Prateek, It's not so much a "patent claim" discussion as a suggestion to do something different than JWT if it's really protected by somebody's patents. It's a public standard after all and it's in the interests of everyone to keep it this way.
--- On Thu, 2/28/13, prateek mishra <[email protected]> wrote: From: prateek mishra <[email protected]> Subject: Re: [OAUTH-WG] Fw: IPR Disclosure: - What to Do with JWT ? To: "Hannes Tschofenig" <[email protected]> Cc: [email protected], [email protected] Date: Thursday, February 28, 2013, 4:53 PM Two points - 1) I request that this mailing list NOT be used for any substantive discussion of patent claims and so on. This will create difficulties for many participants and I dont believe is within the charter of this effort. 2) I would encourage interested parties to review the following document, which may be relevant to this discussion http://www.w3.org/2011/xmlsec-pag/ - prateek > Hi Oleg, > > my personal experience with Certicom's IPR disclosures is that they > focus on Elliptic Curve Cryptography. There were several IPR > disclosures on documents in the JOSE WG and some of them contain ECC > algorithms. > > The JWT does not list an ECC algorithm but the referenced documents do. > > Having said that the two cited IPRs seem to be: > http://www.google.com/patents/US6704870 > http://www.google.com/patents/US7215773 > > Take a look at it and make your assessment whether there is anything > we can change. > > Ciao > Hannes > > > On 02/28/2013 09:21 PM, Oleg Gryb wrote: >> Dear OAuth WG and Chairs, >> >> Can somebody please comment the Certicom's disclosure below? If the >> purpose of this disclosure is to inform us that JWT can be potentially a >> subject of royalties and other possible legal actions, the value of >> adopting JWT in the scope of OAuth 2.0 IETF standard would definitely >> diminish and if this is the case shouldn't we consider replacing it with >> something similar, but different, which would not be a subject of the >> future possible litigation? >> >> I'm not a lawyer and might not understand the statement below correctly, >> so please let me know if/where I'm wrong. Please keep in mind also that >> the popularity of JWT is growing fast along with the implementations, so >> we need to do something quickly. >> >> Thanks, >> Oleg. >> >> >> --- On *Wed, 2/27/13, IETF Secretariat /<[email protected]>/* wrote: >> >> >> From: IETF Secretariat <[email protected]> >> Subject: [OAUTH-WG] IPR Disclosure: Certicom Corporation's Statement >> about IPR related to draft-ietf-oauth-json-web-token-06 (2) >> To: [email protected], [email protected], [email protected] >> Cc: [email protected], [email protected], [email protected] >> Date: Wednesday, February 27, 2013, 4:16 PM >> >> >> Dear Michael Jones, John Bradley, Nat Sakimura: >> >> An IPR disclosure that pertains to your Internet-Draft entitled >> "JSON Web Token >> (JWT)" (draft-ietf-oauth-json-web-token) was submitted to the IETF >> Secretariat >> on 2013-02-20 and has been posted on the "IETF Page of Intellectual >> Property >> Rights Disclosures" (https://datatracker.ietf.org/ipr/1968/). The >> title of the >> IPR disclosure is "Certicom Corporation's Statement about IPR >> related to draft- >> ietf-oauth-json-web-token-06 (2).""); >> >> The IETF Secretariat >> >> _______________________________________________ >> OAuth mailing list >> [email protected] </mc/[email protected]> >> https://www.ietf.org/mailman/listinfo/oauth >> >> >> >> _______________________________________________ >> OAuth mailing list >> [email protected] >> https://www.ietf.org/mailman/listinfo/oauth >> > _______________________________________________ > OAuth mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/oauth _______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
