On Jan 14, 2009, at 4:53 PM, Dean Anderson wrote:
Somehow I haven't yet recieved the fourth last call, but only the
discussion.... Sigh.
see http://www.ietf.org/mail-archive/web/ietf-announce/current/
msg05617.html
There are MANY reasons that this should not be brought to a FOURTH
last
call let me enumerate a few:
Obviously I disagree since I did bring it to a fourth last call. I
believe the
technology is useful, the specification of sufficient quality, and
the IPR
situation is now consistent with the community's statements in the
preceding Last Call. This makes it worth the pain of another last call.
1. --There have been THREE previous, soundly-rejected last calls, the
last one with literally dozens, perhaps hundreds of people against it.
The first last Call was not rejected at all. It supported
publication but was
invalidated by the late IPR disclosure. The third Last Call was rather
divided, IMHO. And "hundreds" is a gross exaggeration...
2. --There are a couple of web page on the deception perpetrated by
Housley, Brown, Polk et al at
http://www.av8.net/IETF-watch/People/Housley/index.html
http://www.av8.net/IETF-watch/People/TimPolk/index.html
The IETF and IESG positions should not be used to benefit the
office-holders through deception of the IETF. The members of the ISOC
and participants in the ISOC IETF Activity have clearly rejected
the use
of IESG seats for this purpose.
The allegations are bogus. I am not benefiting in any way, and there
has
been no deception. There is no attempt to circumvent the community,
only
an attempt to determine if consensus supports publication given the new
IPR disclosure statement.
3. --There have been reports of similar issues in recent lawsuit where
the plaintiff patent-holder acted similarly to Housley/Brown/Polk
et al
and was found to have engaged in "aggravated litigation abuse". In
that
case, the Judge ruled the patents unenforceable as a penalty for the
deception of the standards body in that case. (see
http://www.ietf.org/mail-archive/web/ipr-wg/current/msg05089.html and
http://www.cafc.uscourts.gov/opinions/07-1545.pdf)
In my opinion, these cases are irrelevant to the question presently
at hand.
This last call considers this specification in light of the published
IPR
disclosure 1026. If this specification is approved and new IPR
claims are
submitted in the future, then these cases would be relevant.
4. --There is no community consensus to proceed, nor any demand
from the
community to have this protocol standardized.
I would say this is a rather premature consensus call. It's four
weeks for
individual submissions, not four hours.
And I have certainly received email that shows members of the community
(other than the authors) want to use this technology.
5. --There is only one implementation: Brown&Housley's
You know that's not true. Simon Josefsson also implemented authz,
although
he removed it from his distribution after the initial IPR disclosure.
These reasons are sufficient to preclude a standard under the rules of
the IETF.
Since I disagree with all your reasons, it shouldn't be surprising
that I disagree
with the conclusion.
[stuff deleted, moving onto substantive (IMHO) discussion.]
It is also my opinion that there is no need for this subprotocol given
the other IETF authorization protocols and standards that would
operate
transparently inside a TLS channel and need no special TLS handling.
There are members of the community that disagree. Some have posted
already.
But
if there is consensus that there is indeed a genuine need to have an
authorization sub-protocol as part of TLS, then I believe a new
sub-protocol should be developed openly and transparently that does
not
infringe or utilize Brown's patent, so that Brown, Housley, Polk et al
do not profit by the standard.
If you read the IPR disclosure statement you will find that this
specification
does not infringe or utilize RedPhone's IPR.
No technical issues have been raised concerning this protocol, and I am
not aware of any proposed alternatives.
Failure to publish at this point would simply be biting the nose off
to spite
the face.
Tim Polk
Dean Anderson
CEO
AV8 Internet, Inc
--
Av8 Internet Prepared to pay a premium for better service?
www.av8.net faster, more reliable, better service
617 344 9000
_______________________________________________
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf
