Re: [TLS] Proto write-up for TLS exporter

To: <Pasi.Eronen at nokia.com>
Subject: Re: [TLS] Proto write-up for TLS exporter
From: Simon Josefsson <simon at josefsson.org>
Date: Mon, 18 May 2009 16:27:16 +0200
Cc: TLS at ietf.org
Delivered-to: tls at core3.amsl.com
In-reply-to: <808FD6E27AD4884E94820BC333B2DB773A6AA3D696 at NOK-EUMSG-01.mgdnok.nokia.com> (Pasi Eronen's message of "Mon, 18 May 2009 15:49:00 +0200")
List-archive: <http://www.ietf.org/mail-archive/web/tls>
List-help: <mailto:tls-request@ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-post: <mailto:tls@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
Openpgp: id=B565716F; url=http://josefsson.org/key.txt
References: <AC1CFD94F59A264488DC2BEC3E890DE507FD11E4 at xmb-sjc-225.amer.cisco.com> <87preeqpma.fsf at mocca.josefsson.org> <20090513151244.2668950822 at romeo.rtfm.com> <87tz3okj5d.fsf at mocca.josefsson.org> <20090513230017.CF7C650822 at romeo.rtfm.com> <87zldggi29.fsf at mocca.josefsson.org> <20090514140437.E84F51A401F at kilo.networkresonance.com> <c24c21d80905140710i1213c61cr8b92a418c04862d0 at mail.gmail.com> <20090514154822.GV29258 at Sun.COM> <87eiupmaki.fsf at mocca.josefsson.org> <808FD6E27AD4884E94820BC333B2DB773A6AA3D4E2 at NOK-EUMSG-01.mgdnok.nokia.com> <87ab5apqt2.fsf at mocca.josefsson.org> <808FD6E27AD4884E94820BC333B2DB773A6AA3D696 at NOK-EUMSG-01.mgdnok.nokia.com>
User-agent: Gnus/5.110011 (No Gnus v0.11) Emacs/23.0.93 (gnu/linux)

<Pasi.Eronen at nokia.com> writes:

> Simon Josefsson wrote:
>
>> > Your summary ("Certicom has patents that covers tls-extractor")
>> > seems to take the opinion that the "when used with either: A or B
>> > or C" text is either not part of the assertion, or that this part
>> > doesn't matter.
>> 
>> That is right, I don't consider the PDF as part of the BCP79-required
>> disclosure.  It is extra information beyond what is required by BCP79.
>> The PDF can certainly be useful in evaluating claims, but I believe the
>> text that's in the #1004 disclosure should carry more weight.  And the
>> tls-extractor document is mentioned as a covered technology for the BCP
>> 79 patent disclosure.
>
> Hmm.. it's quite common to *not* use the web form, but instead put the
> disclosure information in a separate PDF or text file, and send that
> by email (BCP79 doesn't require using the web form, AFAIK).

Sure, but everyone still have to follow BCP 79.

> However, if you send the PDF/text/Word/whatever file by email, the
> secretariat posts it on ietf.org. Having just a link to a file hosted
> elsewhere is indeed unusual (and perhaps less than ideal for ensuring
> the file stays available forever and is not modified).
>
> If the PDF file linked in IPR disclosure #1004 was posted on ietf.org
> (the same way as other IPR disclosures done as PDF files, such as 
> https://datatracker.ietf.org/ipr/1040/), would that change
> your opinion here?

The important thing is the content of the disclosure, not its
presentation.

BCP 79 requires companies to disclose if they believe they have patents
on a document.  Certicom appears to have done that for tls-extractor,
judging from the #1004 page.

They provide no licensing or any information at all except for the
already known patent encumbered context of ECC.  If they were to publish
details for non-ECC, we would at least know how to evaluate the patent
claims on tls-extractor.  Right now we just have an patent claim with no
information beyond ECC.

If Certicom changes their patent disclosure to not claim they have
patents on tls-extractor, my concern would be addressed.  I'm hoping
this will happen.

If Certicom changes their disclosure to give everyone a free software
compatible patent license to implement tls-extractor in non-ECC
situations, that would work too.

If neither happens, and Certicom continue to claim as per BCP79 and in
the #1004 disclosure that they have patents that cover tls-extractor,
and provides no information on non-ECC use about those patents, I would
not support publication without significant more justification that the
Internet community cannot live without a patent encumbered tls-extractor
(comparable to the justification for RSA).

/Simon

References:
- [TLS] Proto write-up for TLS exporter
  - From: Joseph Salowey (jsalowey)
- Re: [TLS] Proto write-up for TLS exporter
  - From: Simon Josefsson
- Re: [TLS] Proto write-up for TLS exporter
  - From: Eric Rescorla
- Re: [TLS] Proto write-up for TLS exporter
  - From: Simon Josefsson
- Re: [TLS] Proto write-up for TLS exporter
  - From: Eric Rescorla
- Re: [TLS] Proto write-up for TLS exporter
  - From: Simon Josefsson
- Re: [TLS] Proto write-up for TLS exporter
  - From: Eric Rescorla
- Re: [TLS] Proto write-up for TLS exporter
  - From: Badra
- Re: [TLS] Proto write-up for TLS exporter
  - From: Nicolas Williams
- Re: [TLS] Proto write-up for TLS exporter
  - From: Simon Josefsson
- Re: [TLS] Proto write-up for TLS exporter
  - From: Pasi.Eronen
- Re: [TLS] Proto write-up for TLS exporter
  - From: Simon Josefsson
- Re: [TLS] Proto write-up for TLS exporter
  - From: Pasi.Eronen

Prev by Date: Re: [TLS] Proto write-up for TLS exporter
Next by Date: Re: [TLS] Proto write-up for TLS exporter
Previous by thread: Re: [TLS] Proto write-up for TLS exporter
Next by thread: Re: [TLS] Proto write-up for TLS exporter
Index(es):
- Date
- Thread

Re: [TLS] Proto write-up for TLS exporter

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.