How is any of this relevant to an EXPERIMENT ???
Ole J. Jacobsen
Editor and Publisher, The Internet Protocol Journal
Tel: +1 408-527-8972 Mobile: +1 415-370-4628
E-mail: ole(_at_)cisco(_dot_)com URL: http://www.cisco.com/ipj
On Sun, 13 Sep 2009, Dean Willis wrote:
On Sep 12, 2009, at 2:31 PM, Doug Ewell wrote:
Ole Jacobsen <ole at cisco dot com> wrote:
I am also not sure what value there is in knowing that 3478273983421 spent
10 minutes in trill and then moved on to behave (pun intended).
To amplify, I'm not sure why the security risks of being tracked while
attending these meetings are considered so much greater than the risks of
posting messages on mailing lists, signed with one's real name, and having
those messages archived for years on publicly accessible Web sites.
Well, I for one don't want people to know that I'm actually showing up for the
first ten minutes of each meeting I chair, replacing myself with an inflatable
dummy, and then going off to the bar. It would be revealing that I'm too
stupid to remove my RFID tag and attach it to the dummy, and that would be a
blow to my professional credibility.
Seriously, it does have major implications for intellectual property lawsuits.
Let's say JoeBob attends a meeting of the FRILL working group, then goes home
to patent a nifty new innovation in FRILL, which is then bought for $1 by a
patent troll when JoeBob's company goes broke because his board of directors
blew their investment capital on stocking their break room with headcheese.
Said patent troll then sues some defendant, whose legal team later notices
that said FRILL-enhancement had been discussed at IETF 211 while JoeBob, the
inventor, was in the room, thereby invalidating the patent (and making JoeBob
look like a doofus).
Okay, so that's not an example with too many negatives, unless JoeBob decides
to sue us for making him look like a doofus.
Now let's presume that some people remember (and that some other people don't
remember) JoeBob being in the room during the discussion, but IETF"s RFID
tracker log shows that JoeBob was hanging out with me in the bar. Does IETF's
failure to maintain the record that invalidates the patent make us liable to
Or worse yet, IETF can't produce the RFID logs in response to a court order,
because somebody goofed and deleted them. Was this a conspiracy to protect the
patent troll? Who got bribed to make it happen? How many hundreds of thousands
of euros we would like to spend on the paperwork related to the various
discovery motions we might have to endure?
In other words, any retained information increases liability, both for the
accuracy of the retained information and for the preservation of the retained
information. That's why we must both have a policy about how that information
is obtained and preserved, and we must live up to that policy, whatever it
Of course, the easiest policy is to retain no information. But even that has
its consequences. For example, is deliberate ignorance consistent with
industry best-practices? How does this interact with the Sarbanes-Oxley
requirements of our sponsors? And why would a startup company stock its break
room with headcheese anyhow?
Ietf mailing list
Ietf mailing list