Have you seen this? and how will impact FS in the future?<br><br clear="all"><br><br><br><br>
--------------------------------------------------------------------------------------------<br>From Seth:<br>(Urgent. Send your note TODAY and CONFIRM the automatic reply from<br><div class="gmail_quote">
IETF. You can cc <a href="mailto:campaigns@fsf.org">campaigns@fsf.org</a> . Three links below, FSF's action<br>
page, Glyn Moody's blog, and the list announcement for TLS-AUTHZ at<br>
IETF. -- Seth)<br>
<br>
<br>
> <a href="http://www.fsf.org/news/reoppose-tls-authz-standard" target="_blank">http://www.fsf.org/news/reoppose-tls-authz-standard</a><br>
<br>
<br>
Send comments opposing TLS-authz standard by February 11<br>
<br>
<br>
Last January, the Free Software Foundation issued an alert to efforts<br>
at the Internet Engineering Task Force (IETF) to sneak a<br>
patent-encumbered standard for "TLS authorization" through a back-door<br>
approval process that was referenced as "experimental" or<br>
"informational"<br>
(<a href="http://www.fsf.org/news/reoppose-tls-authz-standard/newsitem_view" target="_blank">http://www.fsf.org/news/reoppose-tls-authz-standard/newsitem_view</a>).<br>
The many comments sent to IETF at that time alerted committee members<br>
to this attempt and successfully prevented the standard gaining<br>
approval.<br>
<br>
Unfortunately, attempts to push through this standard have been<br>
renewed and become more of a threat. The proposal now at the IETF has<br>
a changed status from "experimental" to "proposed standard". The FSF<br>
is again issuing an alert and request for comments to be sent urgently<br>
and prior to the February 11 deadline to <a href="mailto:ietf@ietf.org">ietf@ietf.org</a>. Please<br>
include us in your message by a CC to <a href="mailto:campaigns@fsf.org">campaigns@fsf.org</a>. You should<br>
also expect an automated reply from <a href="mailto:ietf@ietf.org">ietf@ietf.org</a>, which you will need<br>
to answer to confirm your original message.<br>
<br>
That patent in question is claimed by RedPhone Security<br>
(<a href="https://datatracker.ietf.org/ipr/1026/" target="_blank">https://datatracker.ietf.org/ipr/1026/</a>). RedPhone has given a<br>
license to anyone who implements the protocol, but they still threaten<br>
to sue anyone that uses it.<br>
<br>
If our voice is strong enough, the IETF will not approve this standard<br>
on any level unless the patent threat is removed entirely with a<br>
royalty-free license for all users.<br>
<br>
Further background for your comment<br>
<br>
See the IETF summary:<br>
> <a href="http://www.ietf.org/mail-archive/web/ietf-announce/current/msg05617.html" target="_blank">http://www.ietf.org/mail-archive/web/ietf-announce/current/msg05617.html</a><br>
<br>
Much of the communication on the Internet happens between computers<br>
according to standards that define common languages. If we are going<br>
to live in a free world using free software, our software must be<br>
allowed to speak these languages.<br>
<br>
Unfortunately, discussions about possible new standards are tempting<br>
opportunities for people who would prefer to profit by extending<br>
proprietary control over our communities. If someone holds a software<br>
patent on a technique that a programmer or user has to use in order to<br>
make use of a standard, then no one is free without getting permission<br>
from and paying the patent holder<br>
(<a href="http://www.gnu.org/philosophy/fighting-software-patents.html" target="_blank">http://www.gnu.org/philosophy/fighting-software-patents.html</a>). If we<br>
are not careful, standards can become major barriers to computer users<br>
having and exercising their freedom.<br>
<br>
We depend on organizations like the Internet Engineering Task Force<br>
(IETF) and the Internet Engineering Steering Group (IESG) to evaluate<br>
new proposals for standards and make sure that they are not encumbered<br>
by patents or any other sort of restriction that would prevent free<br>
software users and programmers from participating in the world they<br>
define.<br>
<br>
In February 2006, a standard for "TLS authorization" was introduced in<br>
the IETF for consideration<br>
(<a href="http://tools.ietf.org/wg/tls/draft-housley-tls-authz-extns-07.txt" target="_blank">http://tools.ietf.org/wg/tls/draft-housley-tls-authz-extns-07.txt</a>).<br>
Very late in the discussion, a company called RedPhone Security<br>
disclosed (this disclosure has subsequently been unpublished from the<br>
IETF website) that they applied for a patent which would need to be<br>
licensed to anyone wanting to practice the standard<br>
(<a href="https://datatracker.ietf.org/ipr/833/" target="_blank">https://datatracker.ietf.org/ipr/833/</a>). After this disclosure, the<br>
proposal was rejected.<br>
<br>
Despite claims that RedPhone have offered a license for implementation<br>
of this protocol, users of this protocol would still be threatened by<br>
the patent. The IETF should continue to oppose this standard until<br>
RedPhone provide a royalty-free license for all users.<br>
<br>
Media Contacts<br>
<br>
Peter T. Brown<br>
Executive Director<br>
Free Software Foundation<br>
(617)542-5942<br>
<a href="mailto:campaigns@fsf.org">campaigns@fsf.org</a><br>
<br>
---<br>
<br>
> <a href="http://www.computerworlduk.com/community/blogs/index.cfm?blogid=14&entryid=1845" target="_blank">http://www.computerworlduk.com/community/blogs/index.cfm?blogid=14&entryid=1845</a><br>
<br>
<br>
Help Fight This Patent-Encumbered IETF Standard<br>
<br>
February 10, 2009<br>
<br>
Posted by: Glyn Moody<br>
<br>
I've written numerous times about the importance of writing to<br>
governments about their hare-brained schemes, but this one is rather<br>
different. In this case, it's the normally sane Internet Engineering<br>
Task Force that wants to do something really daft. The FSF explains:<br>
<br>
Last January, the Free Software Foundation issued an alert to efforts<br>
at the Internet Engineering Task Force (IETF) to sneak a<br>
patent-encumbered standard for "TLS authorization" through a back-door<br>
approval process that was referenced as "experimental" or<br>
"informational". The many comments sent to IETF at that time alerted<br>
committee members to this attempt and successfully prevented the<br>
standard gaining approval.<br>
<br>
Unfortunately, attempts to push through this standard have been<br>
renewed and become more of a threat. The proposal now at the IETF has<br>
a changed status from "experimental" to "proposed standard".<br>
<br>
This is a throwback to the bad old days of sneaking patents into<br>
nominal standards. It is yet another reason why such patents should<br>
not be given in the first place. But until such time as the patent<br>
offices around the world come to their senses, the only option is to<br>
fight patent-encumbered standards on an individual basis. Here are the<br>
details for doing so:<br>
<br>
The FSF is again issuing an alert and request for comments to be sent<br>
urgently and prior to the February 11 deadline to <a href="mailto:ietf@ietf.org">ietf@ietf.org</a>.<br>
Please include us in your message by a CC to <a href="mailto:campaigns@fsf.org">campaigns@fsf.org</a>. You<br>
should also expect an automated reply from <a href="mailto:ietf@ietf.org">ietf@ietf.org</a>, which you<br>
will need to answer to confirm your original message.<br>
<br>
Here's what I've sent:<br>
<br>
I am writing to ask you not to approve the proposed patent-encumbered<br>
standard for TLS authorisation. To do so would fly in the face of the<br>
