Re: IPR Questions Raised by Sam Hartman at the IETF 73 Plenary

[Simon Josefsson]

Keith Moore  writes:

> Dave CROCKER wrote:
>
>> My assumption was that the IETF owned the work.  Pure and simple.
>> 
>> The IETF was free to do whatever the hell if felt like with the work and
>> I retained no rights.  Use it.  Give it to another group.  Kill it. 
>> Whatever.
>
> My understanding was that IETF had a non-exclusive, transferable license
> to my rights to the work as creator, including the right to make
> derivative works.  But that's not the same thing as IETF owning the work.

Right.  One reason RFC 5378 is drafted the way it is, is that the IETF
didn't used to have the right to sub-license contributions to others.

If contributors would have licensed all their contributions to "anyone"
instead of to the Trust, the problem would be reduced.  The second step
in solving the problem would be to allow contributions to contain
material with separate licenses, to allow for older IETF contributions.

/Simon
___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf

Re: IPR Questions Raised by Sam Hartman at the IETF 73 Plenary

[Cullen Jennings]

Larry,  your email sounded dangerously close to suggesting that it  
might be ok to break the copyright law because no one would object to  
it. Is that what you are suggesting?



On Dec 17, 2008, at 5:56 PM, Lawrence Rosen wrote:


Dave Crocker wrote:

That was the culture. Law often
follows culture, since culture creates established practice.


I hope you're right.

May I ask: Is there anyone on this list who is asserting a current  
copyright

interest in any IETF RFC--on your own behalf or on behalf of your
company--that would encumber the freedom of any IETF participants to  
copy,
create derivative works, and distribute that RFC in accordance with  
IETF

culture?

On what basis do you assert that current copyright interest in those  
RFCs?
Have you registered that copyright? Is that copyright interest sole  
or joint

with any other entity, including other contributors or the IETF Trust
itself?

I'm not interested to hear about hypothetical situations. I would  
like to
know if there are any actual claims of copyright ownership that  
people here
are even considering to assert against IETF's complete freedom to  
act and

establish functional Internet standards.

/Larry




-Original Message-
From: ietf-boun...@ietf.org [mailto:ietf-boun...@ietf.org] On  
Behalf Of

Dave CROCKER
Sent: Wednesday, December 17, 2008 3:34 PM
To: Brian E Carpenter
Cc: IETF discussion list
Subject: Re: IPR Questions Raised by Sam Hartman at the IETF 73  
Plenary




Brian E Carpenter wrote:

On 2008-12-18 11:32, Dave CROCKER wrote:

My assumption was that the IETF owned the work.  Pure and simple.


False. You never implicitly transferred ownership.



Yes I did.  As I say, that was the culture.

Scott didn't have to come to Erik or me and ask permission, and he  
didn't

even
have to think about whether he was required to.  That was the  
culture. Law

often
follows culture, since culture creates established practice.

I do realize that that was a long time ago and that we certainly  
have many

participants holding different views.

I was reviewing the history on the general belief that a crisis of  
the

current
sort can often be aided by taking a fresh look at first principles.



But since I've now had a number of public and private exchanges  
with folk

who
have been diligent participants in this topic and since none has  
seemed to
understand -- nevermind embrace -- the line of discussion I've  
tried to

raise,
I'll go back to my observer status and let the folks who are  
putting the

real
effort into this continue on.

d/


--

  Dave Crocker
  Brandenburg InternetWorking
  bbiw.net
___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf


___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf


___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf

Re: IPR Questions Raised by Sam Hartman at the IETF 73 Plenary

[Keith Moore]

Lawrence Rosen wrote:

> That's the problem around here. People worry to death about IP claims that
> nobody is willing to actually make. People develop IP policies that solve
> nonexistent problems (such as the "code" vs. "text" debate) and, by doing
> so, add further confusion, evidenced by this current problem. 

This should not be surprising.  The vast majority of us are not lawyers,
and therefore we don't have the kind of wisdom that a lawyer has - in
particular the kind of wisdom that tells an experienced lawyer which
kinds of threats are actually worth worrying about, and more
importantly, which ones are not.

To most of us, the law - especially intellectual property law - is a
threat that we don't understand.  But we've seen it do considerable harm
to our profession, and many of us have been personally burned by it.  So
we can't afford to ignore the problem.

And while we also have some difficulty knowing how much to trust IETF's
 counsel on these matters, few of us are willing/able to pay for our own
legal advice in these matters.  Even if we did, it's not clear that we'd
get consistent answers from our individual lawyers.  So in order to get
rough consensus among ourselves, we'd still be trying to protect
ourselves against threats that many would feel were nonexistent.

I'm not sure what to do about any of this.

Keith
___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf

RE: IPR Questions Raised by Sam Hartman at the IETF 73 Plenary

[Lawrence Rosen]

Reply below. /Larry

> -Original Message-
> From: John C Klensin [mailto:john-i...@jck.com]
> Sent: Wednesday, December 17, 2008 7:02 PM
> To: lro...@rosenlaw.com; 'IETF discussion list'
> Subject: RE: IPR Questions Raised by Sam Hartman at the IETF 73 Plenary
> 
> 
> 
> --On Wednesday, 17 December, 2008 16:56 -0800 Lawrence Rosen
>  wrote:
> 
> > Dave Crocker wrote:
> >> That was the culture. Law often
> >> follows culture, since culture creates established practice.
> >
> > I hope you're right.
> >
> > May I ask: Is there anyone on this list who is asserting a
> > current copyright interest in any IETF RFC--on your own behalf
> > or on behalf of your company--that would encumber the freedom
> > of any IETF participants to copy, create derivative works, and
> > distribute that RFC in accordance with IETF culture?
> >...
> 
> Larry,
> 
> So that we don't get assertions about either universal negatives
> or about people who are assumed to give up the right to claim
> copyright interest as a consequence of not answering your
> question,...

[LR:] Universal negatives? I remember at least one email here yesterday or
today where someone cavalierly stated that he claimed a copyright in an
unnamed IETF spec. I wanted to flesh that claim out. Perhaps that person
will have the courage to speak up precisely.

That's the problem around here. People worry to death about IP claims that
nobody is willing to actually make. People develop IP policies that solve
nonexistent problems (such as the "code" vs. "text" debate) and, by doing
so, add further confusion, evidenced by this current problem. 

I refuse to be cowed by ambiguous claims of IP, particularly copyrights that
seek to inhibit the development of *functional* industry standards. It is
even worse than ambiguously claiming that "there might be patented
technology here" but then refusing to identify or license it, because
copyright lasts for 100 years, not just 20. I can outwait the patent IP
claims, but technology will be hostage for my entire lifetime to the
copyrights. That can't be justified.

 
> Your question does not distinguish between uses by IETF
> participants for IETF-related purposes (e.g., standards
> development) and uses by people who participate in the IETF for
> purposes not directly related to IETF work (e.g., insertion into
> programs or their documentation whether conforming to those
> standards or not).  Was the failure to make that distinction
> intentional?

[LR:] Yes. Both are absolutely essential for implementation of open
standards.


> If it was intentional, is your question intended as a back-door
> way to reopen the questions about whether the IETF intends
> unlimited use of its material, with or without acknowledgements
> and citation and regardless of purpose, that the IPR WG resolved
> in the negative?

[LR:] Yes, since the front door has been closed. My question is definitely:
Is anyone retaining a copyright in such functional materials with the intent
to prevent unlimited use by *anyone*? Please don't assert that this need be
"without acknowledgements and citation." I've never said that. As for
"regardless of purpose," as long as the purpose is to obtain a specific
standard functionality and thus the words are not subject to copyright, try
and stop me, regardless of what the IPR WG says.


> Finally, when you ask this question, are you asking as an
> individual participant in the IETF process or as an attorney who
> might be called upon to advise one or more clients on the
> subject of dealing with the IETF and/or IETF-related IPR?  If
> the latter, would you mind identifying those clients and any
> other interest you might have in the answers other than idle
> curiousity?

