At 08:18 14-01-2009, The IESG wrote:
The IESG is considering approving this draft as a standards track
RFC. The IESG solicits final comments on whether the IETF community has
consensus to publish draft-housley-tls-authz-extns as a proposed
standard. Comments can be sent to ietf@ietf.org or
[mailto:ietf-announce-bounces at ietf.org] On Behalf Of The IESG
Sent: 14 January 2009 16:18
To: IETF-Announce
Subject: Fourth Last Call: draft-housley-tls-authz-extns
On June 27, 2006, the IESG approved Transport Layer Security
(TLS) Authorization Extensions,
(draft-housley-tls-authz-extns
To: IETF-Announce
Subject: Fourth Last Call: draft-housley-tls-authz-extns
On June 27, 2006, the IESG approved Transport Layer Security
(TLS) Authorization Extensions,
(draft-housley-tls-authz-extns) as a proposed standard. On
November 29, 2006, Redphone Security (with whom Mark Brown
I'm writing to ask you not to approve the proposed patent-encumbered
standard for TLS authorization.
We've achieved a massive technological progress, thanks to IETF and
other bodies which strive for standardization of OPEN specifications.
Allowing a patent-encumbered (without a
This standard should be wholly withdrawn until all patent
encumberances are fully removed.
GNU's statement summarizes it well:
http://www.fsf.org/news/reoppose-tls-authz-standard
Much of the communication on the Internet happens between computers
according to standards that define common
The IESG iesg-secret...@ietf.org writes:
Since the third Last Call, RedPhone Security filed IETF IPR disclosure
1026. This disclosure statement asserts in part that the techniques
for sending and receiving authorizations defined in TLS Authorizations
Extensions (version
I share the concerns of the FSF
[http://www.fsf.org/news/reoppose-tls-authz-standard] and Simon
Josefsson [http://www.ietf.org/mail-archive/web/ietf/current/msg55059.html]
about the TLS-authz draft.
The usefulness of the proposed standard
I support publication of this document.
josh.
-Original Message-
From: ietf-announce-boun...@ietf.org
[mailto:ietf-announce-boun...@ietf.org] On Behalf Of The IESG
Sent: 14 January 2009 16:18
To: IETF-Announce
Subject: Fourth Last Call: draft-housley-tls-authz-extns
On June 27
Russ Housley hous...@vigilsec.com writes:
Simon:
For the people who want this draft published (and perhaps have a pending
implementation), would you please humour me by offering some usage
scenarios, other than debugging or toys, which would meet security
review and which are not covered by
Simon:
For the people who want this draft published (and perhaps have a pending
implementation), would you please humour me by offering some usage
scenarios, other than debugging or toys, which would meet security
review and which are not covered by the four points which the
patent-holder
Russ Housley hous...@vigilsec.com writes:
EXAMPLE
Clearance may be the easiest one. For simplicity, let's assume that
the client are server already have X.509 identity certificates.
Assume the server is operated by the military, and it includes some
information that its wants to share with
Phil:
For the people who want this draft published (and perhaps have a pending
implementation), would you please humour me by offering some usage
scenarios, other than debugging or toys, which would meet security
review and which are not covered by the four points which the
patent-holder notes
Russ Housley hous...@vigilsec.com writes:
Phil:
For the people who want this draft published (and perhaps have a pending
implementation), would you please humour me by offering some usage
scenarios, other than debugging or toys, which would meet security
review and which are not covered by the
I had given my +1 a bit early after having seen
the techniques
for sending and receiving authorizations defined in TLS Authorizations
Extensions (version draft-housley-tls-authz-extns-07.txt) do not
infringe upon RedPhone Security's intellectual property rights
Anyway, there
Simon:
For the people who want this draft published (and perhaps have a pending
implementation), would you please humour me by offering some usage
scenarios, other than debugging or toys, which would meet security
review and which are not covered by the four points which the
patent-holder notes
I think a standard in this space is really needed. I would definitely
like to be able to include SAML assertions and other statements of
authorization as part of a TLS exchange.
In the appropriate environments I'd be willing to implement this spec
given the current IPR situation.
I think a standard in this space is really needed. Given the revised
IPR statement, I think it is clear that it can be implemented widely.
___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf
Sam Hartman wrote:
I think a standard in this space is really needed. I would definitely
like to be able to include SAML assertions and other statements of
authorization as part of a TLS exchange.
In the appropriate environments I'd be willing to implement this spec
given the current IPR
On Jan 14, 2009, at 4:53 PM, Dean Anderson wrote:
Somehow I haven't yet recieved the fourth last call, but only the
discussion Sigh.
see http://www.ietf.org/mail-archive/web/ietf-announce/current/
msg05617.html
There are MANY reasons that this should not be brought to a FOURTH
last
Dean and the IESG:
I will respond to some, but not all of Dean's points.
3. --There have been reports of similar issues in recent lawsuit where
the plaintiff patent-holder acted similarly to Housley/Brown/Polk et al
and was found to have engaged in aggravated litigation abuse. In that
case,
Dean == Dean Anderson d...@av8.com writes:
Dean 3. --There have been reports of similar issues in recent
Dean lawsuit where the plaintiff patent-holder acted similarly to
Dean Housley/Brown/Polk et al and was found to have engaged in
Dean aggravated litigation abuse. In that
On 2009-01-14 at 08:18 -0800, The IESG wrote:
Since the third Last Call, RedPhone Security filed IETF IPR disclosure
1026. This disclosure statement asserts in part that the techniques
for sending and receiving authorizations defined in TLS Authorizations
Extensions (version
On June 27, 2006, the IESG approved Transport Layer Security (TLS)
Authorization Extensions, (draft-housley-tls-authz-extns) as a
proposed standard. On November 29, 2006, Redphone Security (with
whom Mark Brown, a co-author of the draft is affiliated) filed IETF IPR
disclosure 767.
Because of
23 matches
Mail list logo
