reconsider its position and amend its draft patent license
|so that it is fully compatible with the Open Standard
|Alliance model, while protecting its own position.
|
|cc Ted Hardie
| Scott Hollenbeck
| Andy Newton
| Marshall Rose
| SPF Discuss List
Also, as I stated previously, Meng has to put something on
paper to avoid being "painted."
Trusting this helps,
John
John Glube
Toronto, Canada
For The Record, Will Microsoft Own Email?
http://www.learnsteps4profit.com/wme.html
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.767 / Virus Database: 514 - Release Date: 21/09/2004