Skip to content, sitemap or skip to search.

Personal tools
Join now
You are here: Home FSF News Send comments opposing TLS-authz standard by February 11

Send comments opposing TLS-authz standard by February 11

by Matt Lee Contributions Published on Feb 08, 2009 07:59 AM

Update 2009-02-12: The comment period has now closed. Thank you to everyone who sent comments.

Last year, the Free Software Foundation issued an alert to efforts at the Internet Engineering Task Force (IETF) to sneak a patent-encumbered standard for "TLS authorization" through a back-door approval process that was referenced as "experimental" or "informational".  The many comments sent to IETF at that time alerted committee members to this attempt and successfully prevented the standard gaining approval.

Unfortunately, attempts to push through this standard have been renewed and become more of a threat.  The proposal now at the IETF has a changed status from "experimental" to "proposed standard".  The FSF is again issuing an alert and request for comments to be sent urgently and prior to the February 11 deadline to  Please include us in your message by a CC to campaigns@fsf.orgYou should also expect an automated reply from, which you will need to answer to confirm your original message.

That patent in question is claimed by RedPhone Security.  RedPhone has given a license to anyone who implements the protocol, but they still threaten to sue anyone that uses it.

If our voice is strong enough, the IETF will not approve this standard on any level unless the patent threat is removed entirely with a royalty-free license for all users.

Here is the comment submitted by the FSF.

Further background for your comment

See the IETF summary.

Much of the communication on the Internet happens between computers according to standards that define common languages.  If we are going to live in a free world using free software,  our software must be allowed to speak these languages.

Unfortunately, discussions about possible new standards are tempting opportunities for people who would prefer to profit by extending proprietary control over our communities. If someone holds a software patent on a technique that a programmer or user has to use in order to make use of a standard, then no one is free without getting permission from and paying the patent holder. If we are not careful, standards can become major barriers to computer users having and exercising their freedom.

We depend on organizations like the Internet Engineering Task Force (IETF) and the Internet Engineering Steering Group (IESG) to evaluate new proposals for standards and make sure that they are not encumbered by patents or any other sort of restriction that would prevent free software users and programmers from participating in the world they define.

In February 2006, a standard for "TLS authorization" was introduced in the IETF for consideration. Very late in the discussion, a company called RedPhone Security disclosed (this disclosure has subsequently been unpublished from the IETF website) that they applied for a patent which would need to be licensed to anyone wanting to practice the standard. After this disclosure, the proposal was rejected.

Despite claims that RedPhone have offered a license for implementation of this protocol, users of this protocol would still be threatened by the patent. The IETF should continue to oppose this standard until RedPhone provide a royalty-free license for all users.

Media Contacts

Peter T. Brown
Executive Director
Free Software Foundation

Document Actions

The FSF is a charity with a worldwide mission to advance software freedom — learn about our history and work. is powered by:


Send your feedback on our translations and new translations of pages to