[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Patent & licence for IPSec ?

To: "Todd S. Glassey" <TSGman@earthlink.net>
Subject: Re: Patent & licence for IPSec ?
From: Steve Bellovin <smb@research.att.com>
Date: Tue, 21 Jul 1998 13:46:10 -0400
cc: "Daniel Harkins" <dharkins@cisco.com>, ipsec@tis.com
Sender: owner-ipsec@ex.tis.com

In message <014e01bdb4cc$fdd16ad0$030b0ac0@cta1>, "Todd S. Glassey" writes:
> 
> If the IETF cannot make the use of it's standards more than a crap shoot
> then it may be doomed. What's the point of banking on a set of standards
> where the entry fee can be years in court and millions of dollars.
> 
> This is a serious issue, because it gets at the standards process and the
> root of who pays for all our playpens and sandboxes. Whether we as engineers
> like it or not, Business and Business Process are driving the NII and all it
> stands fo'.
> 
> Sorry to disagree with you but ... If the IETF cannot make its standards
> more secure from a commercial sense then its long term form and fashion are
> likely to change or to be changed.
> 
> The first time somebody sues the IETF/IESG/ISOC for creating a standard and
> allowing the standard-process to complete when it has either "direct
> knowledge" or "enforced ignorance" as to the patent status of any given
> effort - The standards effort will change forever. After all if the IETF
> knowingly ignores the charter and in particular the IP issues inside of
> RFC2026 and its follow successors, IMHO - the IETF could wind up liable for
> damages by not enforcing its publicly stated operational processes and
> policies.

Have you read RFC 2026, the current description of the IETF standards
process?  While it's certainly true that anyone can be sued for more
or less anything, the relevant provisions were indeed drawn up in
consultation with a lawyer.  Briefly -- the IETF *can't* have complete
knowledge of intellectual property claims on its work.  (Nor, I might
add, can other standards bodies.)  What is done is to require that anyone
who submits anything to the IETF agrees to disclose any intellectual
property rights in the submitted material.  We also encourage people
to make the IETF aware of any possible conflicts.  This is precisely
what Paul Lambert has just done.

Btw -- not complying with the IETF process has reprecussions for folks
who lie about patents.  See http://www.ftc.gov/opa/9511/dell.htm for
one example.

Prev by Date: Re: Patent & licence for IPSec ?
Next by Date: Comments on "Hybrid Auth. mode for IKE"
Prev by thread: Re: Patent & licence for IPSec ?
Next by thread: Re: Patent & licence for IPSec ?
Index(es):
- Main
- Thread