This charter is written in accordance with the W3C Patent Policy (PP).
The XML Security Patent Advisory Group is a Patent Advisory Group (PAG) as defined by the W3C Patent Policy (PP).
The mission of this Patent Advisory Group is to study issues and propose solutions related to XML Encryption 1.1 and XML Signature 1.1. Both specifications normatively reference RFC 6090, as a specification for mandatory to implement algorithms. Two disclosures have been filed against an Internet-Draft for that RFC 6090.
Patents disclosed so far:
This PAG is triggered by Section 7.1 (PAG Formation) of the Patent Policy, which states that a PAG is triggered in the event “a patent has been disclosed that may be essential, but is not available under W3C Royalty-Free licensing requirements”. Informal negotiations have been undertaken between the XML Security Working Group and Research in Motion and its subsidiary Certicom, who allegedly hold patents on the ECDSA and ECDH algorithms described by RFC 6090 and mandated by the XML Signature and Encryption 1.1 specifications. Those negotiations resulted in a public patent commitment by Certicom that does not satisfy the W3C RF licensing requirements.
The ECC PAG has the scope to:
The PAG ends with a PAG report to the W3C Director containing a recommendation. The recommendations have to be chosen among the options in section 7.5 of the Patent Policy:
The XML Security PAG is chartered through 31 August 2011. The PAG can be extended by the Director.
All communications of the XML Security PAG, the mailing list archives and the minutes of telephone conferences are W3C Member confidential.
This charter, the PAG report to the Director as well as an eventual document on prior art will be public. At regular intervals, the PAG should also provide status updates to the public.
In accordance with section 7.3 of the W3C Patent Policy, this PAG is composed of:
Advisory Committee Representatives of Members participating in the Web Applications Working Group must register for the PAG or will be put on the PAG by the Team. An Advisory Committee Representative who is unable to participate should designate an alternate. Each Advisory Committee Representative may also designate a second individual (usually legal counsel) to participate in the PAG.
XML Security PAG participation (attending meetings, following the mailing list) is expected to require half a day per week per participant.
The XML Security PAG conducts its discussion on a member readable mailing list, member-xmlsec-pag@w3.org (with member-visible archive).
The ECC PAG has a member accessible and a public home page.
The ECC PAG conducts its work through mailing-list discussions and teleconferences. The PAG can decide to have one face-to-face meeting.
Participation in teleconferences or face-to-face meetings is limited to the participants of the PAG as described by the Patent Policy. The chair may invite individuals to specific meetings at his discretion.
This PAG charter has been drafted according to the Procedures for Launching and Operating a Patent Advisory Group (PAG).