[LR:] I am asking as an attorney and IETF participant (we're all individuals
here, I've been told, with individual opinions) who is anxious to understand
why so many people on here are worried about copyright infringement and are
seeking to protect copyrights they don't even have the honesty to claim
outright. I care about IETF specifications in this email thread, not about
any specific clients. As to whether I might represent one or more clients on
this issue, my lips are sealed.


>thanks,
> john
> 
> p.s. Even if it were clearly true at one time, which some would
> dispute, Dave's assertion about the present IETF culture is
> controversial given, at least, the IETF's history and positions
> about IPR and copyright over the last decade or more.

[LR:] So if the "culture" is controversial, and the "process" we've
inadequately developed is controversial, perhaps we should actually consider
the law. Which is what I'm trying to do. Unfortunately what people are doing
here is speculating about hypothetical situations and refusing to declare
their real interests in promoting restricted copyright licenses for
functional specifications.




___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/lis

RE: IPR Questions Raised by Sam Hartman at the IETF 73 Plenary

[John C Klensin]

--On Wednesday, 17 December, 2008 16:56 -0800 Lawrence Rosen
 wrote:

> Dave Crocker wrote:
>> That was the culture. Law often
>> follows culture, since culture creates established practice.
> 
> I hope you're right.
> 
> May I ask: Is there anyone on this list who is asserting a
> current copyright interest in any IETF RFC--on your own behalf
> or on behalf of your company--that would encumber the freedom
> of any IETF participants to copy, create derivative works, and
> distribute that RFC in accordance with IETF culture?
>...

Larry,

So that we don't get assertions about either universal negatives
or about people who are assumed to give up the right to claim
copyright interest as a consequence of not answering your
question,...

Your question does not distinguish between uses by IETF
participants for IETF-related purposes (e.g., standards
development) and uses by people who participate in the IETF for
purposes not directly related to IETF work (e.g., insertion into
programs or their documentation whether conforming to those
standards or not).  Was the failure to make that distinction
intentional?

If it was intentional, is your question intended as a back-door
way to reopen the questions about whether the IETF intends
unlimited use of its material, with or without acknowledgements
and citation and regardless of purpose, that the IPR WG resolved
in the negative?

Finally, when you ask this question, are you asking as an
individual participant in the IETF process or as an attorney who
might be called upon to advise one or more clients on the
subject of dealing with the IETF and/or IETF-related IPR?  If
the latter, would you mind identifying those clients and any
other interest you might have in the answers other than idle
curiousity?

   thanks,
john

p.s. Even if it were clearly true at one time, which some would
dispute, Dave's assertion about the present IETF culture is
controversial given, at least, the IETF's history and positions
about IPR and copyright over the last decade or more.

___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf

RE: IPR Questions Raised by Sam Hartman at the IETF 73 Plenary

[Lawrence Rosen]

Dave Crocker wrote:
> That was the culture. Law often
> follows culture, since culture creates established practice.

I hope you're right.

May I ask: Is there anyone on this list who is asserting a current copyright
interest in any IETF RFC--on your own behalf or on behalf of your
company--that would encumber the freedom of any IETF participants to copy,
create derivative works, and distribute that RFC in accordance with IETF
culture?

On what basis do you assert that current copyright interest in those RFCs?
Have you registered that copyright? Is that copyright interest sole or joint
with any other entity, including other contributors or the IETF Trust
itself?

I'm not interested to hear about hypothetical situations. I would like to
know if there are any actual claims of copyright ownership that people here
are even considering to assert against IETF's complete freedom to act and
establish functional Internet standards.

/Larry



> -Original Message-
> From: ietf-boun...@ietf.org [mailto:ietf-boun...@ietf.org] On Behalf Of
> Dave CROCKER
> Sent: Wednesday, December 17, 2008 3:34 PM
> To: Brian E Carpenter
> Cc: IETF discussion list
> Subject: Re: IPR Questions Raised by Sam Hartman at the IETF 73 Plenary
> 
> 
> 
> Brian E Carpenter wrote:
> > On 2008-12-18 11:32, Dave CROCKER wrote:
> >> My assumption was that the IETF owned the work.  Pure and simple.
> >
> > False. You never implicitly transferred ownership.
> 
> 
> Yes I did.  As I say, that was the culture.
> 
> Scott didn't have to come to Erik or me and ask permission, and he didn't
> even
> have to think about whether he was required to.  That was the culture. Law
> often
> follows culture, since culture creates established practice.
> 
> I do realize that that was a long time ago and that we certainly have many
> participants holding different views.
> 
> I was reviewing the history on the general belief that a crisis of the
> current
> sort can often be aided by taking a fresh look at first principles.
> 
> 
> 
> But since I've now had a number of public and private exchanges with folk
> who
> have been diligent participants in this topic and since none has seemed to
> understand -- nevermind embrace -- the line of discussion I've tried to
> raise,
> I'll go back to my observer status and let the folks who are putting the
> real
> effort into this continue on.
> 
> d/
> 
> 
> --
> 
>Dave Crocker
>Brandenburg InternetWorking
>bbiw.net
> ___
> Ietf mailing list
> Ietf@ietf.org
> https://www.ietf.org/mailman/listinfo/ietf

___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf

Re: IPR Questions Raised by Sam Hartman at the IETF 73 Plenary

[John C Klensin]

--On Wednesday, 17 December, 2008 15:23 -0800 Randy Presuhn
 wrote:

> Hi -
> 
>> From: "John C Klensin" 
>> To: "Randy Presuhn" ; "IETF
>> discussion list"  Sent: Wednesday, December
>> 17, 2008 2:40 PM
>> Subject: Re: IPR Questions Raised by Sam Hartman at the IETF
>> 73 Plenary
> ...
>> What gives your WG the ability to function is 5.4, where the
>> Trust gives back to the IETF participants what the Trust
>> received under 5.1 and 5.3.   But they can't give back what
>> they don't have, so, if your WG is required to derive its
>> permission to do work from 5.4 and a previous author takes a
>> walk rather than making the 5.1 guarantees and 5.3 transfers
>> _to the Trust_...
> ...
> 
> Ok, so if my understanding was incorrect, at what point must we
> stop work until this is corrected?

Here is where you are on your own.  In spite of saying that it
sets up binding legal agreements, RFC 5378 says that it isn't
legal advice (about what those agreements mean or anything else)
and that you need to find your own.  While some people have
offered the opinion that, since no one is likely to sue, you can
safely just ignore the specifics of that document and proceed as
usual, I assume that no one has promised that is legal advice on
which you can rely either.  Since I have already said it on
another list, I can tell you that I've been advised by my
attorney to not post any document for which I'm quite certain
that all prior contributors have made 5378-compliant transfers
to the IETF.  But he is far more aware of my circumstances,
circumstances that are almost certainly not the same as yours,
and what he has told me is definitely not legal advice to you or
on which you should rely.

As to dates, opinions about that seem to differ.  The WG decided
to not incorporate a date (or description of triggering events)
in the text of 5378, so you can't find a lot of help there.
There is an an analysis of the date issue in
draft-klensin-rfc5378var-02a.txt.  Since it lists around a
half-dozen possibilities based on common sense understanding of
the situation (again, not a legal opinion), you should go read
it rather than my trying to paraphrase, but I believe the answer
is "sometime between 10 November and tomorrow".  Some attorneys
who have been consulted have mumbled something that sounded like
"depends on when a reasonable person would have known about the
new rules", but mumbling definitely does not constitute legal
advice.

>  (I can virtually guarantee
> that we will not get explicit permission from every individual
> named in an acknowledgement section of one of the antecedants
> of the documents we're updating.  Paraphrase the whole thing?
> Ain't gonna happen.)
 
>   a) We cannot submit any more I-Ds until this is fixed
>   b) We can continue to submit I-Ds, but cannot hand off to
> the IESG
>...

A common-sense reading of 5378 (not legal advice, etc., etc.)
says that it applies to all Contributions and that you aren't
supposed to be making one of those unless it conforms to the
requirements of  5378.  The definition of a Contribution [RFC
5378, Section 1(a)] is pretty much the same as it was in 3978
and earlier and very explicitly includes text intended for
posting in I-Ds.  I can't give you a legal opinion about what
you can or cannot do, but it is fairly clear that the cutoff
point applies to I-Ds and not some later step in the standards
process.

