Re: draft-housley-tls-authz-extns-07.txt to Proposed Standard

[Ralf Weber <rw at colt.net>]

Moin!

On 11.02.2009, at 14:16, Theodore Tso wrote:
> No, actually.  Point 3 is very tightly constrained to certain types of
> Agreements, where Agreements is defined in point 2.  Point 4 is about
> countersigning authorizations, presumably with the intention of
> forwawrding them to a 3rd party.  There is plenty of prior art for
> point 4 all by itself (Kerberos V5, for one, and it was certainly not
> the first system to do that).
So your statement is that the patent claim is invalid, because of  
prior art? If so we are not 100% sure unless someone questions the  
patent claim in court - Volunteers ;-).

> There are plenty of ways in which authorization data could be passed
> via TLS that would clearly not violate RedPhone Security's claimed
> patent claims.  There is over 30 years of prior art involving
> cryptographically sealed authorization data that could be passed via
> this protocol extension.
I think the difference is that the authorization is exchanged as part  
of the setup rather then over the established channel, but as Sam  
Hartmann pointed out there may be other use cases for these protocol  
extensions so I think the best way to advance with the document would  
be to run it again in the TLS working group.

So long
-Ralf
---
Ralf Weber
Platform Infrastructure Manager
Colt Telecom GmbH
Herriotstrasse 4
60528 Frankfurt
Germany
DDI: +49 (0)69 56606 2780 Internal OneDial: 8 491 2780
Fax: +49 (0)69 56606 6280
Email: rw at colt.net
http://www.colt.net/
Data | Voice | Managed Services

Schütze Deine Umwelt | Erst denken, dann drucken

*****************************************
COLT Telecom GmbH, Herriotstraße 4, 60528 Frankfurt/Main, Deutschland  
* Tel +49 (0)69 56606 0 * Fax +49 (0)69 56606 2222 *

Geschäftsführer: Dr. Jürgen Hernichel (Vors.), Rita Thies *  
Amtsgericht Frankfurt/Main HRB 46123 * USt.-IdNr. DE 197 498 400