[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [TLS] Document Action: 'TLS Elliptic Curve Cipher Suites with SHA-256/384 and AES Galois Counter Mode' to Informational RFC

To: Dean Anderson <dean@xxxxxxx>
Subject: Re: [TLS] Document Action: 'TLS Elliptic Curve Cipher Suites with SHA-256/384 and AES Galois Counter Mode' to Informational RFC
From: Eric Rescorla <ekr@xxxxxxxxxxxxxxxxxxxx>
Date: Fri, 27 Jun 2008 13:48:01 -0700
Cc: iesg@xxxxxxxx, rms@xxxxxxx, tls@xxxxxxxx
Delivered-to: tls@xxxxxxxxxxxxxx
In-reply-to: <Pine.LNX.4.44.0806271534430.545-100000@xxxxxxxxxxxxxxxxx>
List-help: <mailto:tls-request@ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-post: <mailto:tls@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
References: <20080627173509.DDB69509AA@xxxxxxxxxxxxxx> <Pine.LNX.4.44.0806271534430.545-100000@xxxxxxxxxxxxxxxxx>
Sender: tls-bounces@xxxxxxxx
User-agent: Wanderlust/2.14.0 (Africa) Emacs/21.3 Mule/5.0 (SAKAKI)

At Fri, 27 Jun 2008 15:56:06 -0400 (EDT),
Dean Anderson wrote:
> 
> On Fri, 27 Jun 2008, Eric Rescorla wrote:
> 
> > 
> > This paragraph only refers to documents which did not go through
> > the IETF process, as implied by the first sentence of 4.2.3.
> 
> Indeed. And this document indeed did not properly follow the IETF
> process because it did not disclose IPR in accordance with RFC3979 and
> because it did not discuss non-patented alternatives, also in accordance
> with RFC3979.  The intent of 4.2.3 is to prevent the circumvention of
> the rules, and the IETF rules are not being followed.
>
> >    Unless they are the result of IETF Working Group action, documents
> >    intended to be published with Experimental or Informational status
> >    should be submitted directly to the RFC Editor.
> > 
> > This document was a TLS WG document, so had already been
> > coordinated with the IETF community.
> 
> That is precisely the point: it has NOT been properly coordinated with
> the internet community: Not all the pertinent facts were disclosed to
> the internet community.  
> 
> I think the recent events surrounding TLS-Authz at least indicate that
> the internet community is keenly interested in facts of patent
> encumbrance. These facts were apparently known to IESG managers and
> those managers also knew these facts would be important to the
> community, but kept the community in the dark, made false 
> representations in the draft, and failed to follow IETF policy.
> 
> The following paragraph in the 'ecc-new-mac draft is a false
> representation:
> 
>    By submitting this Internet-Draft, each author represents that any
>    applicable patent or other IPR claims of which he or she is aware
>    have been or will be disclosed, and any of which he or she becomes
>    aware will be disclosed, in accordance with Section 6 of BCP 79.

As I've stated already, the relevant IPR claims had already been
disclosed WRT RFC 4492, which this document lists as a normative
reference, as well as explicitly mentioning it in the abstract and
throughout the document, and it just didn't occur to me to file a
separate IPR disclosure listing this document specifically. As I
indicated earlier, I'll leave it to Joe and the ADs to determine
whether such disclosure was required by the process, process
violation, but from a practical perspective, I find it hard to believe
that any significant number of people reviewing the document were
unaware of the IPR situation, given the extensive discussion on this
topic when 4492 was approved.

-Ekr
_______________________________________________
TLS mailing list
TLS@xxxxxxxx
https://www.ietf.org/mailman/listinfo/tls

Follow-Ups:
- Re: [TLS] Document Action: 'TLS Elliptic Curve Cipher Suites with SHA-256/384 and AES Galois Counter Mode' to Informational RFC
  - From: Dean Anderson

References:
- Re: [TLS] Document Action: 'TLS Elliptic Curve Cipher Suites with SHA-256/384 and AES Galois Counter Mode' to Informational RFC
  - From: Eric Rescorla
- Re: [TLS] Document Action: 'TLS Elliptic Curve Cipher Suites with SHA-256/384 and AES Galois Counter Mode' to Informational RFC
  - From: Dean Anderson

Prev by Date: Re: [TLS] Document Action: 'TLS Elliptic Curve Cipher Suites with SHA-256/384 and AES Galois Counter Mode' to Informational RFC
Next by Date: Re: [TLS] Document Action: 'TLS Elliptic Curve Cipher Suites with SHA-256/384 and AES Galois Counter Mode' to Informational RFC
Previous by thread: Re: [TLS] Document Action: 'TLS Elliptic Curve Cipher Suites with SHA-256/384 and AES Galois Counter Mode' to Informational RFC
Next by thread: Re: [TLS] Document Action: 'TLS Elliptic Curve Cipher Suites with SHA-256/384 and AES Galois Counter Mode' to Informational RFC
Index(es):
- Date
- Thread