[cabfpub] Fwd: Re: [cabfrev] Must Staple Draft

Hill, Brad bhill at paypal-inc.com
Wed Oct 3 10:21:13 MST 2012


Phillip,

 Thank you for your work, but I have a couple of process questions here:

  The draft lists its intended status as "Standards Track", yet it doesn't seem to be an accepted work product of any WG at the IETF and, given that PKIX intends to disband after completing its current work, such acceptance seems unlikely.  How do you intend to advance this document and to what final state?

  My understanding based on the last face-to-face meeting in Manhattan was that the CABF was simply going to define an OID for experimental use by interested user agents.  If you are considering more than that, I would say that this is definitely the wrong place for this discussion:

  Firstly, because this is not an open forum - there is still no well-defined and equitable process for public contributions.  This is especially relevant given that work on TLS version downgrade protections is being discussed in several other contexts.  Given that the CABF has recently rather explicitly and emphatically declared its intent to NOT be a technical standards setting organization, I suggest that you ought to move this discussion to a different venue immediately if you have ambitions broader than a marker OID.  The CABF can declare an OID it wants to use but it cannot take as its private prerogative defining broader standards for how clients should work with TLS.

  Secondly, because this forum creates significant IPR concerns for this kind of work.  The IPR of the CABF, such as it is, only requires licensing of patents that speak to essential claims of CABF work products.  This is not, and presumably will not be, a guideline ultimately published by the CABF, so working on it here taints it.

Brad Hill


  


More information about the Public mailing list