> I'd be willing to wager that, in its current mood, the WG
> would simply disband rather than deal with any of these.

That is the case that scares me, that prompted me to put up an
I-D posing an alternative in the hope that we could swiftly come
to consensus about it (or some other alternative), and get it
implemented and deployed before Bad Things Happen.   And WGs
shutting down is about the worst thing I can imagine happening
to the IETF (others may, of course, be more imaginative).

>   z) We stop updating our documents, hand over an existing I-D
> without the offensive IPR language, and hope that the
> IESG requires no changes, and use RFC errata to deal
> with the (minor) problems that we know exist in that I-D.

As I read 5378 (and understand the comments made by one of the
IPR WG document authors, the IETF Chair, and a Trustee or two),
the fact of handing that document over to the IESG would make it
subject to 5378 and would constitute an assertion on someone's
part --perhaps yours as WG Chair-- that all of the 5378 hoops
had been properly jumped through.  I would hope that, if the
IESG takes 5378 seriously, they would modify the submission
Checklist to say that explicitly if they have not already done
so.  (I don't have a clue where it would leave us if the IESG
decided it didn't want to take 5378 seriously, unless they
translated that into immediately moving it to historic, which I
gather they don't believe they have the authority to do.)

So that escape would probably not work either.

> Somehow this seems totally bogus, since the "authors" were all
> editors wo

Re: IPR Questions Raised by Sam Hartman at the IETF 73 Plenary

[Dave CROCKER]

Brian E Carpenter wrote:

On 2008-12-18 11:32, Dave CROCKER wrote:

My assumption was that the IETF owned the work.  Pure and simple.


False. You never implicitly transferred ownership.



Yes I did.  As I say, that was the culture.

Scott didn't have to come to Erik or me and ask permission, and he didn't even 
have to think about whether he was required to.  That was the culture. Law often 
follows culture, since culture creates established practice.


I do realize that that was a long time ago and that we certainly have many 
participants holding different views.


I was reviewing the history on the general belief that a crisis of the current 
sort can often be aided by taking a fresh look at first principles.




But since I've now had a number of public and private exchanges with folk who 
have been diligent participants in this topic and since none has seemed to 
understand -- nevermind embrace -- the line of discussion I've tried to raise, 
I'll go back to my observer status and let the folks who are putting the real 
effort into this continue on.


d/


--

  Dave Crocker
  Brandenburg InternetWorking
  bbiw.net
___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf

Re: IPR Questions Raised by Sam Hartman at the IETF 73 Plenary

[Randy Presuhn]

Hi -

> From: "John C Klensin" 
> To: "Randy Presuhn" ; "IETF discussion list" 
> 
> Sent: Wednesday, December 17, 2008 2:40 PM
> Subject: Re: IPR Questions Raised by Sam Hartman at the IETF 73 Plenary
...
> What gives your WG the ability to function is 5.4, where the
> Trust gives back to the IETF participants what the Trust
> received under 5.1 and 5.3.   But they can't give back what they
> don't have, so, if your WG is required to derive its permission
> to do work from 5.4 and a previous author takes a walk rather
> than making the 5.1 guarantees and 5.3 transfers _to the
> Trust_...
...

Ok, so if my understanding was incorrect, at what point must we
stop work until this is corrected?  (I can virtually guarantee that
we will not get explicit permission from every individual named
in an acknowledgement section of one of the antecedants of
the documents we're updating.  Paraphrase the whole thing?
Ain't gonna happen.)

  a) We cannot submit any more I-Ds until this is fixed
  b) We can continue to submit I-Ds, but cannot hand off to the IESG
  c) We can hand off to the IESG, but not do IETF last call
  d) We can do IETF last call, but not hand it over to the RFC editor
  e) We can hand it over to the RFC editor, but not actually publish

I'd be willing to wager that, in its current mood, the WG would simply
disband rather than deal with any of these.

  z) We stop updating our documents, hand over an existing I-D without
  the offensive IPR language, and hope that the IESG requires no
  changes, and use RFC errata to deal with the (minor) problems
  that we know exist in that I-D.

Somehow this seems totally bogus, since the "authors" were all
editors working under the direction of the working group to produce
a work for the working group.  If anything, the transfer should be from
the WG (or the IETF) to the trust, not from the people who were high-
stress typists for the WG.  Likewise, the various contributors whose
words went into the collaborative blender were doing so under the
long-standing NOTE WELL provisions, so getting their permission
again seems, well, pointless.

Randy

___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf

Re: IPR Questions Raised by Sam Hartman at the IETF 73 Plenary

[Keith Moore]

Dave CROCKER wrote:

> My assumption was that the IETF owned the work.  Pure and simple.
> 
> The IETF was free to do whatever the hell if felt like with the work and
> I retained no rights.  Use it.  Give it to another group.  Kill it. 
> Whatever.

My understanding was that IETF had a non-exclusive, transferable license
to my rights to the work as creator, including the right to make
derivative works.  But that's not the same thing as IETF owning the work.

Keith
___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf

Re: IPR Questions Raised by Sam Hartman at the IETF 73 Plenary

[Brian E Carpenter]

Dave,

On 2008-12-18 11:32, Dave CROCKER wrote:
...
> My assumption was not that the work was "available" for "IETF use".

Correct.
> 
> My assumption was that the IETF owned the work.  Pure and simple.

False. You never implicitly transferred ownership.

> 
> The IETF was free to do whatever the hell if felt like with the work and
> I retained no rights.  Use it.  Give it to another group.

Specifically, "Give it to another group." was never covered until 5378.
That's the entire problem.

   Brian

> Kill it. 
> Whatever.
> 
> Really.  That's the cultural basis that I believe formed this community
> and informed participants in it.
> 
> d/
> 
> ps.  Well, to be more complete, I assumed that IETF ownership meant that
> the document was required to be publicly available and -- though I
> didn't know the term at the time -- there was public permission for
> derivative works by whoever felt like doing the deriving.
> 
___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf

Re: IPR Questions Raised by Sam Hartman at the IETF 73 Plenary

[John C Klensin]

--On Wednesday, 17 December, 2008 14:32 -0800 Dave CROCKER
 wrote:

> My assumption was not that the work was "available" for "IETF
> use".
> 
> My assumption was that the IETF owned the work.  Pure and
> simple.
> 
> The IETF was free to do whatever the hell if felt like with
> the work and I retained no rights.  Use it.  Give it to
> another group.  Kill it.  Whatever.
> 
> Really.  That's the cultural basis that I believe formed this
> community and informed participants in it.

> ps.  Well, to be more complete, I assumed that IETF ownership
> meant that the document was required to be publicly available
> and -- though I didn't know the term at the time -- there was
> public permission for derivative works by whoever felt like
> doing the deriving.

Dave, this perspective and its implications have been debated by
every incarnation of an IPR WG (or WG including IPR issues) that
I can remember.  Many of those debates have been both lengthy
and heated.   I'm not going to rehash either the variations on
the position you state or the opposing one(s), but your summary
above is, for better or worse, definitely not what the relevant
documents from 2026 through 3978, versions of the Note Well,
etc., say.

And, if you are just now finding that out, it is more evidence
that there is something seriously wrong with how we develop,
review, and publicize specifications of this type.

  john

___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf

Re: IPR Questions Raised by Sam Hartman at the IETF 73 Plenary

[Dave CROCKER]

Fred Baker wrote:

Silly question. Is this discussion more appropriate to ietf-ipr?


Not any more.

It was.  But the result is what a number of different folk who are serious,
long-term IETF contributors consider the current situation to be a basic crisis
that prevents working on some existing docs.

That's pretty serious, Fred, and most certainly not something that should simply
be referred back to the relevant working group, with instructions to fix things.


One could argue that ietf-ipr looked at this question for two years 
prior to submitting the new boilerplate, and by missing it made it clear 
that they weren't adequate to review. That said, there was also an IETF 
last call, and none of us detected the issue until Sam brought it up.


