> This Last Call is intended to determine whether the IETF community
> had consensus to publish draft-housley-tls-authz-extns as a
> proposed standard given IPR Disclosure 1026.
In Disclosure 1026 RedPhone Security states the following:
When an implementation generates the authorizations or pr
This standard should be wholly withdrawn until all patent
encumberances are fully removed.
GNU's statement summarizes it well:
http://www.fsf.org/news/reoppose-tls-authz-standard
Much of the communication on the Internet happens between computers
according to standards that define common langua
I'm writing to ask you not to approve the proposed patent-encumbered
standard for TLS authorization.
We've achieved a massive technological progress, thanks to IETF and
other bodies which strive for standardization of OPEN specifications.
Allowing a patent-encumbered (without a non-revoka
4 January 2009 16:18
> To: IETF-Announce
> Subject: Fourth Last Call: draft-housley-tls-authz-extns
>
> On June 27, 2006, the IESG approved "Transport Layer Security
> (TLS) Authorization Extensions,"
> (draft-housley-tls-authz-extns) as a proposed standard. On
>
at ietf.org
> [mailto:ietf-announce-bounces at ietf.org] On Behalf Of The IESG
> Sent: 14 January 2009 16:18
> To: IETF-Announce
> Subject: Fourth Last Call: draft-housley-tls-authz-extns
>
> On June 27, 2006, the IESG approved "Transport Layer Security
> (TLS) Authorization Ext
At 08:18 14-01-2009, The IESG wrote:
The IESG is considering approving this draft as a standards track
RFC. The IESG solicits final comments on whether the IETF community has
consensus to publish draft-housley-tls-authz-extns as a proposed
standard. Comments can be sent to ietf@ietf.org or except
I share the concerns of the FSF
[http://www.fsf.org/news/reoppose-tls-authz-standard] and Simon
Josefsson [http://www.ietf.org/mail-archive/web/ietf/current/msg55059.html]
about the TLS-authz draft.
The usefulness of the proposed standard
http://tools.ietf.org/id/draft-housley-tls-authz-extns-07.t
The IESG writes:
> Since the third Last Call, RedPhone Security filed IETF IPR disclosure
> 1026. This disclosure statement asserts in part that "the techniques
> for sending and receiving authorizations defined in TLS Authorizations
> Extensions (version draft-housley-tls-authz-extns-07.txt) do
I support publication of this document.
josh.
> -Original Message-
> From: ietf-announce-boun...@ietf.org
> [mailto:ietf-announce-boun...@ietf.org] On Behalf Of The IESG
> Sent: 14 January 2009 16:18
> To: IETF-Announce
> Subject: Fourth Last Call: draft-housley-tls-a
Russ Housley writes:
> EXAMPLE
>
> Clearance may be the easiest one. For simplicity, let's assume that
> the client are server already have X.509 identity certificates.
> Assume the server is operated by the military, and it includes some
> information that its wants to share with the public, pe
Simon:
>> >>For the people who want this draft published (and perhaps have a pending
>> >>implementation), would you please humour me by offering some usage
>> >>scenarios, other than debugging or toys, which would meet security
>> >>review and which are not covered by the four points which the
Russ Housley writes:
> Simon:
>
>> >>For the people who want this draft published (and perhaps have a pending
>> >>implementation), would you please humour me by offering some usage
>> >>scenarios, other than debugging or toys, which would meet security
>> >>review and which are not covered by th
Simon:
>>For the people who want this draft published (and perhaps have a pending
>>implementation), would you please humour me by offering some usage
>>scenarios, other than debugging or toys, which would meet security
>>review and which are not covered by the four points which the
>>patent-hol
I had given my +1 a bit early after having seen
"the techniques
for sending and receiving authorizations defined in TLS Authorizations
Extensions (version draft-housley-tls-authz-extns-07.txt) do not
infringe upon RedPhone Security's intellectual property rights"
Anyway, there
Russ Housley writes:
> Phil:
>
>>For the people who want this draft published (and perhaps have a pending
>>implementation), would you please humour me by offering some usage
>>scenarios, other than debugging or toys, which would meet security
>>review and which are not covered by the four points
Phil:
For the people who want this draft published (and perhaps have a pending
implementation), would you please humour me by offering some usage
scenarios, other than debugging or toys, which would meet security
review and which are not covered by the four points which the
patent-holder notes a
On 2009-01-14 at 08:18 -0800, The IESG wrote:
> Since the third Last Call, RedPhone Security filed IETF IPR disclosure
> 1026. This disclosure statement asserts in part that "the techniques
> for sending and receiving authorizations defined in TLS Authorizations
> Extensions (version draft-housley
> "Dean" == Dean Anderson writes:
Dean> 3. --There have been reports of similar issues in recent
Dean> lawsuit where the plaintiff patent-holder acted similarly to
Dean> Housley/Brown/Polk et al and was found to have engaged in
Dean> "aggravated litigation abuse". In that case
Dean and the IESG:
I will respond to some, but not all of Dean's points.
3. --There have been reports of similar issues in recent lawsuit where
the plaintiff patent-holder acted similarly to Housley/Brown/Polk et al
and was found to have engaged in "aggravated litigation abuse". In that
case, t
On Jan 14, 2009, at 4:53 PM, Dean Anderson wrote:
Somehow I haven't yet recieved the fourth last call, but only the
discussion Sigh.
see http://www.ietf.org/mail-archive/web/ietf-announce/current/
msg05617.html
There are MANY reasons that this should not be brought to a FOURTH
last
c
Sam Hartman wrote:
I think a standard in this space is really needed. I would definitely
like to be able to include SAML assertions and other statements of
authorization as part of a TLS exchange.
In the appropriate environments I'd be willing to implement this spec
given the current IPR situat
I think a standard in this space is really needed. Given the revised
IPR statement, I think it is clear that it can be implemented widely.
___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf
I think a standard in this space is really needed. I would definitely
like to be able to include SAML assertions and other statements of
authorization as part of a TLS exchange.
In the appropriate environments I'd be willing to implement this spec
given the current IPR situation.
__
23 matches
Mail list logo