[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [wss] Revised WSS OTP-Token proposal
It’s unclear to me how these
requests relate to the OASIS legacy IPR policy (http://www.oasis-open.org/who/ipr/intellectual_property_2000-1-13.php),
which I understand as governing the treatment of intellectual property by the
TC. As far as I can see there, the policy requires acknowledgment of “major
contributors”, not exhaustive identification and enumeration of all individuals
who have been involved in review and comment on a contribution (which can often
be difficult to accomplish outside the context of organizations with defined
membership lists). Further, the policy does not appear to impose any
requirement that non-submitting contributors must be members of the TC to which
a contribution is being made. --jl From: Paul Cotton
[mailto:Paul.Cotton@microsoft.com] >but have requested that OTPS participants who have been involved in
review and comment on its predecessor drafts inform us of any such claims. Can you identify the "OTPS
participants"? Will they be joining the TC so that they
will be covered by the same IP rules as the other existing TC members? /paulc From: Linn,
John [mailto:jlinn@rsasecurity.com] The RSA/OTPS document in question does not
specify a particular OTP method, but instead proposes a method-independent
profile that can be used to apply a variety of OTP methods along with
WSS. In essence, therefore, its scope is comparable to that of the proposed
work item; along with other inputs, we would hope that it would contribute
relevant work which would be useful in constructing the anticipated
deliverable. For reference, the document is available
at ftp://ftp.rsasecurity.com/pub/otps/wss-token/wss-token-v1-0.pdf.
I don’t anticipate that further technical changes would take place before
a TC submission, though some frontmatter and administrative revisions may be made.
WRT IPR, the document states as follows (within Appendix B, Notices): “RSA Security does not make any claims on the general
constructions described in this document. The RSA SecurID technology
implementations of time-based mode authenticator token devices, and related
validation processing components, are covered by a number of US patents (and
foreign counterparts), in particular US Patent Nos. 4,885,778; 4,856,062;
5,097,505; 5,168,520 and 5,657,388. Additional patents are pending. As
this specification can be implemented without the use of time-based mode
authentication technology, it is RSA Security’s position that the
technology covered by these patents and applications is not required to
implement this specification.” Further, we are not currently aware of any
IP claims which others may make which would affect the general constructions as
described in this document, but have requested that OTPS participants who have
been involved in review and comment on its predecessor drafts inform us of any
such claims. --jl From: Anthony Nadalin
[mailto:drsecure@us.ibm.com] Its
still confusing as its states that "RSA Security proposes to submit a
version of this document as
|
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]