In association with heise online

23 October 2007, 12:16

GnuTLS developers remove function to avoid patent dispute

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

The developers of the open source GnTLS library, which supports Transport Layer Security (TLS) and Secure Sockets Layer (SSLv3) encryption protocols, have removed a function from the current version 2.0.2. They say they did so because a company has applied for a patent for that function.

The function removed is an extension called TLS Authorization, which the IETF is currently reviewing as a draft for standardization. GnuTLS had already implemented it, but now RedPhone Security has applied for a patent. The developers responded by removing the extension from the software in order to avoid potential claims for license fees. The developers say that removal was not a problem because the extension was optional to begin with. They felt that complete removal would ensure that more users refrain from implementing the extension.

The IETF has also reacted to the application for a patent by not accepting the draft. Now, the Free Software Foundation (FSF) says that RedPhone Security is trying to get the concept adopted as a standard anyway by promoting it as "experimental" and "informational." The FSF has submitted a comment to the IETF to oppose this action and is calling on users to do the same. Until today, Tuesday, October 23, the IETF is accepting comments on the draft. The IETF would have to refuse the draft if there is sufficient opposition. The FSF is one of the best known opponents of software patents.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit