SORT BY:

LIST ORDER
THREAD
AUTHOR
SUBJECT


SEARCH

IPS HOME


    [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

    IPS: Area Director View of SRP IPR



    The Transport Area Directors are concerned about the known
    intellectual property rights situation surrounding SRP.  While we
    cannot say definitively that any IETF- developed spec is free of IPR
    claims on implementors, the SRP case is of a fairly heavy nature.
    
    We believe that prudent implementors of SRP would have to analyze the
    potential Lucent and Phoenix patent claims, and obtain licenses for
    these patents if the analysis so indicated.  This is a sufficient
    hurdle to implementation of SRP for a sufficiently large class of
    implementors (open source, small company with limited resources for
    the analysis and licensing, and even large company, in some cases...),
    that Scott and I feel that a "MUST implement" for SRP would be
    problematic for iSCSI.  That said, we will join Elizabeth (serving as
    the process Chair) in listening carefully to working group's
    discussion in the next few days.  Those holding views should be
    especially sure to express them (with civility, of course, as
    Elizabeth has just reminded you).  It is important to hear in some way
    from a good number of those with both views of the size of the hurdle.
    
    In the absence of other information, the appropriate requirement level
    the ADs see for SRP is a "MAY", because "SHOULD" has implications in
    RFC 2119 that a strong technical reason should be at the root of
    electing not to implement.  The WG will recall that at least one
    inband authentication mechanism must be designated as "MUST implement"
    for interoperability.
    
    On another point, in reviewing recent list discussion, a clarification
    is in order.  A number of emails have referenced "the IESG" when
    reporting guidance received from individual Area Directors, namely
    individual Transport and Security ADs.  A Working Group and its Chairs
    are wise to take advice from Area Directors seriously, in order to
    minimize issues and delays arising at IESG review time.  But note that
    the IESG as a whole has not developed a consensus on SRP, with respect
    to IPS or any other Working Group.
    
    On balance, it was represented fairly that a number of us individually
    gave guidance in support of looking into an alternative
    mandatory-to-implement inband authentication.  In future, though,
    attention should be paid not to represent guidance from ADs as IESG
    consensus position.
    
    Allison 
    Area Director for IPS
    


Home

Last updated: Fri Apr 12 10:19:08 2002
9624 messages in chronological order