Russ Housley <hous...@vigilsec.com> writes:

> EXAMPLE
>
> Clearance may be the easiest one.  For simplicity, let's assume that
> the client are server already have X.509 identity certificates.
> Assume the server is operated by the military, and it includes some
> information that its wants to share with the public, perhaps
> recruiting data, and information that is available to anyone that has
> a clearance.  This latter information is released to any client that
> presents a valid attribute certificate that is bound to the X.509
> identity certificate used in client authentication and issued by any
> of the military branches that demonstrates that the client holds a
> clearance.

It seems to me that the authorization data passed in this way can be
used to "locate" an agreement, i.e., the legally binding document that
approve a certain individual for some clearance level.  The 1026 patent
disclaimer text suggests this mode would be covered by their patent
application.  So I don't follow how that would be an example of an
unencumbered way to use the protocol?

However, this is mostly a legal decision, to evaluate the risks to get
sued by implementing the technology, so I'll defer until I understand
what a lawyer thinks about the new situation.

/Simon
_______________________________________________
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf

Reply via email to