This is at least the second time someone has tried to invoke the "well, it went
through IETF Last Call" as some sort of presumably meaningful, reference,
presumably with respect to shared blame or shared understanding or share
something.

We really need to stop making those observations, since they have nothing to do
with fixing the current problem, except to warn us that whatever we did before
didn't work adequately, in spite of extensive, diligent effort.



But really - isn't this about IPR?


Fred, when a team produces diligent effort and a failed product, is the usual
management response to simply ask them to try again?  That's not what I'm used
to seeing in the real world and I'll bet it is not what anyone who work for a
successful company is used to, either.  Especially when the effort was by folks
working outside of their area of expertise.

Whatever it is that produced the current situation, we should try to avoid
repeating it.

d/

--

  Dave Crocker
  Brandenburg InternetWorking
  bbiw.net
___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf

Re: IPR Questions Raised by Sam Hartman at the IETF 73 Plenary

[John C Klensin]

--On Wednesday, 17 December, 2008 13:05 -0800 Dave CROCKER
 wrote:

> John C Klensin wrote:
>> But both your comments and that "can't get it right" issue
>> just reinforce my view that we either need an escape
>> mechanism for old text or need a model in which the Trust,
>> not the submitters, take responsibility for text Contributed
>> to the IETF under older rules. For the record, I don't know
>> how to make the latter work (partially because, like you, I
>> try to avoid simulating a lawyer) and am not proposing it.  
 
> I have held off proposing this latter view, because I've
> assumed it was obvious and that those expert in the legal
> issues rejected it.
> 
> But from a practical standpoint, it is the most accurate
> representation of work done on IETF documents (within the
> working gorup structure.)
>...

An extreme (or not-so-extreme) version of this model is used by
most of the traditional standards bodies.  They use a formal
membership or participation agreement to [try to] establish the
principle that anything done for the standards body is work for
hire (for the standards body) and hence belongs to that
standards body from the moment it is written.

It has been proposed to several iterations of IPR WGs as a
mechanism that has considerable history if the WG really wants
the copyrights and sublicensing rights in the hands of the IETF
(which 5378 does, but nothing previous did).  It has never
gotten traction.   I don't know (or don't recall) if that is
because the WGs found the idea distasteful, because legal
counsel didn't believe it would hold up without signed
membership agreements, or a combination of  the two.

In fairness, if what became 5378 had been modeled on a "work for
hire and it all just belongs to the IETF" structure, rather than
the more elaborate and complex (IMO) system it uses, it wouldn't
change the problem we have today in any significant way.  Old
documents would still not be covered by the new rules.  If, like
5378, that hypothetical document contained a requirement that
people get the new rights from prior contributors rather than
somehow grandfathering their text, we would, I believe, still be
having exactly the same discussion.

I personally believe that the basic problem we are facing stems
from a problem that the IETF understands extremely well --at
least well enough to debate early, openly, and clearly-- for
technical specifications.  If there is an installed base (in
this case, some 4000+ RFCs that were written under the old rules
and assumptions), we don't generate a new specification that
ignores the installed base or that assumes that a transition can
occur on a flag day basis by retrofitting all earlier deployed
implementations if they are to be used after it.   The analogy
is not exact, but it appear to me that it is exactly what 5378
attempts to do.

> Let me carry it further:  When Erik Huizer and I wrote the
> first IETF Working Group Guidelines document, it was at our
> initiative.  (Well, really, Erik's.) When it was adopted by
> the IETF, I automatically assumed that the IETF owned it.
>...

The following is an attempt to provide a simplified explanation
of the relationship of 5378 to prior work, avoiding (for this
note) any opinion about whether the 5378 model is a good or bad
idea or how to get there in practice.  It should also be
considered to be covered by the usual disclaimers: IANAL, this
is not either legal advice or a legal opinion and, most
important, it is a quick summary that skips over details that I
don't consider important but about which others might disagree.

The assumption that you made was ultimately that work done for
or within the IETF was available for IETF use.  That assumption
is consistent with both long-term practice and with explicit
provisions in documents going back at least to 2026, the Note
Well (at least before today), and so on.  Pragmatically, if 5378
works, it doesn't change that at all. When Scott went to do his
version, he probably had some moral obligation to consult you
and Erik, to ask if you wanted to be involved directly, etc.,
but he was assumed to have no legal (copyright or otherwise)
obligation because he was reusing IETF text for IETF purposes.

The issues that drove 5378 have to do with non-IETF uses of text
from these documents.  For example, if someone on the other side
of the world decided to create an Intranet Dead Horse Kicking
Task Force and wanted to use significant text from the Working
Group Guidelines, and use that material by copy, not by
reference, would they have to ask for permission and, if so,
from whom?

Prior to 5378, the answer was that, if the folks intending this
non-IETF use were being careful, they would have to track down
and ask you, Erik, and Scott for permission.  If they chose to
not be careful, it would be their problem, not the IETF's (or
the Trust's, or yours, etc.)  If the document had been written
for the first time post-5378, they would need to ask only the
Trustees of the 

Re: IPR Questions Raised by Sam Hartman at the IETF 73 Plenary

[Dave CROCKER]

Randy Presuhn wrote:
That is:  Working groups are part of the IETF and 'authors' of working group 
documents are acting as  when writing IETF documents.agents of the IETF.  While 


I assume the missing word is "editors"


fooey.  thanks for catching that. very sorry i didn't.

no, I meant to have it read "are acting as agents of the IETF, when writing IETF 
documents.


(For reference, I do not see the presence of the "editor" label as having any 
material impact on the nature of "ownership" of the text.



So when Scott Bradner did the revision to the IETF Working Group Guidelines 
document the idea that he had a legal obligation to get our permission would 
have -- and certainly now does -- strike me as silly.


Particularly since the permission to create derivative works and successor
standards has been granted as part of the boilerplate for a long long time.


I'm not sure whether it dates as far back as when we wrote that doc.  But my 
real point is that it doesn't matter, in terms of what I, as an IETF 
participant, thought was the situation.



d/
--

  Dave Crocker
  Brandenburg InternetWorking
  bbiw.net
___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf

Re: IPR Questions Raised by Sam Hartman at the IETF 73 Plenary

[Randy Presuhn]

Hi -

> From: "Dave CROCKER" 
> To: "John C Klensin" 
> Cc: "IETF discussion list" 
> Sent: Wednesday, December 17, 2008 1:05 PM
> Subject: Re: IPR Questions Raised by Sam Hartman at the IETF 73 Plenary
...
> That is:  Working groups are part of the IETF and 'authors' of working group 
> documents are acting as  when writing IETF documents.agents of the IETF.  
> While 

I assume the missing word is "editors"

> there might be underlying intellectual property owned by the companies that 
> authors work for, the actual document is commissioned by, and copyright 
> should 
> be owned by, the IETF.

AMEN!
 
> Let me carry it further:  When Erik Huizer and I wrote the first IETF Working 
> Group Guidelines document, it was at our initiative.  (Well, really, Erik's.) 
> When it was adopted by the IETF, I automatically assumed that the IETF owned 
> it.

That has always been my understanding regarding work I've done for the IETF.
 
> That is, after all, what we assert when outside technology is brought into 
> the 
> IETF and we insist that they are handing over "change control". What is 
> change 
> control if not the authority to make changes to the document?

Yup.
 
> So when Scott Bradner did the revision to the IETF Working Group Guidelines 
> document the idea that he had a legal obligation to get our permission would 
> have -- and certainly now does -- strike me as silly.

Particularly since the permission to create derivative works and successor
standards has been granted as part of the boilerplate for a long long time.
 
> That's me talking as a participant, about pragmatics, not me pretending to be 
> a 
> attorney, talking about copyright law.

Ditto.  Consequently, as a WG co-chair who wants his WG to finish up 
in this century, I read RFC 5378 section 5.3 as giving working
groups what they need so they can ignore all this stuff about tracking
down long-gone contributors, and that it's merely a re-incarnation of what
has long been the intent behind the NOTE WELL text.

One can easily imagine a situation in which a disgruntled party named
as a contributor in an early version of work might refuse to give permission
under some readings of an RFC 5378 regime, effectively killing the work.
As John says, paraphrase is *not* a realistic option, especially with 
carefully-crafted
WG compromise text.

