On Wed, Feb 11, 2009 at 07:38:15AM -0500, Seth Johnson wrote: > That patent in question is claimed by RedPhone Security > (https://datatracker.ietf.org/ipr/1026/). RedPhone has given a > license to anyone who implements the protocol, but they still threaten > to sue anyone that uses it.
>From my understanding, this is simply not true. A license is not required to implement the extension (passing SAML assertions or X.509 attribute certificates in the TLS handshake), because it quite simply is not patented (at least by RedPhone - I'm sure someone somewhere has a patent that applies to it, but one can say that about most or all software) - only using these authorization extensions in conjunction with legal contracts or treaties is covered by the patent. So: - Implementations cannot infringe this patent, almost by definition. No patent license is required from anyone. - Users of the extension can infringe this patent. - However there are many uses of this extension which would not infringe. -Jack _______________________________________________ p2p-hackers mailing list [email protected] http://lists.zooko.com/mailman/listinfo/p2p-hackers
