Sunday, July 09, 2006

syslog-ng 2.0rc1 released

After my last requests for testing of the latest 1.9.x code base, I have received a couple of bug reports, which were fixed in recent weeks. Since I have received no reports the past two weeks I decided to name the new release as "2.0rc1" to raise awareness of the new codebase.

I'm planning to create the new branch for 2.1.x, I have some exciting features in my mind, which I did not want to start before the release of 2.0.0. The old stable series 1.6.x is still supported, but expect less development time to be dedicated in maintaining that release.

Build queues for various architectures are not yet up, so only a Debian sarge binary is available for those with binary maintenance contracts.

Friday, July 07, 2006

Thoughts on the patent system

You might know that there is a standardization effort on the syslog protocol in the IETF. The work has started several years ago and the efforts produced RFC3164, the first documentation of the BSD syslog protocol after being in use for over two decades.

This group also produced RFC3195 in 2001, a reliable syslog protocol using the BEEP framework which did not really take of. I personally did not implement this in syslog-ng due to its highly verbose nature and the complexity which BEEP brings in.

Couple of months ago an effort started to create a simpler, but still reliable syslog protocol somewhat similar to what syslog-ng has been using for a couple of years now. First some layering was decided, e.g. to define the syslog protocol in a transport independent manner and then define various transports, like legacy UDP and TLS encrypted TCP.

After syslog-transport-udp was written by Rainer Gerhards, work has started on the TLS encrypted transport and someone from Huawei (you know the Chinese Cisco clone) volunteered to write the draft, which he did with the help of other group members. Basically the contents of the ID represented consensus (a rare event in the syslog group) and was heavily based on the previous years' work.

The ID was published and we were finally approaching a standardized syslog over TCP protocol, everything was nice and dandy.

Except that a few weeks later Huawei published a patent claim on the contents of the published ID, they basically said that they have a not-yet-published patent pending which covers at least parts of the ID. It is yet to be determined which sections of the internet draft is affected, but as far as I know it takes several months till this information is going to be available.

So what now? Basically I don't know, some prior art is certainly available, I personally found articles describing the combination of syslog-ng TCP transport and stunnel. Even if the patent will not be granted, the work of the working group is endangered by patent threat.

Did I mention already that I don't like US style patents? I'm happy to live in Europe, we are still not affected,
assuming that syslog-ng is developed and used within Europe. In the US, even end-users can be threatened if they use a product that uses protected technology and which does not license the patent.

I need to make a difficult decision:
  • avoid using the recent work of the working group and fall back to using an updated version of RFC3195, OR
  • don't care about the IPR claim Huawei has published in the hope that the patent will not be granted.
How would you decide?