Randy

___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf

Re: IPR Questions Raised by Sam Hartman at the IETF 73 Plenary

[Dave CROCKER]

John C Klensin wrote:

The assumption that you made was ultimately that work done for
or within the IETF was available for IETF use. 

...

The issues that drove 5378 have to do with non-IETF uses of text
from these documents.  For example, if someone on the other side
of the world decided to create an Intranet Dead Horse Kicking
Task Force and wanted to use significant text from the Working
Group Guidelines, and use that material by copy, not by
reference, would they have to ask for permission and, if so,
from whom?



My assumption was not that the work was "available" for "IETF use".

My assumption was that the IETF owned the work.  Pure and simple.

The IETF was free to do whatever the hell if felt like with the work and I 
retained no rights.  Use it.  Give it to another group.  Kill it.  Whatever.


Really.  That's the cultural basis that I believe formed this community and 
informed participants in it.


d/

ps.  Well, to be more complete, I assumed that IETF ownership meant that the 
document was required to be publicly available and -- though I didn't know the 
term at the time -- there was public permission for derivative works by whoever 
felt like doing the deriving.


--

  Dave Crocker
  Brandenburg InternetWorking
  bbiw.net
___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf

Re: IPR Questions Raised by Sam Hartman at the IETF 73 Plenary

[Dave CROCKER]

Fred Baker wrote:

Silly question. Is this discussion more appropriate to ietf-ipr?


Not any more.

It was.  But the result is what a number of different folk who are serious, 
long-term IETF contributors consider the current situation to be a basic crisis 
that prevents working on some existing docs.


That's pretty serious, Fred, and most certainly not something that should simply 
be referred back to the relevant working group, with instructions to fix things.



One could argue that ietf-ipr looked at this question for two years 
prior to submitting the new boilerplate, and by missing it made it clear 
that they weren't adequate to review. That said, there was also an IETF 
last call, and none of us detected the issue until Sam brought it up.


This is at least the second time someone has tried to invoke the "well, it went 
through IETF Last Call" as some sort of presumably meaningful, reference, 
presumably with respect to shared blame or shared understanding or share 
something.


We really need to stop making those observations, since they have nothing to do 
with fixing the current problem, except to warn us that whatever we did before 
didn't work adequately, in spite of extensive, diligent effort.




But really - isn't this about IPR?


Fred, when a team produces diligent effort and a failed product, is the usual 
management response to simply ask them to try again?  That's not what I'm used 
to seeing in the real world and I'll bet it is not what anyone who work for a 
successful company is used to, either.  Especially when the effort was by folks 
working outside of their area of expertise.


Whatever it is that produced the current situation, we should try to avoid 
repeating it.


d/

--

  Dave Crocker
  Brandenburg InternetWorking
  bbiw.net
___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf

Leveraging content and developing voice: new publication(s)?

[Leslie Daigle]

Among the things that ISOC focuses on is broadening the audience for 
credible Internet technical information -- IETF material, eg through the 
IETF Journal; getting Internet model information injected into global 
public policy discussions etc.


As part of an effort to explore whether there might be value in us 
putting together some new form of publication, we have engaged

Rockbridge Associates to conduct research to learn more about
our community stays informed about technology, and how ISOC can
help.

If you have thoughts about how the IETF's work could or should be 
brought to more visibility through such a publication, please feel free

to participate in this research study by following this link:

http://survey.confirmit.com/wix/p767752991.aspx


Thanks,
Leslie.


Leslie Daigle
Chief Internet Technology Officer
Internet Society
dai...@isoc.org


--

---
"Reality:
 Yours to discover."
-- ThinkingCat
Leslie Daigle
les...@thinkingcat.com
---
___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf

Re: IPR Questions Raised by Sam Hartman at the IETF 73 Plenary

[Keith Moore]

Dave CROCKER wrote:

> What is change control if not the authority to make changes to the
> document?

exactly.  or to use copyright terminology, the right to make derivative
works.

Keith
___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf

Re: IPR Questions Raised by Sam Hartman at the IETF 73 Plenary

[Dave CROCKER]

John C Klensin wrote:

But both your comments and that "can't get it right" issue just
reinforce my view that we either need an escape mechanism for
old text or need a model in which the Trust, not the submitters,
take responsibility for text Contributed to the IETF under older
rules. For the record, I don't know how to make the latter work
(partially because, like you, I try to avoid simulating a
lawyer) and am not proposing it.  



I have held off proposing this latter view, because I've assumed it was obvious 
and that those expert in the legal issues rejected it.


But from a practical standpoint, it is the most accurate representation of work 
done on IETF documents (within the working gorup structure.)


That is:  Working groups are part of the IETF and 'authors' of working group 
documents are acting as  when writing IETF documents.agents of the IETF.  While 
there might be underlying intellectual property owned by the companies that 
authors work for, the actual document is commissioned by, and copyright should 
be owned by, the IETF.


Let me carry it further:  When Erik Huizer and I wrote the first IETF Working 
Group Guidelines document, it was at our initiative.  (Well, really, Erik's.) 
When it was adopted by the IETF, I automatically assumed that the IETF owned it.


That is, after all, what we assert when outside technology is brought into the 
IETF and we insist that they are handing over "change control". What is change 
control if not the authority to make changes to the document?


So when Scott Bradner did the revision to the IETF Working Group Guidelines 
document the idea that he had a legal obligation to get our permission would 
have -- and certainly now does -- strike me as silly.


That's me talking as a participant, about pragmatics, not me pretending to be a 
attorney, talking about copyright law.


d/

--

  Dave Crocker
  Brandenburg InternetWorking
  bbiw.net
___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf

Re: IPR Questions Raised by Sam Hartman at the IETF 73 Plenary

[Joel M. Halpern]

Based on the discussion I have seen, an escape mechanism for old text 
that really can not be processed otherwise is probably reasonable.
However, if we are making an effort to retain the work that was done, my 
personal take is that the barrier to that escape mechanism has to be 
high enough that it is worth-while for folks to actually try to follow 
the community agreement.


And I will happily leave it to the alwyer to tell us whose signoffs 
folks need.  (While I have guesses, they are just that.)


Joel

John C Klensin wrote:

Marshall,

I completely agree.  I also don't want to have us start down the
path of rewriting text: most of what the IETF produces are
technical documents, not works of fiction, and the odds
significant rewriting screwing things up are high, perhaps a
near-certainty.

I also share your dislike for provisions whose validity we can
even guess at until they end up in front of a court.   I don't
know what to do about that other that to rely on advice of
Counsel, but that doesn't stop me from preferring "this is a
well-tested approach" to "we hope it will work out this way".

But both your comments and that "can't get it right" issue just
reinforce my view that we either need an escape mechanism for
old text or need a model in which the Trust, not the submitters,
take responsibility for text Contributed to the IETF under older
rules. For the record, I don't know how to make the latter work
(partially because, like you, I try to avoid simulating a
lawyer) and am not proposing it.  But, logically, it might be
the other possibility here.

john
  


--On Wednesday, 17 December, 2008 13:02 -0500 Marshall Eubanks
 wrote:


Dear John;

 From your email :

On Dec 17, 2008, at 12:16 PM, John C Klensin wrote:


(iii) Rewrite the document to remove any copyright
dependencies on text whose status is uncertain or for
which rights transfers are significantly difficult.


This is a dangerous solution, and may not be one at all.

My mantra on these issues is : Engineers should not try and be
lawyers.
...


___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf


___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf

Re: IPR Questions Raised by Sam Hartman at the IETF 73 Plenary

[John C Klensin]

Marshall,

I completely agree.  I also don't want to have us start down the
path of rewriting text: most of what the IETF produces are
technical documents, not works of fiction, and the odds
significant rewriting screwing things up are high, perhaps a
near-certainty.

I also share your dislike for provisions whose validity we can
even guess at until they end up in front of a court.   I don't
know what to do about that other that to rely on advice of
Counsel, but that doesn't stop me from preferring "this is a
well-tested approach" to "we hope it will work out this way".

But both your comments and that "can't get it right" issue just
reinforce my view that we either need an escape mechanism for
old text or need a model in which the Trust, not the submitters,
take responsibility for text Contributed to the IETF under older
rules. For the record, I don't know how to make the latter work
(partially because, like you, I try to avoid simulating a
lawyer) and am not proposing it.  But, logically, it might be
the other possibility here.

john
  

--On Wednesday, 17 December, 2008 13:02 -0500 Marshall Eubanks
 wrote:

> Dear John;
> 
>  From your email :
> 
> On Dec 17, 2008, at 12:16 PM, John C Klensin wrote:
> 
>>  (iii) Rewrite the document to remove any copyright
>>  dependencies on text whose status is uncertain or for
>>  which rights transfers are significantly difficult.
>>  
> 
> This is a dangerous solution, and may not be one at all.
> 
> My mantra on these issues is : Engineers should not try and be
> lawyers.
>...

___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf

Re: The internet architecture

[Scott Brim]

Mark Seery allegedly wrote on 11/30/08 10:38 AM:
> Some questions have also risen WRT identity:
> 
> http://www.potaroo.net/presentations/2006-11-30-whoareyou.pdf
> 
> Is identity a network level thing or an application level thing?

Whatever.  All of the above.  There are many possible ways to use
identifiers, particularly for "session" (whatever that is, at whatever
layer) authentication and re-authentication.  The point to
locator/identifier separation is primarily to get identification-related
functions to stop depending on location-dependent tokens, i.e. locators.
 Once that's done, they can use anything they like -- and they do :-).

Scott
___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf

Re: http://www.ietf.org/maillist.html contains old NOTE WELL text

[Julian Reschke]

Ray Pelletier wrote:

...

It will be updated today.

Ray
...


Indeed.

At this point, I think, people on IETF mailing lists need to be informed 
about the IPR change as well. I don't believe everybody is following 
this discussion.


BR, Julian
___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf

Re: IPR Questions Raised by Sam Hartman at the IETF 73 Plenary

[Dave CROCKER]

John C Klensin wrote:

I agree that there were perceived problems that needed to be
fixed.  I think you have given a good summary of most of them.
It is exactly for that reason that I did not propose rolling
back 5378 (or 5377).  



Unfortunately, we do not get to pick and choose the parts of a problematic 
standard that we like.  The thing is in force.  We have a crisis because of it. 
 While we had some problems before it went into force, we did not have any crises.


By pursuing a path of "use whichever you want" we wind up adding more ambiguity 
and, therefore, fuzziness, to an already seriously broken situation.



Folks,

We are stuck in the midst of a classic decision-making error, revolving around 
sunk costs  which leads to persistent 
efforts to fix the unfixable.


Gosh, only a little more effort or a small band-aid here or there, will take 
away the immediate problem.


In reality, tenacity due to a desire to save the invested effort is that it 
virtually never results in a real fix.


We need to reverse the current spec, go back to the one that worked fine (for 
the cases it covered) and re-think how to handle the new stuff.


To repeat:  The idea that anyone would think it viable to have a potentially 
small -bis effort need to rewrite potentially large portions of the original 
text demonstrates just how stuck in the mire we are, with no clue how to get out.


d/
--

  Dave Crocker
  Brandenburg InternetWorking
  bbiw.net
___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf

Re: IPR Questions Raised by Sam Hartman at the IETF 73 Plenary

[John C Klensin]

--On Wednesday, 17 December, 2008 12:31 -0500 Sam Hartman
 wrote:

>> "Dave" == Dave CROCKER  writes:
> 
> Dave> Joel M. Halpern wrote:
> >> Yes, having to get rights from folks is a pain.
> 
> 
> Dave> When the person is not longer available, the effect
> is more Dave> than discomfort.
> 
> 
> Strictly speaking, that's not actually true.  We're talking
> about copyright here; you can rewrite the ideas in your own
> words and avoid needing to worry about rights.  Rewriting some
> ideas in your own words might involve some significant
> discomfort, but it is doable.

Well, sort of.  Let me return to my current favorite example.
My (very) crude estimate is that RFC 5321 is about 20% Jon
Postel's text.  It is a 90-ish page document, so that is 15+
pages (my arithmetic isn't bad, I'm making some guesses about
boilerplate, table of contents, etc.), not a few paragraphs to
be rewritten.  In addition, the DRUMS WG that was responsible
for 2821 and the mailing list that was responsible for 5321
repeatedly made decisions to not make unnecessary textual
changes for fear or making subtle errors.  The judgment about
the risks associated with rewrites is the sort of technical
judgment that WGs are expected to make; it isn't a copyright
matter.  I assume they would be similarly resistant to
rewriting that much text into my own words.

The bottom line is that, for many documents, the plausible
choices aren't between "incur a little pain" and "rewrite text
into one's own words".   They are between "obtain releases that
are nearly impossible to obtain without investments of
considerable time, money, and other resources" and "abandon
document".  

That is going to leave individual authors, and the IETF, with a
decision about whether the universal implementation of RFC 5378
is important enough to not advance or revise some documents.  I
don't think so.  I don't even like the idea of having to make
that choice.  YMMD

john





___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf

Re: IPR Questions Raised by Sam Hartman at the IETF 73 Plenary

[Marshall Eubanks]

Dear John;

From your email :

On Dec 17, 2008, at 12:16 PM, John C Klensin wrote:


(iii) Rewrite the document to remove any copyright
dependencies on text whose status is uncertain or for
which rights transfers are significantly difficult.



This is a dangerous solution, and may not be one at all.

My mantra on these issues is : Engineers should not try and be lawyers.
(And, lawyers should not try and be engineers.) I try to follow it  
personally, as I
am definitely not a lawyer (and, of course, I am not referring to  
anyone who is cross-trained).


But I do know this - merely rewriting a document is not necessarily  
enough to remove copyright
dependancies. J.K. Rowling, for example, won a suit against someone  
who wrote a Lexicon of

her work :




If this actually became an issue, it would be decided by a court, and  
I would not regard either myself or the vast
majority of IETF contributors as competent to judge how a court would  
react to any given rewriting of an RFC

if it went to trial.

Regards
Marshall


___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf

Re: IPR Questions Raised by Sam Hartman at the IETF 73 Plenary

[Dave CROCKER]

Sanm,

I believe it has already been observed by others that this is not a reasonable 
scenario.


However your response does provide a good example of just how badly the latest 
model is broken.


d/

Sam Hartman wrote:

"Dave" == Dave CROCKER  writes:


Dave> Joel M. Halpern wrote:
>> Yes, having to get rights from folks is a pain.


Dave> When the person is not longer available, the effect is more
Dave> than discomfort.


Strictly speaking, that's not actually true.  We're talking about
copyright here; you can rewrite the ideas in your own words and avoid
needing to worry about rights.  Rewriting some ideas in your own words
might involve some significant discomfort, but it is doable.



--

  Dave Crocker
  Brandenburg InternetWorking
  bbiw.net
___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf

5378: A worked example

[Eric Rescorla]

Having recently completed TLS 1.2 (RFC 5246), I thought it would be worth
going through the thought experiment of what it would be like to
submit it under the RFC 5378 terms. As I understand the general
consensus, if I were to submit RFC 5246bis, I would need to get
approval under the new terms from everyone who made a substantial
contribution to the original document (the bulk of which dates back to
TLS 1.0 in 1999). I don't have an exhaustive list, but this presumably
includes at minimum everyone listed in the Contributors section on
pages 101-102.

That list contains 14 names. Let's say that I have a 95% chance of
getting any one of those people to give consent. The joint probability
that I will obtain all the required consents is .95^14, less than 1/2.

-Ekr
___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf

Re: [tae] The Great Naming Debate (was Re: The internet architecture)

[Melinda Shore]

Hallam-Baker, Phillip wrote:
10.1.2.3 is simply a string litteral that may be used in place of a 
DNS name. In neither case should the application require knowledge of 
the IP address itself. In fact you don't want that as at some point in 
the distant future, 10.1.2.3 is actually going to map to an IPv6 
address, not an IPv4 address.


