Re: [security-jc] submission of OASIS work to ITU-T

["Phillip H. Griffin" <phil.griffin@asn-1.com>]

Phillip,

Richard Hill is counsel for ITU-T and has been instrumental in bringing
copyright issues to the forefront in the MoU/MG [1]. He has seemed in
conversations to be particularly keen on issues such as the ownership
by the author of original words submitted in the development of
standards. An important point I think, since we'd often like to reuse
our own words and ideas in the creation of products, presentations,
books, etc.

ITU-T now gives their standards away for free. The ASN.1 standards
are completely free for download. All of the others come free three at
a time - you need to make up a different email address for each set of
three standards you wish to download (phg@asn-1.com, et@asn-1.com,
elvis@asn-1.com, and so on).

Telecoms have law enforcement access requirements and standards that
are stamped with their approval may serve to broaden acceptance and
use. For the XCBF work, which has been shown to be of interest to SG17
in securing telecommunications networks [2] that will eventually migrate 
to the
web, this was my primary interest in the creation of an OASIS-ITU-T
communication process (liaison).

My understanding (and I've been out of the loop with the work of the
MoU/MG for a while now) is that copyright and change control would
remain with OASIS, and that both ITU-T and OASIS would be allowed
to publish and deciminate the work. ITU-T would be able to fast track
the work, which would ensure that it would not go through the entire
process, but would skip portions of the standards development process
in which the document could be modified. But Karl would know best.

I see this as a great opportunity to promote OASIS security work that
will not likely have any negative impact whatsoever on TCs or their
work. I'm hoping that I can eventually get XCBF adopted by ITU-T
using this mechanism.

Phil

[1]  http://www.itu.int/ITU-T/e-business/mou/index.html
[2]  http://www.itu.int/ITU-T/worksem/security/program.html


Hallam-Baker, Phillip wrote:

>The main issue that I would see is the issue of copyright.
>
>In the past the ITU has demanded exhorbitant fees to get a copy
>of their standards. This in turn killed any grass roots interest
>in the OSI stack which was one of the reasons the ITU failed
>in that area. It has also meant that they can't be used in
>teaching.
>
>I don't think that endorsement by the ITU will have more than a
>marginal difference to the credibility of the standard. None of
>my customers seem to care where a standard comes from as long as
>it is widely supported and meets some definition of open.
>
>What is the overhead of this move, what does it cost in terms
>of effort? Who has ongoing change control, can the ITU develop
>a new version of SAML?
>
>
>		Phill
>
>  
>
>>-----Original Message-----
>>From: Karl Best [mailto:karl.best@oasis-open.org]
>>Sent: Friday, December 20, 2002 8:55 AM
>>To: security-jc@lists.oasis-open.org
>>Subject: [security-jc] submission of OASIS work to ITU-T
>>
>>
>>Security JC:
>>
>>FYI - I have been approached recently by a representative 
>>from the ITU-T 
>>central secretariat, Richard Hill, who expressed interest in having 
>>OASIS submit some of our completed work for approval under the ITU-T 
>>process. OASIS was earlier in the year granted A.4 and A.5 
>>recognition 
>>by ITU-T, and they would like to see us take advantage of that 
>>recognition by submitting some of our work. (This is similar 
>>to what we 
>>are doing with the ebXML specs: submitting them to ISO for approval 
>>under their process.)
>>
>>ITU-T is particularly interested in our security work, as that is a 
>>topic that they work on quite a bit. I suggested that perhaps 
>>we could 
>>submit the SAML, recently approved as an OASIS Standard, and XACML, 
>>which we hope will also be approved soon. Richard thought that this 
>>would be a good plan, and he and I will discuss how best to do this 
>>under the ITU-T process while still allowing OASIS ownership 
>>of the work 
>>and retaining the right of the OASIS TCs to do further work 
>>on the specs.
>>
>>-Karl
>>
>>
>>=================================================================
>>Karl F. Best
>>Vice President, OASIS
>>+1 978.667.5115 x206
>>karl.best@oasis-open.org  http://www.oasis-open.org
>>
>>
>>----------------------------------------------------------------
>>To subscribe or unsubscribe from this elist use the subscription
>>manager: <http://lists.oasis-open.org/ob/adm.pl>
>>
>>    
>>