IETF's fundamental commitment to openness. It would weaken not just<br>
the standard itself, but the IETF's authority in this sphere.<br>
<br>
---<br>
<br>
> <a href="http://www.ietf.org/mail-archive/web/ietf-announce/current/msg05617.html" target="_blank">http://www.ietf.org/mail-archive/web/ietf-announce/current/msg05617.html</a><br>
<br>
<br>
Fourth Last Call: draft-housley-tls-authz-extns<br>
<br>
* To: IETF-Announce <ietf-announce at <a href="http://ietf.org" target="_blank">ietf.org</a>><br>
* Subject: Fourth Last Call: draft-housley-tls-authz-extns<br>
* From: The IESG <iesg-secretary at <a href="http://ietf.org" target="_blank">ietf.org</a>><br>
* Date: Wed, 14 Jan 2009 08:18:20 -0800 (PST)<br>
* List-archive: <<a href="http://www.ietf.org/pipermail/ietf-announce" target="_blank">http://www.ietf.org/pipermail/ietf-announce</a>><br>
* Reply-to: ietf at <a href="http://ietf.org" target="_blank">ietf.org</a><br>
<br>
<br>
On June 27, 2006, the IESG approved "Transport Layer Security (TLS)<br>
Authorization Extensions," (draft-housley-tls-authz-extns) as a<br>
proposed standard. On November 29, 2006, Redphone Security (with whom<br>
Mark Brown, a co-author of the draft is affiliated) filed IETF IPR<br>
disclosure 767.<br>
<br>
Because of the timing of the IPR Disclosure, the IESG withdrew its<br>
approval of draft-housley-tls-authz-extns. A second IETF Last Call<br>
was initiated to determine whether the IETF community still had<br>
consensus to publish draft-housley-tls-authz-extns as a proposed<br>
standard given the IPR claimed. Consensus to publish as a standards<br>
track document was not demonstrated, and the document was withdrawn<br>
from IESG consideration.<br>
<br>
A third IETF Last Call was initiated to determine whether the IETF<br>
community had consensus to publish draft-housley-tls-authz-extns as an<br>
experimental track RFC with knowledge of the IPR disclosure from<br>
Redphone Security. Consensus to publish as experimental was not<br>
demonstrated; a substantial segment of the community objected to<br>
publication on any track in light of the IPR terms.<br>
<br>
Since the third Last Call, RedPhone Security filed IETF IPR disclosure<br>
1026. This disclosure statement asserts in part that "the techniques<br>
for sending and receiving authorizations defined in TLS Authorizations<br>
Extensions (version draft-housley-tls-authz-extns-07.txt) do not<br>
infringe upon RedPhone Security's intellectual property rights". The<br>
full text of IPR disclosure 1026 is available at:<br>
<br>
<a href="https://datatracker.ietf.org/ipr/1026/" target="_blank">https://datatracker.ietf.org/ipr/1026/</a><br>
<br>
This Last Call is intended to determine whether the IETF community had<br>
consensus to publish draft-housley-tls-authz-extns as a proposed<br>
standard given IPR Disclosure 1026.<br>
<br>
The IESG is considering approving this draft as a standards track RFC.<br>
The IESG solicits final comments on whether the IETF community has<br>
consensus to publish draft-housley-tls-authz-extns as a proposed<br>
standard. Comments can be sent to ietf at <a href="http://ietf.org" target="_blank">ietf.org</a> or exceptionally to<br>
iesg at <a href="http://ietf.org" target="_blank">ietf.org</a>. Comments should be sent by 2009-02-11.<br>
<br>
A URL of this Internet-Draft is:<br>
<a href="http://www.ietf.org/internet-drafts/draft-housley-tls-authz-extns-07.txt" target="_blank">http://www.ietf.org/internet-drafts/draft-housley-tls-authz-extns-07.txt</a><br>
<br>
_______________________________________________<br>
IETF-Announce mailing list<br>
IETF-Announce at <a href="http://ietf.org" target="_blank">ietf.org</a><br>
<a href="https://www.ietf.org/mailman/listinfo/ietf-announce" target="_blank">https://www.ietf.org/mailman/listinfo/ietf-announce</a><br>
<br></div><br>