IPS: Area Director View of SRP IPR

To: ips@ece.cmu.edu
Subject: IPS: Area Director View of SRP IPR
From: Allison Mankin <mankin@ISI.EDU>
Date: Wed, 10 Apr 2002 18:52:18 -0400
Cc: sob@harvard.edu, mankin@ISI.EDU
Content-Type: text/plain; charset=US-ASCII
Reply-To: mankin@ISI.EDU
Sender: owner-ips@ece.cmu.edu

The Transport Area Directors are concerned about the known
intellectual property rights situation surrounding SRP.  While we
cannot say definitively that any IETF- developed spec is free of IPR
claims on implementors, the SRP case is of a fairly heavy nature.

We believe that prudent implementors of SRP would have to analyze the
potential Lucent and Phoenix patent claims, and obtain licenses for
these patents if the analysis so indicated.  This is a sufficient
hurdle to implementation of SRP for a sufficiently large class of
implementors (open source, small company with limited resources for
the analysis and licensing, and even large company, in some cases...),
that Scott and I feel that a "MUST implement" for SRP would be
problematic for iSCSI.  That said, we will join Elizabeth (serving as
the process Chair) in listening carefully to working group's
discussion in the next few days.  Those holding views should be
especially sure to express them (with civility, of course, as
Elizabeth has just reminded you).  It is important to hear in some way
from a good number of those with both views of the size of the hurdle.

In the absence of other information, the appropriate requirement level
the ADs see for SRP is a "MAY", because "SHOULD" has implications in
RFC 2119 that a strong technical reason should be at the root of
electing not to implement.  The WG will recall that at least one
inband authentication mechanism must be designated as "MUST implement"
for interoperability.

On another point, in reviewing recent list discussion, a clarification
is in order.  A number of emails have referenced "the IESG" when
reporting guidance received from individual Area Directors, namely
individual Transport and Security ADs.  A Working Group and its Chairs
are wise to take advice from Area Directors seriously, in order to
minimize issues and delays arising at IESG review time.  But note that
the IESG as a whole has not developed a consensus on SRP, with respect
to IPS or any other Working Group.

On balance, it was represented fairly that a number of us individually
gave guidance in support of looking into an alternative
mandatory-to-implement inband authentication.  In future, though,
attention should be paid not to represent guidance from ADs as IESG
consensus position.

Allison 
Area Director for IPS

Follow-Ups:
- Re: IPS: Area Director View of SRP IPR
  - From: David Jablon <dpj@theworld.com>

Prev by Date: Re: iscsi : error recovery diagrams similar to Annex C of FCP-2.
Next by Date: RE: About the oprational key parameters
Prev by thread: Re: iSCSI: nits on SRP text key lengths
Next by thread: Re: IPS: Area Director View of SRP IPR
Index(es):
- Date
- Thread

Home

Last updated: Fri Apr 12 10:19:08 2002
9624 messages in chronological order