[Cryptech Core] ipr, ghu forbid

Randy Bush randy at psg.com
Fri May 16 16:48:17 UTC 2014

Previous message (by thread): [Cryptech Core] Tools and strategies for communication during development
Next message (by thread): [Cryptech Core] ipr, ghu forbid
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

< thinking aloud >

like it or not, the cryptech project produces stuff with ipr.  i am
heavily influenced by the ietf model, so feel free to whack me.

we need to be explicit about ipr
  o so others can not claim to be a direct cryptech design (think
    poison), unless they actually are of course
  o so someone can ajudicate licensing questions ("can i do x with y?")
  o we need to walk further down the path of cc/bsd and what rights
    statements we put on sources, documents, ...
  o so we know how to handle incoming ipr - i.e work that is contributed
    both as the result of pay-for-work and pro-bono contributions that
    is covered by ipr in some form.
  o ...

cryptech ipr probably falls into a few classes,
  o stuff cryptech engineers do for pay
  o stuff non-paid folk agree to license to cryptech (under what terms?)
  o stuff cryptech adapts from other sources (and is constrained by the
    license conditions of those sources)
  o ...

the ietf has The IETF Trust (http://trustee.ietf.org/), which holds the
ipr (rfcs, drafts, ...) of the ietf.  unlike the ietf, the ietf trust is
a real legal entity, so it can actually hold the ipr.  it is constrained
by the Trust Agreement.  it is way too complicated because the ietf and
the ietf trust were extracted from CNRI in a method analogous to a root
canal and pulling a wisdom tooth.  i would hope something far simpler
would do the job for cryptech.

---

leif has suggested one proposal for the "incoming IPR" case:

    Anyone who wants to make a contribution to cryptech that is covered
    by IPR must agree to publish an Internet-Draft describing how the
    technology covered by the IPR is used in the context of the cryptech
    design and must make an IETF IPR statement covering said I-D which
    would be acceptable (i.e a non-discriminatory, non-exclusive,
    permanent grant of a free license to use within the specific context
    on which cryptech relies) under normal conditions of IETF standards
    work.

    In other words we tie ourselves to the IETF trust!

    That would allow some researchers to keep their patent bonuses
    (which is a big deal for some).

---

i am somewhat wary of this as internet-drafts are ephemeral.  but i get
what leif is trying to do here.

i can probably get free legal for this once we have consensus on what we
actually want.

randy

Previous message (by thread): [Cryptech Core] Tools and strategies for communication during development
Next message (by thread): [Cryptech Core] ipr, ghu forbid
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Core mailing list