Re: Withdrawal of Approval and Second Last Call: draft-housley-tls-authz-extns

To: Simon Josefsson <simon at josefsson.org>, Brian E Carpenter <brc at zurich.ibm.com>
Subject: Re: Withdrawal of Approval and Second Last Call: draft-housley-tls-authz-extns
From: Jeffrey Hutzelman <jhutz at cmu.edu>
Date: Wed, 11 Apr 2007 11:51:15 -0400
Cc: Mark Brown <mark at redphonesecurity.com>, Jeffrey Hutzelman <jhutz at cmu.edu>, hartmans-ietf at mit.edu, ietf at ietf.org, iesg at ietf.org
In-reply-to: <A290DFD1A4413909CCCC0451@sirius.fac.cs.cmu.edu>
List-help: <mailto:ietf-request@ietf.org?subject=help>
List-id: IETF-Discussion <ietf.ietf.org>
List-post: <mailto:ietf@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
References: <200704062051.QAA09376@odie.av8.com> <Pine.LNX.4.44.0704061852330.31452-100000@citation2.av8.net> <E1HauVq-0007SX-FB@megatron.ietf.org> <tslps6d7zhc.fsf@mit.edu> <87zm5fmo4f.fsf@mocca.josefsson.org> <461C8E0B.6010903@zurich.ibm.com> <87abxfmiza.fsf@mocca.josefsson.org> <461C9BF3.8000709@zurich.ibm.com> <87r6qrl18x.fsf@mocca.josefsson.org> <A290DFD1A4413909CCCC0451@sirius.fac.cs.cmu.edu>

On Wednesday, April 11, 2007 11:34:42 AM -0400 Jeffrey Hutzelman <jhutz at cmu.edu> wrote:

For the record, I think your concerns about this particular license are
overstated.  Neither this patent license nor the open-source software
licenses you quote are as buggy as you seem to think they are.  For
example, the patent license contains the following text, which you
quoted: "This general use license granted to manufacturers also flows
down to sublicensees and users".  This would appear to have the effect
that only the original implementor of the patented technology would need
to obtain a license from RedPhone; he would then simply include in the
software license a recursive sublicense for the patent.


Hm.  Unfortunately, it seems there is other text that is problematic...

This...

  The Protected Assurance System Functions listed below (the "PAS
  Functions") define a set of functionality that Manufacturers under
  this General Use License (e.g. manufacturers of receiver / server
  components) must ensure is NOT implemented or provided to its users.

... would indeed appear to require anyone distributing an implementation
to impose additional restrictions, which is a problem.

Also, this is very bad:

  In the event that a Manufacturer has (a) only been granted a General
  Use License and (b) implemented and released to end users any PAS
  Functions, such events shall cause the General Use License of that
  Manufacturer to be immediately revoked, and any license rights
  conferred to any users of the system that has implemented any PAS
  Functions (above) shall be likewise revoked.

This appears to say that if someone violates the license terms, then
anyone who received a sublicense from them, directly or indirectly, is
also screwed, even if the user has not violated the terms of the license.
This is extremely unfriendly, not just to open source but to users in
general.

Finally, schedule B requires that specific text be "unambiguously displayed at time of system installation". This requirement is impractical and in any case impossible for open-source implementors to enforce.

-- Jeff

_______________________________________________
Ietf mailing list
Ietf at ietf.org
https://www1.ietf.org/mailman/listinfo/ietf

References:
- RE: Withdrawal of Approval and Second Last Call: draft-housley-tls-authz-extns
  - From: Russ Housley
- Re: Withdrawal of Approval and Second Last Call: draft-housley-tls-authz-extns
  - From: hartmans-ietf
- Re: Withdrawal of Approval and Second Last Call: draft-housley-tls-authz-extns
  - From: Simon Josefsson
- Re: Withdrawal of Approval and Second Last Call: draft-housley-tls-authz-extns
  - From: Brian E Carpenter
- Re: Withdrawal of Approval and Second Last Call: draft-housley-tls-authz-extns
  - From: Simon Josefsson
- Re: Withdrawal of Approval and Second Last Call: draft-housley-tls-authz-extns
  - From: Brian E Carpenter
- Re: Withdrawal of Approval and Second Last Call: draft-housley-tls-authz-extns
  - From: Simon Josefsson
- Re: Withdrawal of Approval and Second Last Call: draft-housley-tls-authz-extns
  - From: Jeffrey Hutzelman

Prev by Date: Re: Withdrawal of Approval and Second Last Call: draft-housley-tls-authz-extns
Next by Date: Re: Withdrawal of Approval and Second Last Call: draft-housley-tls-authz-extns
Previous by thread: Re: Withdrawal of Approval and Second Last Call: draft-housley-tls-authz-extns
Next by thread: Re: Withdrawal of Approval and Second Last Call: draft-housley-tls-authz-extns
Index(es):
- Date
- Thread

Note Well: Messages sent to this mailing list are the opinions of the senders and do not imply endorsement by the IETF.

Re: Withdrawal of Approval and Second Last Call: draft-housley-tls-authz-extns

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.