יום רביעי, פברואר 11, 2009

Internet Draft: Transport Layer Security (TLS) Evidence Extensions

[mail to ietf@ietf.org]

I was worried by the information about a new Internet Draft which
seems to be troubled by patent claims even before its approval.

So, I decided to read a bit before forming a final opinion.

First I've read the following link from 19-Nov-2008

IANL but the language looks too familiar...
"RedPhone Security agrees to grant licenses for such uses in a fair
and nondiscriminatory manner. This statement applies to the
Disclosed Patent Information, including all amendments in all
nations as published during the course of prosecution."

I'm sure you are well aware that "fair and nondiscriminatory manner"
is the usual "newspeak" term for discriminating free software.
E.g: if someone only ask 10$ per-copy it means you cannot
distribute without having some copy counting mechanisms in place.

Looking further I've read the following link from 26-Nov-2008

So, about two weeks later, the same company says:
"Any party wishing to request a license under the patent
applications listed in Schedule A and/or any issued patents
from such applications is encouraged to contact RedPhone Security."


Which clarifies they reserve the right to provide licenses on a case
by case basis (yes, under the non-yada-yada etc). This is very different
from cases where comprehensive blanket licenses are given by relevant
companies for inclusion of their technologies in standard setting papers.

Which begs the question -- why all this is disclosed barely two months
before the (supposed) approval of this draft standard? To hush
criticism? To make IETF think harder about withdrawing after investing
a lot of time and work into this?

Regretfully, we already saw in some industries the advent of litigious
companies messing with industry standards (a sad refresher is here)

Not long ago, we saw other important standard bodies loses much
of their credibility due to similar tactics (I obviously refer to
the ISO/IEC DIS 29500 farce).

I obviously don't want IETF to fall into a similar trap. It's
important to reject this proposal so all of us can trust any RFC
or STD for what they are -- a free specification for anybody to
implement as they see fit.

Furthermore. Patent disclosure at the end of the process instead
of the beginning is not an example of honesty (do you think
they "forgot" they applied for these patents?)

IMHO, the only way for the IETF to protect itself and its reputation
from such predatory behaviour is to apply a mechanism to deter such
companies. Maybe something along the line of:

"You made us work X months without trusting us with your secret plan?
Good. You lost our trust for the next X months. You are welcome
to come back with different proposal *after* this time lapse."


I urge you to reconsider and not risk the great achievements of
Internet in general and the IETF in particular for a short term "gain".

Thank you very much for all your efforts,

[This mail was prepared and sent by free software, running on a
free operating system, abiding by freely available Internet standards]