Simon,

I filed for patent (Jan and Sep 2005) and later promoted TLS authz (Feb
2006) in good faith.  It is possible that the patent claims can be read more
broadly than I expected, but that's a fairly detailed and unresolved legal
question.  I am working diligently to -- let me speak carefully -- explore
if and how I can make a royalty free license grant to ensure that promoting
TLS authz continues to be an act in good faith, while still protecting a way
for my company to make money on its IPR.

I have experienced some surprises when mixing law and Internet standards.
To try to avoid surprises, I have hired IPR attorneys at two different firms
to review my draft which proposes a royalty-free license grant.  I expect
any resulting license will be conditioned upon IETF acceptance of TLS authz
as a standard.  I hope to have concluded these services next week.

I think IPR questions are complicated in part because for some questions
only a lawsuit can answer the question -- but we should all want to stay
clear of these kinds of lawsuits!  So answers seem to me to be in short
supply.  I want to craft the proposed license to make this situation a
little clearer than that, but doing so often involves taking risks of giving
away a huge loophole.  So I'm working to get good legal advice.

In short, I am working to create a royalty-free license grant -- hopefully I
can disclose it next week.  With some luck, it will clarify the situation.

Best regards,

mark

> -----Original Message-----
> From: Simon Josefsson [mailto:[EMAIL PROTECTED]
> Sent: Thursday, March 29, 2007 10:12 AM
> To: Sam Hartman
> Cc: ietf@ietf.org; iesg@ietf.org; [EMAIL PROTECTED]
> Subject: Re: Withdrawal of Approval and Second Last Call: draft-housley-
> tls-authz-extns
> 
> Sam Hartman <[EMAIL PROTECTED]> writes:
> 
> >>>>>> "Simon" == Simon Josefsson <[EMAIL PROTECTED]> writes:
> >
> >     Simon> I don't care strongly about the standards track status.
> >     Simon> However, speaking as implementer of the protocol: If the
> >     Simon> document ends up as informational or experimental, I
> >     Simon> request that we make an exception and allow the protocol to
> >     Simon> use the already allocated IANA protocol constants.  That
> >     Simon> will avoid interoperability problems.  I know the numbers
> >     Simon> are allocated from the pool of numbers reserved for
> >     Simon> standards track documents.  There is no indication that we
> >     Simon> are running out of numbers in that registry.  Thus, given
> >     Simon> the recall, I think the IETF should be flexible and not
> >     Simon> re-assign the IANA allocated numbers at this point just
> >     Simon> because of procedural reasons.
> >
> > Would you support publication on the standards track given the IPR
> > situation as someone who has implemented?
> 
> If the patent concern is valid and covers TLS libraries or other
> applications, no.
> 
> However, as far as I am aware of the public information that is
> available, the situation appears to be that we don't know whether
> these patents apply and to what extent.  I don't know whether the
> patents were filed in good or bad faith.  More information from the
> patent holders may help here.
> 
> If it is possible to implement the protocol without violating the
> patents, I would support publication.  I've seen some claims that this
> may be possible.  I have no interest in reading these patents myself,
> but my position would be influenced if someone knowledgeable reads the
> patents.
> 
> Given the amount of patents out there, it would be unreasonable for us
> to move everything to informational just because someone finds
> something that may be relevant to a piece of work.
> 
> The community needs to evaluate patent claims, and preferably reach
> conservative agreement (rough consensus is not good enough) on whether
> we should care about a particular patent or not.  Input to that
> community evaluation process may be documentation of legal actions
> taken by a patent owner.  Sometimes that may happen only after a
> document has been published.
> 
> I would support down-grading standards track documents that later turn
> out to be patent-infected to informational.  Doing so would avoid
> sending a message that the IETF supports patented technology, when the
> IETF community didn't know about the patents at publication time.  For
> credibility of the process, I believe it is important that these
> decisions are only made based on publicly available information.
> 
> /Simon


_______________________________________________
Ietf mailing list
Ietf@ietf.org
https://www1.ietf.org/mailman/listinfo/ietf

Reply via email to