Re: [TLS] Proto write-up for TLS exporter

["Blumenthal, Uri" <uri at ll.mit.edu>]

I support Simon's reasoning and conclusions.


----- Original Message -----
From: tls-bounces at ietf.org <tls-bounces at ietf.org>
To: Joseph Salowey (jsalowey) <jsalowey at cisco.com>
Cc: TLS at ietf.org <TLS at ietf.org>
Sent: Wed May 13 07:58:54 2009
Subject: Re: [TLS] Proto write-up for TLS exporter

I don't support publishing tls-extractor on the standards track as long
as there are unclear patent threat against it and no acceptable free
software compatible patent license is available.

I haven't seen anyone offer a credible analysis that the patent claims
would not taint an implementation of the document.  If someone presents
analysis, that would influence my opinion.

Putting this document on the standards track suggests that other IETF
documents should reference it on extracting keying material from TLS.
That seems like a poor recommendation to make broadly, because every
protocol that would make use of tls-extractor would then have the
uncertainty of being tainted by the Certicom patent claims.

I believe the wider Internet community will be better off by not
publishing the document as an RFC at all if the patent situation does
not improve.  We should not encourage patented technology for running
the global Internet.

The patent disclosure was posted to this list only a few days ago.  It
has not been mentioned in earlier discussions of the draft or during
WGLC's as far as I recall.  I believe a few days is a too short time to
be able to establish consensus.  Referring to external discussions in
the proto-writeup is not acceptable, it explicitly requests reference to
WG discussions about the patent disclaimer.

/Simon
_______________________________________________
TLS mailing list
TLS at ietf.org
https://www.ietf.org/mailman/listinfo/tls