On Dec 11, 2018, at 10:32 AM, Jari Arkko <jari.ar...@piuha.net> wrote: > I’ll first agree with your summary about the importance of the tech, that > there’s some risk but the risk is likely low but non-zero, and that in an > ideal situation you wouldn’t have to deal with this. > > However, I would like to point out that > > * The draft is an *optional* extension to something bigger, and no one is > forced to implement it.
I don't quite understand that argument. It's superficially true, but not really correct. If a product is to be at all competitive in a landscape where the "big players" require this, then the product *must* implement it. The alternative is to cede market share, revenue, etc. Standards do live in a larger environment than just the standards bodies. They affect all kinds of things. > * Regardless of that, even the base RFC had a similar IPR associated with it > back in ‘09, so any discussion about an extension’s properties should be set > in that context. A problem in the extension cannot be bigger than a problem > in what the extension builds on, no? Not to mention the context of say, 5G > phones. If the IPR is new (I haven't checked), then it could potentially add to the problem, yes. > Neither me or you can change that context or even the situation with the > base. Perhaps the world should operate on other kinds of rules, but what we > have here is a tool that could have a real impact on billions of users’ > security, and I think we could make it do that. But we need a standard. Can > we have that? I agree absolutely that this is needed and useful. I've said that before. The underlying issue here is that a company has gained control over part of the standard space. And we rely only on their good will for continued use of an open standard. That tends to make me nervous. Alan DeKok. _______________________________________________ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu
