With the caveat that I have not read the patent disclosures, I will add that if
they pertain to Elliptic Curve Cryptography, RFC 6090 is likely relevant -
especially http://tools.ietf.org/html/rfc6090#section-7.1 on ECDH and
http://tools.ietf.org/html/rfc6090#section-7.2 on ECDSA.
-- Mike
-----Original Message-----
From: [email protected] [mailto:[email protected]] On Behalf Of
prateek mishra
Sent: Thursday, February 28, 2013 1:53 PM
To: Hannes Tschofenig
Cc: [email protected]; [email protected]
Subject: Re: [OAUTH-WG] Fw: IPR Disclosure: - What to Do with JWT ?
Two points -
1) I request that this mailing list NOT be used for any substantive discussion
of patent claims and so on. This will create difficulties for many participants
and I dont believe is within the charter of this effort.
2) I would encourage interested parties to review the following document, which
may be relevant to this discussion
http://www.w3.org/2011/xmlsec-pag/
- prateek
> Hi Oleg,
>
> my personal experience with Certicom's IPR disclosures is that they
> focus on Elliptic Curve Cryptography. There were several IPR
> disclosures on documents in the JOSE WG and some of them contain ECC
> algorithms.
>
> The JWT does not list an ECC algorithm but the referenced documents do.
>
> Having said that the two cited IPRs seem to be:
> http://www.google.com/patents/US6704870
> http://www.google.com/patents/US7215773
>
> Take a look at it and make your assessment whether there is anything
> we can change.
>
> Ciao
> Hannes
>
>
> On 02/28/2013 09:21 PM, Oleg Gryb wrote:
>> Dear OAuth WG and Chairs,
>>
>> Can somebody please comment the Certicom's disclosure below? If the
>> purpose of this disclosure is to inform us that JWT can be
>> potentially a subject of royalties and other possible legal actions,
>> the value of adopting JWT in the scope of OAuth 2.0 IETF standard
>> would definitely diminish and if this is the case shouldn't we
>> consider replacing it with something similar, but different, which
>> would not be a subject of the future possible litigation?
>>
>> I'm not a lawyer and might not understand the statement below
>> correctly, so please let me know if/where I'm wrong. Please keep in
>> mind also that the popularity of JWT is growing fast along with the
>> implementations, so we need to do something quickly.
>>
>> Thanks,
>> Oleg.
>>
>>
>> --- On *Wed, 2/27/13, IETF Secretariat /<[email protected]>/* wrote:
>>
>>
>> From: IETF Secretariat <[email protected]>
>> Subject: [OAUTH-WG] IPR Disclosure: Certicom Corporation's Statement
>> about IPR related to draft-ietf-oauth-json-web-token-06 (2)
>> To: [email protected], [email protected], [email protected]
>> Cc: [email protected], [email protected], [email protected]
>> Date: Wednesday, February 27, 2013, 4:16 PM
>>
>>
>> Dear Michael Jones, John Bradley, Nat Sakimura:
>>
>> An IPR disclosure that pertains to your Internet-Draft entitled
>> "JSON Web Token
>> (JWT)" (draft-ietf-oauth-json-web-token) was submitted to the IETF
>> Secretariat
>> on 2013-02-20 and has been posted on the "IETF Page of Intellectual
>> Property
>> Rights Disclosures" (https://datatracker.ietf.org/ipr/1968/). The
>> title of the
>> IPR disclosure is "Certicom Corporation's Statement about IPR
>> related to draft-
>> ietf-oauth-json-web-token-06 (2)."");
>>
>> The IETF Secretariat
>>
>> _______________________________________________
>> OAuth mailing list
>> [email protected] </mc/[email protected]>
>> https://www.ietf.org/mailman/listinfo/oauth
>>
>>
>>
>> _______________________________________________
>> OAuth mailing list
>> [email protected]
>> https://www.ietf.org/mailman/listinfo/oauth
>>
> _______________________________________________
> OAuth mailing list
> [email protected]
> https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________
OAuth mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________
OAuth mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/oauth
