Internet Draft: Transport Layer Security (TLS) Evidence Extensions

Internet Draft: Transport Layer Security (TLS) Evidence Extensions

Oron Peled oron at actcom.co.il
Wed Feb 11 00:00:52 IST 2009


Hello,

I was worried by the information about a new Internet Draft which
seems to be troubled by patent claims even before its approval.
  [http://www.fsf.org/news/reoppose-tls-authz-standard]
So, I decided to read a bit before forming a final opinion.

First I've read the following link from 19-Nov-2008:
 https://datatracker.ietf.org/ipr/1026/

IANL but the language looks too familiar...
 "RedPhone Security agrees to grant licenses for such uses in a fair
  and nondiscriminatory manner. This statement applies to the
  Disclosed Patent Information, including all amendments in all
  nations as published during the course of prosecution."

I'm sure you are well aware that "fair and nondiscriminatory manner"
is the usual "newspeak" term for discriminating free software.
E.g: if someone only ask 10$ per-copy it means you cannot
distribute without having some copy counting mechanisms in place.

Looking further I've read the following link from 26-Nov-2008:
 https://datatracker.ietf.org/ipr/767/

So, about two weeks later, the same company says:
 "Any party wishing to request a license under the patent
  applications listed in Schedule A and/or any issued patents
  from such applications is encouraged to contact RedPhone Security."

Which clarifies they reserve the right to provide licenses on a case
by case basis (yes, under the non-yada-yada etc). This is very different
from cases where comprehensive blanket licenses are given by relevant
companies for inclusion of their technologies in standard setting papers.

Which begs the question -- why all this is disclosed barely two months
before the (supposed) approval of this draft standard? To hush
criticism? To make IETF think harder about withdrawing after investing
a lot of time and work into this?

Regretfully, we already saw in some industries the advent of litigious
companies messing with industry standards (you can head on to
 http://en.wikipedia.org/wiki/Rambus for a sad refresher).

Not long ago, we saw other important standard bodies loses much
of their credibility due to similar tactics (I obviously refer to
the ISO/IEC DIS 29500 farce).

I obviously don't want IETF to fall into a similar trap. It's
important to reject this proposal so all of us can trust any RFC
or STD for what they are -- a free specification for anybody to
implement as it wish.

Furthermore. Patent disclosure at the end of the process instead
of the beginning is not an example of honesty (do you think
they "forgot" they applied for these patents?)

IMHO, the only way for the IETF to protect itself and its reputation
from such predatory behaviour is to apply a mechanism to deter such
companies. Maybe something along the line of:

 "You made us work X months without trusting us with your secret plan?
  Good. You lost our trust for the same time frame. You are welcome
  to propose other free standards *after* this grace time passes."

I urge you to reconsider and not risk the great achievements of
Internet in general and the IETF in particular for a short term "gain".

Thank you very much for all your efforts,

[This mail was prepared and sent by free software, running on a
 free operating system, abiding by freely available Internet standards]

-- 
Oron Peled                                 Voice: +972-4-8228492
oron at actcom.co.il                  http://www.actcom.co.il/~oron
"There has grown up in the minds of certain groups in this
 country the notion that because a man or a corporation has made a
 profit out of the public for a number of years, the government
 and the courts are charged with the duty of guaranteeing such
 profit in the future, even in the face of changing circumstances
 and contrary public interest."

                            -- Robert Heinlein, "Life-Line" (1939)




More information about the Linux-il mailing list