FSF opposes making TLS-authz an experimental standard
The Free Software Foundation and the GNU Project oppose publication of draft-housley-tls-authz-extns as an experimental standard.
The patent application disclosed by RedPhone Security has put any free software attempting to implement these extensions in a very difficult position. Free software developers cannot safely code to the specifications without risking infringement on RedPhone's patents. As a result of these concerns and the uncertain situation they create, GnuTLS has removed support for them in its latest release -- and no other software maintained by the GNU Project will be written to them.
We know that the IETF and IESG largely share our view that patent-encumbered standards are unacceptable. We believe that the process has reached the proper conclusion -- the draft has been rejected as a standard. Please do not allow this decision to be negated by publishing it on the experimental track.
We agree with Sam Hartman that "often it seems that we use informational as a way to publish things we cannot build a strong consensus behind. I think that process is generally problematic and would like to avoid it in this instance," and with Simon Josefsson that "[g]iven that the initial last call was to put the document on the standards track, my impression would be that this last call request for the experimental track is indeed intended to circumvent the normal process."
In the long term, widespread adoption of something published on this track would put software authors in the same bad position as if the document were approved as a standard. Please respect the consensus that has been reached and do not publish this draft.Read the background story