While I take your point in general, I do think it should
be pointed out that DNS names are resolved prior to
connection establishment through a directory lookup,
while addresses are routed.

Melinda

___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf

Re: IPR Questions Raised by Sam Hartman at the IETF 73 Plenary

[Peter Saint-Andre]

Sam Hartman wrote:
>> "Dave" == Dave CROCKER  writes:
> 
> Dave> Joel M. Halpern wrote:
> >> Yes, having to get rights from folks is a pain.
> 
> 
> Dave> When the person is not longer available, the effect is more
> Dave> than discomfort.
> 
> 
> Strictly speaking, that's not actually true.  We're talking about
> copyright here; you can rewrite the ideas in your own words and avoid
> needing to worry about rights.  Rewriting some ideas in your own words
> might involve some significant discomfort, but it is doable.

Given the care with which text is often drafted within a WG and the
requirement for often hard-won consensus regarding such text, I am
skeptical that such text can be rewritten to capture the same ideas and
still retain consensus.

Peter

___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf

Re: IPR Questions Raised by Sam Hartman at the IETF 73 Plenary

[Sam Hartman]

> "Dave" == Dave CROCKER  writes:

Dave> Joel M. Halpern wrote:
>> Yes, having to get rights from folks is a pain.


Dave> When the person is not longer available, the effect is more
Dave> than discomfort.


Strictly speaking, that's not actually true.  We're talking about
copyright here; you can rewrite the ideas in your own words and avoid
needing to worry about rights.  Rewriting some ideas in your own words
might involve some significant discomfort, but it is doable.
___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf

Re: IPR Questions Raised by Sam Hartman at the IETF 73 Plenary

[John C Klensin]

--On Tuesday, 16 December, 2008 22:08 -0500 "Joel M. Halpern"
 wrote:

> I have a very different view of this situation, and disagree
> wstrongly with John's recommended "fix" (or the equivalent fix
> of completely rolling back 5378 and 5377.)
> 
> First and foremost, it should be kept in ming by anyone
> reading this that the IPR working was convened by the then
> IETF chair, and continued by succeeding chairs because there
>...
> Secondly, giving people a choice of terms is basically going
> to create confusion.  For example, one of the issues raised in
> the working group was that our previous rights grant appeared
> not to properly allow folks to modify code.  And it required
> them to include things in used code that made it hard to use
>...
> Yes, having to get rights from folks is a pain.
> But if we are not willing to push to do that, then we might as
> well consider that the rights granted to the IETF are locked
> in stone forever, and can never be upgraded, because it will
> never happen.
>...

Joel,

Let me make my personal position on this, and the reason for my
draft, clear, since it obviously was not to you (and therefore I
presume others).

I agree that there were perceived problems that needed to be
fixed.  I think you have given a good summary of most of them.
It is exactly for that reason that I did not propose rolling
back 5378 (or 5377).  My comments about that move in my response
to Dave was to point out that it was impractical, not to
advocate it even if it was.  Please read the draft.

I have two major objections to 5378 as it turned out and as I
now understand things.  The first is that there will be cases in
which obtaining permission from previous authors or contributors
is effectively impossible, rather than merely inconvenient (if
it were merely a pain, I might be annoyed, but I wouldn't be
complaining or proposing alternatives at this late date).  But
we have situations in which people have died and getting those
rights would require action of probate courts; situations in
which companies that might have controlled those rights have
gone out of business, leaving complicated (and probably
expensive-to-resolve) legal questions about who can actually
grant the rights today; and situations in which people have
departed from companies under tense circumstances and would find
it extremely difficult (not merely "a pain") to go back and ask
for additional rights for the IETF.

5378 provides no waiver mechanisms or escape hatches for those
kinds of situations.  If someone is taking it seriously, they
are left with a choice:

(i) Go to the time and expense to obtain the rights,
despite obstacles and, if the rights available and their
ownership are ambiguous, assume the risks of making the
assertions and posting the document. 

(ii) Decide that the provisions of RFC 5378 are really
not intended to be taken seriously and just go ahead and
post the document without worrying about those
contributors whose permission is impractical to obtain.

(iii) Rewrite the document to remove any copyright
dependencies on text whose status is uncertain or for
which rights transfers are significantly difficult.

(iv)  Take a walk and abandon the document.

Now, assuming that you think 5378 is to be taken seriously (your
note certainly implies that), I infer that you think either (i)
or (iii) will happen.  Especially after noting that rewriting
significant amounts of text creates considerable risk of
introducing errors (e.g., for technical reasons, a WG might not
stand for a rewrite even if the author/editor were willing to do
it), I am less optimistic.   Losing even a single document that
way is not, IMO, good for the IETF.  Of course, you may disagree
and believe that these new IPR rules and the way they are
structured is more important.


Second, the structure of the new rules appears to require me, as
a submitting author, to make assertions that go well beyond
anything that has been required in the past.   Prior to 5378, I
could rely on custom (and sometimes contract) since the
beginning of the RFC series and, since 2026 and certainly since
the Note Well started being used, on them to know that previous
contributors had granted rights to the IETF to do the IETF's
work.   Consequently, if, for example, I started a new draft by
incorporating pieces of a published RFC, I could reasonably
expect that the rights were in place for all prior contributions
and go ahead and submit the document with only concern about new
contributions, especially mine.  I didn't even need to know who
the previous contributors were.   

Now we are in a position in which _no_ document posted before
the beginning of last month has the 5378 rights associated with
its content unless people have generated an explicit release.
And I have to assert that I've made an effort (consistent with
someone's interpretation of w

Re: The internet architecture

[Keith Moore]

Ken Raeburn wrote:
> On Dec 17, 2008, at 11:01, Keith Moore wrote:
>>> One could possibly extend getaddrinfo() or make something a bit similar.
>>> getaddrinfo() is perhaps already becoming too complex though. A neat
>>> thing with extending getaddrinfo() could be to make existing code use
>>> SRV without changes. Not exactly sure if that is good or not...
>>
>> It's not.  And I've heard rumors that some implementations of
>> getaddrinfo() already do this - which is a good reason to not use it
>> at all.
> 
> Well, if you want portable code with consistent behavior, you can't use
> getaddrinfo with both host and service names specified, and you still
> have to do the SRV queries some other way.  But it may still be the most
> portable way to do thread-safe IPv4+IPv6 address resolution.

Mumble. I have also seen a getaddrinfo() implementation that would fail
if you passed it a literal port number, if that port wasn't listed in
/etc/services.  I kept wondering if they were trying to look up the
service name so they could do an SRV query on that.

Keith
___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf

Re: The internet architecture

[Ken Raeburn]

On Dec 17, 2008, at 11:01, Keith Moore wrote:
One could possibly extend getaddrinfo() or make something a bit  
similar.

getaddrinfo() is perhaps already becoming too complex though. A neat
thing with extending getaddrinfo() could be to make existing code use
SRV without changes. Not exactly sure if that is good or not...


It's not.  And I've heard rumors that some implementations of
getaddrinfo() already do this - which is a good reason to not use it  
at all.


Well, if you want portable code with consistent behavior, you can't  
use getaddrinfo with both host and service names specified, and you  
still have to do the SRV queries some other way.  But it may still be  
the most portable way to do thread-safe IPv4+IPv6 address resolution.


I originally thought I wouldn't mind seeing a flag for getaddrinfo in  
some future spec that means "do (not) look up SRV records for host 
+service", but I don't think you'd get consistent defaults implemented  
across all the existing implementations, some of which already do SRV  
records and some of which don't; maybe we'd need both "do" and "do  
not" flags.  And it still wouldn't help you with looking up  
"_sip._tls.example.com", so you still wind up wanting the additional  
API.  Still, a shortcut in getaddrinfo for the simple and most common  
cases might be handy if it could be controlled.


So far as I can tell, getaddrinfo with only host *or* service name  
specified is still portable and consistent... if you keep in mind the  
differences between the different versions of the specs that have been  
implemented.


