[TLS] Re: Comments on draft-housley-tls-authz-extns-07

To: <Pasi.Eronen at nokia.com>
Subject: [TLS] Re: Comments on draft-housley-tls-authz-extns-07
From: Simon Josefsson <simon at josefsson.org>
Date: Mon, 11 Jun 2007 11:45:42 +0200
Cc: hartmans-ietf at mit.edu, iesg at ietf.org, free-ietf-review at josefsson.org, tls at ietf.org
In-reply-to: <B356D8F434D20B40A8CEDAEC305A1F24043C46C6@esebe105.NOE.Nokia.com> (Pasi Eronen's message of "Mon, 11 Jun 2007 12:02:10 +0300")
List-archive: <http://www1.ietf.org/pipermail/tls>
List-help: <mailto:tls-request@lists.ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-post: <mailto:tls@lists.ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
Openpgp: id=B565716F; url=http://josefsson.org/key.txt
References: <tsld50hgan6.fsf@mit.edu> <Pine.LNX.4.44.0705311241430.30807-100000@citation2.av8.net> <B356D8F434D20B40A8CEDAEC305A1F24043C46C6@esebe105.NOE.Nokia.com>
User-agent: Gnus/5.110007 (No Gnus v0.7) Emacs/22.0.95 (gnu/linux)

<Pasi.Eronen at nokia.com> writes:

> Dean Anderson wrote:
>
>> On Wed, 30 May 2007, Sam Hartman wrote:
>> > Dean, this is an excellent idea. Anyone who wants to including you
>> > can discuss alternatives to the technology. The availability of
>> > other ways to do this--particularly when combined with information
>> > about whether people are willing to do the necessary work to write
>> > up and implement these alternatives--would be great input to the
>> > IESG. I'd appreciate anything you can do in this regard.
>> 
>> To what working group should I take this work to?  Not TLS, it 
>> hasn't agreed (has affirmatively refused) to take on this work.
>
> Dean: as you well know, most WG documents start as individual
> Internet-Drafts. This way, the WG has something concrete to read 
> when considering whether to take on the work as WG item or not.
>
> Currently, no such draft exists. If, however, someone would write 
> such a draft, and ask the TLS WG to consider adopting it as WG 
> item, we would certainly consider it. Or yet in other words: 
> there certainly is *NO* blanket decision to refuse all work
> in this area.

The problem is, as far as I can tell, that the patent covers the general
idea of (some aspects) of authorization with X.509 Attribute
Certificates over the TLS protocol.

Thus, any draft that transfer X.509 Attribute Certificates over TLS will
have the same concern with regards to this particular patent.

Finding a way to route around the patent seems challenging, but given
the current license terms, it may still be the simplest solution.
Finding prior art for widely useful scenarios should be easy.  One
solution would be to write a draft that specify a similar protocol, and
document several use-cases with references to prior art.

If someone knows of prior art where X.509 Attribute Certificates and/or
SAML assertions are sent over TLS (possibly in the handshake, but that
doesn't seem critical), that would be very useful information.

/Simon

_______________________________________________
TLS mailing list
TLS at lists.ietf.org
https://www1.ietf.org/mailman/listinfo/tls

Follow-Ups:
- Re: [TLS] Re: Comments on draft-housley-tls-authz-extns-07
  - From: Andres Marin

References:
- Re: [TLS] Comments on draft-housley-tls-authz-extns-07
  - From: Sam Hartman
- Re: [TLS] Comments on draft-housley-tls-authz-extns-07
  - From: Dean Anderson
- RE: [TLS] Comments on draft-housley-tls-authz-extns-07
  - From: Pasi.Eronen

Prev by Date: [TLS] Fwd: I-D ACTION:draft-badra-ecdhe-tls-psk-00.txt
Next by Date: [TLS] Re: Comments on draft-housley-tls-authz-extns-07
Previous by thread: RE: [TLS] Comments on draft-housley-tls-authz-extns-07
Next by thread: [TLS] Re: Comments on draft-housley-tls-authz-extns-07
Index(es):
- Date
- Thread

[TLS] Re: Comments on draft-housley-tls-authz-extns-07

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.