Subject: Re: FW: IETF IP Contribution Policy
From: Brian Behlendorf <brian@collab.net>
Date: Fri, 19 Jan 2007 11:45:01 -0800 (PST)

On Fri, 19 Jan 2007, Lawrence Rosen wrote:
> At John Klensin's request, I am forwarding this email to the OSI and Apache
> lists. /Larry

Likewise, Larry or John, feel free to pass this along to ipr-wg@ietf.org. 
Speaking as an individual here.

[...]
>> ANSI does not demand it.  IEEE does not demand it.  ISO does not
>> demand it and ITU doesn't either.  Very few of the ISO national
>> Member Bodies demand it.

Which is why, by and large, the open source community does not use these 
communities to define standards.  ODF through ISO was probably the only 
important one in the last few years.  The IETF has a long intertwined 
history with open source, though, with the most successful Internet 
standards owing their relevancy to open source implementations (not just 
HTTP).  That those implementations have been in legal jeopardy from IPR 
claims by WG participants has been a long-known deficiency, one always 
swept under the rug with a "don't worry about it" kind of wink and a nod. 
The rise of patent litigation as a business strategy (and for some 
companies or acquirers of patents the only remaining business strategy) is 
forcing a re-examination.

[...] 
>> The more useful answer is that the field has a long history of
>> useful developments occurring in two types of forums.  One is
>> often characterized as a consortium, with specific membership
>> requirements that often include high fees and/or rather specific
>> and legally-binding conditions for participation, often
>> including release of patent rights... either to the consortium,
>> to other participants on some sort of "share alike" basis, or
>> more generally.   One nice thing about a consortium model is
>> that it is clear that enterprises and individuals that do not
>> share the consortium's specific goals, objectives, and, often,
>> intended methods (I'm tempted to add "religion") are not welcome
>> and typically don't join or are quickly eased out.    The three
>> organizations you name conform more or less well to the
>> consortium definition.

Please note that the Apache Software Foundation is a 501c3, not an 
industry consortium, and its IPR policy derives somewhat from that 
non-profit basis, in so far as it would jeopardize its public support test 
if it published software that required IPR licensing to legally use. 
Fortunately that position has not kept any of the major IT companies
in the known world from being involved.

[...]
>> although that can be more or less explicit.   One thing that the
>> SDOs I have listed above, and the IETF, have in common is that
>> we don't tell people "if you don't accept our view that
>> standardization does not imply free and general licensing,
>> without restrictions or application procedures of any sort, you
>> are not welcome to participate here".  All of us --again, in
>> different terms and different degrees of explicitness-- are
>> "open" enough to tell organizations "you are welcome to come in
>> here, disclose your IPR claims, present your technology, and
>> make the case that it is important enough, and enough better
>> than the alternatives, to justify standardization despite the
>> encumbrances.

So I went to ietf.org and found the IPR disclosures page, which thankfully 
makes it easy to determine which RFCs are encumbered.  I assume there is 
some deadline after RFC publication for IPR claims to be submitted, as an 
open-ended deadline would be useless (anyone hoping to play a Rambus-like 
trick could just delay filing).

I see that there was only one IPR filing in 2006, compared to 11 in 2005. 
Is that a sign that standards efforts at the IETF are trending towards 
encumbrance-free?  Is this a problem that will solve itself?

I see that all filings from 2006 to 2004 state that IP will be licensed on 
at least RAND terms, some of them on "giveback" which is even more 
liberal.  Aside from the obvious problems with RAND (lack of transparency 
= no accountability), it appears that no IETF participant would have a 
problem with at least requiring RAND.  In some cases (DoCoMo, March 2005) 
a full grant was made.  I didn't look at any older filings, but it 
suggests things are trending towards at least RAND.  Why not at least 
require that?

It also appears that you now have nearly 8 years of a disclosure policy 
under the organization's belt, and a reasonable cost/benefit analysis 
could be done. Have you gone to those who've disclosed IPR and asked them 
whether the revenue they received from such activities was worth it?  If 
it can't be substantiated that revenues from patent licensing were 
necessary to incent participation in the IETF, then an RF policy is hard 
to argue against.

One of the advantages of a clear policy like the ASF has is the simplicity 
it creates for all participants, and the corresponding trust.  Seeing an 
industry leader participating in a particular effort reassures everyone 
that the leader won't pull a Rambus and swamp everyone's investment of 
time and thus money into a royalty scheme no matter how "fair and 
reasonable" that company might decide that it is being.

You might be able to treat Larry like an outsider to the IETF process, but 
many of the people who made the IETF relevant as an organization did so by 
writing Open Source software, sometimes just as reference implementations 
but often by being the category-leading implementations.  Legal jeopardy 
for writing software that implements common standards and giving it away 
for free is increasing, which is the opposite of what it should be.

 	Brian