Ken
___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf

Re: http://www.ietf.org/maillist.html contains old NOTE WELL text

[Ray Pelletier]

On Dec 17, 2008, at 10:16 AM, Simon Josefsson wrote:


Webmaster,

Julian noticed that this page contains the old NOTE WELL text.
According to:

http://www.ietf.org/mail-archive/web/ietf-announce/current/msg05509.html

The new NOTE WELL text have been updated.


It will be updated today.

Ray





Julian Reschke  writes:


Simon Josefsson wrote:

...
The NOTE WELL refers to BCP 78 so it is has already been extended to
cover the new expanded rights, hasn't it?
...


As of today,  states:

All IETF Contributions are subject to the rules of RFC 3978  
(updated by RFC 4748) and RFC 3979(updated by RFC 4879).


Statements made outside of an IETF session, mailing list or other  
function, that are clearly not intended to be input to an IETF  
activity, group or function, are not IETF Contributions in the  
context of this notice.


Please consult RFC 3978 (and RFC 4748) for details.


So there's no mention of BCP 78, nor of the new RFC.


Sigh.


And even if there was, I would have thought that a change of the IPR
rules would require a notification to be sent to all official mailing
lists -- otherwise how would the average IETF contributor ever know
about this change???


By reading ietf-announce and the notification of RFC 5378, I suppose.

However, I don't think that meets the legal requirement that every
participant should have "reasonable" been exposed to the text.   
Posting

the new text to every list reduces the IETF's liabilities here, when
someone argues they have not seen the NOTE WELL text.

I think it is clear that participants at IETF 73 have not reasonable
seen the new NOTE WELL since that text wasn't (as far as I know)
available at that time.  In fact, I still do not know where the new  
NOTE

WELL is available from...  In fact, searching for "note well rfc 5378"
doesn't result in anything useful.

/Simon
___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf


___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf

Re: IPR Questions Raised by Sam Hartman at the IETF 73 Plenary

[Dave CROCKER]

Joel M. Halpern wrote:

Yes, having to get rights from folks is a pain.



When the person is not longer available, the effect is more than discomfort.

d/
--

  Dave Crocker
  Brandenburg InternetWorking
  bbiw.net
___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf

Re: The internet architecture

[Keith Moore]

Stig Venaas wrote:
> I would have liked some standard API for looking up SRV records. It's
> hard to use SRV in portable applications. 

In general there is a need for a standard, general purpose API for DNS
queries - one that lets you query for arbitrary record types.  It also
needs to be thread safe and to work in an

> 
> One could possibly extend getaddrinfo() or make something a bit similar.
> getaddrinfo() is perhaps already becoming too complex though. A neat
> thing with extending getaddrinfo() could be to make existing code use
> SRV without changes. Not exactly sure if that is good or not...

It's not.  And I've heard rumors that some implementations of
getaddrinfo() already do this - which is a good reason to not use it at all.

Keith
___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf

Re: The internet architecture

[Stig Venaas]

Rémi Després wrote:
> Christian Vogt  -  le (m/j/a) 12/4/08 10:26 AM:
>> In any case, your comment is useful input, as it shows that calling the
>> proposed stack architecture in [1] "hostname-oriented" may be wrong.
>> Calling it "service-name-oriented" -- or simply "name-oriented" -- may
>> be more appropriate.  Thanks for the input.
> Full support for the idea of a *name-oriented architecture*.
> 
> In it, the locator-identifier separation principle applies naturally:
> names are the identifiers; addresses, or addresses plus ports,  are the
> locators.
> 
> Address plus port locators are tneeded to reach applications in hosts
> that have to share their IPv4 address with other hosts ( e.g. behind a
> NAT with configured port-forwarding.)
> 
> *Service-names* are the existing tool to advertise address plus port
> locators, and and to permit efficient multihoming because, in *SRV
> records* which are returned by the DNS to service-name queries:
> - several  locators  can be received for one name, possibly with a mix
> of IPv4 and IPv6
> - locators can include port numbers
> - priority and weight parameters of locators provide for backup and load
> sharing control.
> 
> IMO, service names and SRV records  SHOULD be supported asap in all
> resolvers (in addition to host names and A/ records that they
> support today).
> Any view on this?

I would have liked some standard API for looking up SRV records. It's
hard to use SRV in portable applications. I've been wondering if that is
something we could do in the IETF, but would probably have to involve or
be discussed with the POSIX/Austin Group guys.

One could possibly extend getaddrinfo() or make something a bit similar.
getaddrinfo() is perhaps already becoming too complex though. A neat
thing with extending getaddrinfo() could be to make existing code use
SRV without changes. Not exactly sure if that is good or not...

Stig

> 
> Regards,
> RD
> 
> 
> 
> 
> ___
> Ietf mailing list
> Ietf@ietf.org
> https://www.ietf.org/mailman/listinfo/ietf


___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf

5378: A Worked Example

[Eric Rescorla]

[Resending from an account that should work]

Having recently completed TLS 1.2 (RFC 5246), I thought it would be
worth going through the thought experiment of what it would be like to
submit it under the RFC 5378 terms. As I understand the general
consensus, if I were to submit RFC 5246bis, I would need to get
approval under the new terms from everyone who made a substantial
contribution to the original document (the bulk of which dates back to
TLS 1.0 in 1999). I don't have an exhaustive list, but this presumably
includes at minimum everyone listed in the Contributors section on
pages 101-102.

That list contains 14 names. Let's say that I have a 95% chance of
getting any one of those people to give consent. The joint probability
that I will obtain all the required consents is .95^14, less than 1/2.
I imagine the situation is similar for other large, old
documents such as RFC 3261 (SIP) or 2616 (HTTP).

-Ekr
___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf

http://www.ietf.org/maillist.html contains old NOTE WELL text

[Simon Josefsson]

Webmaster,

Julian noticed that this page contains the old NOTE WELL text.
According to:

http://www.ietf.org/mail-archive/web/ietf-announce/current/msg05509.html

The new NOTE WELL text have been updated.

Julian Reschke  writes:

> Simon Josefsson wrote:
>> ...
>> The NOTE WELL refers to BCP 78 so it is has already been extended to
>> cover the new expanded rights, hasn't it?
>> ...
>
> As of today,  states:
>
>> All IETF Contributions are subject to the rules of RFC 3978 (updated by RFC 
>> 4748) and RFC 3979(updated by RFC 4879).
>>
>> Statements made outside of an IETF session, mailing list or other function, 
>> that are clearly not intended to be input to an IETF activity, group or 
>> function, are not IETF Contributions in the context of this notice.
>>
>> Please consult RFC 3978 (and RFC 4748) for details. 
>
> So there's no mention of BCP 78, nor of the new RFC.

Sigh.

> And even if there was, I would have thought that a change of the IPR
> rules would require a notification to be sent to all official mailing
> lists -- otherwise how would the average IETF contributor ever know
> about this change???

By reading ietf-announce and the notification of RFC 5378, I suppose.

However, I don't think that meets the legal requirement that every
participant should have "reasonable" been exposed to the text.  Posting
the new text to every list reduces the IETF's liabilities here, when
someone argues they have not seen the NOTE WELL text.

I think it is clear that participants at IETF 73 have not reasonable
seen the new NOTE WELL since that text wasn't (as far as I know)
available at that time.  In fact, I still do not know where the new NOTE
WELL is available from...  In fact, searching for "note well rfc 5378"
doesn't result in anything useful.

/Simon
___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf

Re: RFC5378 alternate procedure

[Julian Reschke]

Simon Josefsson wrote:

...
The NOTE WELL refers to BCP 78 so it is has already been extended to
cover the new expanded rights, hasn't it?
...


As of today,  states:


All IETF Contributions are subject to the rules of RFC 3978 (updated by RFC 
4748) and RFC 3979(updated by RFC 4879).

Statements made outside of an IETF session, mailing list or other function, 
that are clearly not intended to be input to an IETF activity, group or 
function, are not IETF Contributions in the context of this notice.

Please consult RFC 3978 (and RFC 4748) for details. 


So there's no mention of BCP 78, nor of the new RFC.

And even if there was, I would have thought that a change of the IPR 
rules would require a notification to be sent to all official mailing 
lists -- otherwise how would the average IETF contributor ever know 
about this change???


BR, Julian
___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf