I usually would not take the time to respond to obviously flawed and
erroneous statements.
Well, I do appreciate you finally responding, most of us thought you would
not
and let it die which might actually have been better for you and for the list.
Note though, that I never post "obviously flowed and erroneous" statements.
And I also clearly said in the subject and in several other places that
this was my opinion and nothing more.
However, for the sake of persons on this list that do
not know the details, I will spend just a few minutes stating the truth
here. As stated by Vernon Schryver: "I must observe that some of the
strongest condemnations in the list of whatever happened at the meeting came
from people who have made the some of the less well founded contributions to
the mailing list. From here I can't tell what happened, but I wonder if
sour grape sentiments from some people about their favorite solutions not
being adopted by acclamation colored other people's perceptions and so
reports of the meeting." Based on this and other responses, I fear that
without some clarity, others will continue to be confused by the few
radical, negative opinions that have been voiced. There were over 200
attendees and based on the positive feedback that I have heard, I do not
believe that the couple of negative opinions is an accurate reflection of
the thoughts of the attendees.
And based on my personal observations and talking to dozen attendies in
person and more by email and even more that expressed their opinion on
this list, everybody thought the meeting did not go that well. The opinion
have been in range fom "very bad" to "some problems", none have said it was
"good". So if you put it on scale bad - neutral - good, what I have seen
in regards to how meeting happened ranged from bad to neutral but never
above that. I believe that the persons who have seen the meeting as good
would not be the persons associated with IETF.
William, I am sorry that you are so upset that you were not able to present
at the meeting; however, that should not drive you to making clearly false
accusations about the meeting.
While I might have been upset about not being able to make presentation,
after seeing what happened I'm now actually quite happy about that fact,
since people who I wanted to present it to all left by the time we got to
technical presentations. I believe my sentiment is shared even by those
who did make a presentation, most would prefer to do be able to do it
again and in another format of the meeting!
But my opinion about the meeting is irregardless of my presentation and
would have been exactly the same (or even worse) if I did make it. It is
based on actual presentations that were made and how meeting turned out,
not on those that were not made!
I'm sorry if you see me as making any accusations especially considering
that you say that I'm making "clearly false" accusations, which in my view
is "clearly" not the case. (note: clearly and false is left to be defined
by the person reading the message for both your email and mine). Everything I
said is exactly my view on what happened and I'm not about to take
anything back.
I sent a call for agenda items to the list on March 10th. There were a few
volunteers. I spoke with each of them and by March 12th each was able to
explain to me what they wished to present. For some reason, you were not
able to provide a clear explanation of what you wished to present until 3
days before the meeting on Monday March 17th;
The above answer statement in my view is "clearly false" (see defintion on
these words above) and also not inline with the facts I've available.
As for the facts, I sent you answer that I wish to send a presentation on
March 11th. If something I said was not clear enough for you, you
obviously had an option to respond to my email or ask for phone# to talk
to me, you decided to opt out and not send any answer at all.
The only reply (two lines, to provide more details about presentation) from
you I received was on March 17th. It read "William, I'm working on putting
the agenda together. Can you be more specific about what you would want
to cover". The date is listed in my inbox as "Mon, 17 Mar 2003 03:57:41 -0500"
There were no other attempts to contact me before 17th and clearly agenda
was not even prepared before then.
"I'v[e] not 100% decided if I'll be able to attend". At this point, the
agenda was being finalized. Then suddenly two days before the meeting you
request a slot on the agenda.
And the same email also said "I'll decide by tomorrow if I go or not". I
was going to think about it and send you additional email but wanted to
answer your question on what I'd be presenting since I considered that to
be most important and not to be delayed. And indeed by the next day I sent
an additional email that said "I'm attending IETF after all, so I'll be at
asrg session."
Afterwards you claim that you have not received my email (you would
have seen it on Tuesday March 18th), but on the same day there were
messages in asrg to which I've responded which clearly show that I've
made a decision and was attending and as I was indicating in previous
email that my answer on if I'm attending or not would be send to you
be well known by Tuesday, this also should have been a good indication
that you might have missed my email if that is indeed what happened as
you claim.
In fact you main basis on why my presentation is not included when I
finally talked to you in person on Wednesday (and I was waiting to talk to
you on Tuesday night, but you did not show up) was that you did not
receive that email. I do understand that some people are really busy with
email and have lots of them (I for one have > 150,000 emails in my inbox)
but the above description puts that fact in doubt. But I might have been
content with your answer if all presentations made good and on topic, but
I was very concerned when I saw the agenda (finally posted to the list on
Wednesday, but that time I already had slides for presentations prepared
and sent them to you!) being dominated by commercial-oriented companies,
and I'v made my opinion known to you privately when I finally had a chance
to talk to you. After the fact and seeing the meeting in realtime
I'm sure my concerns were exactly right which made me somehat worried
about what system was used to determine what is to be presented - that is
what I've indicated in my email to the list.
And Paul, do note that all facts regarding my presentation being accepted
or not and how are all in my favor and generally not point to me doing
anything wrong. I suggest you withdraw from the discussion and just admit
that as group chair you made a decision on what presentations would be
included based on your view on what presentions should be included
in the meeting. As a group chair you have full right to make these
decisions and I'm not disputing this.
Please see my comments inline.
-----Original Message-----
From: william(_at_)elan(_dot_)net [mailto:william(_at_)elan(_dot_)net]
Sent: Thursday, March 20, 2003 5:13 PM
To: asrg(_at_)ietf(_dot_)org
Subject: [Asrg] My Opinion regarding ietf asrg session (it
went badly!)
Also it can be noted that AT&T presented technology
on which
they have some patents and IETF has very clear guidelines
that this is
dscoraged to say the least and group chairs should when two solutions
exist (one patented, one not) always choose non-patented
solution, same
applies for presentations, this should have been screened and
patent-related presentation made available if nothing else
similar exist.
As stated in Vern Paxson's email: "the IRTF does not have an expressed IPR
policy, though it appears one needs to be developed. I picture such a
policy requiring that, for any technology discussed within RGs that has
related IPR, that the presence of the possible IPR be disclosed; but not
beyond that. The AT&T presentation would be in compliance with such a
policy."
Clearly my problem was that since I've never worked at IRTF group before,
some policies here were not known to me and due to irtf website being
undeveloped right now it would have been hard for me to find this and I'v
assumed that most that is true for IETF is true for IETF (except that
IETF works on standards and clear pre-defined goal on what protocol or
similar would be and IRTF "researches the issue" to decided futher steps but
can not actually provide any stadards).
As to the issues with IPR, I'v already posted separate email today what I
think we should do in this regard. And questions about IPR were raised
before on the list also before and never got any official response from you
or anybody else.
Also have to be noted that most presentations on the live
meeting were by
persons who did not try to participate at the mailing list
and are completely unknown to us
Unknown to whom? There a number of people that you may not know that have a
unique understanding of spam. Who is it that you don't know? John Morris?
Jon Praed? Philip Hallam-Baker? Balachander Krishnamurthy?
Its kind of funny when you say that since when talking to you day before
the presentation I made it clear I actually know most of the mentioned people
(I may not remember everyone personally, but I know the organizations) and
can imagine what they would present based on presentations done for other
events and I was not seriously wrong.
As to exactly what I said is that these people are uknown to people on
ASRG mail list as they did not participate here. Obviously as the
persons listed are experts in spam (which I do not doubt) it would be of
most interest for us to have them participate here, but it was not the
case and as such it was clearly their choice on how much involvement with
this group they want. At least it would have been appropriate for them to
introduce themselve to the list before the meeting and the agenda was
posted.
and this is also against
general policies for IETF and IRTF
as first what are supposed to be presented are work done as
part of mailing list efforts (i.e. general work area) usually
by people who are most active on the list and only afterwards
at the very end are there allowed presentations by other
organizations with similar interest or work area (and those
presentations should be carefully chose to minimize
commercial views).
As you know, I sent a call for agenda items. Everyone that responded and had
something to talk about was accepted.
I'v no way to confirm that except by your words, but have some facts
indicating this is not so.
Commercial views were very minimized if not non-existent.
I'v different view of this as from what I saw every organization was
presenting what is important to them. The word "commercial" may not be the
most approriate here as for example legal presentation is not commercial
but basicly nothing presentated was research-group approved, you did
presentation of general anti-spam conference that tries to describe how
hard situation is and what are the view of various organizations (such as
legit mass mailers, legal, goverment, etc). And nothing of this was really
"research" just their view on the matter at hand.
But all tech presentations were for "commercialized" solutions, i.e.
certificates, stamps, etc. often involving patents and so on. I'v personally
(again repeat personally) do not like solutions that are like that.
There were a number of commercial entities in the room
that talked about the problem and not about a product. Again, these may be
people that you don't personally know, but they are very familiar with the
problem. For example, Scott Banister from IronPort, Dick Hardt from
ActiveState, Ken Schneider from BrightMail, Karl Jacob from CloudMark, and
me and others from CipherTrust.
Most companies mentioned (including yours) make anti-spam solutions based
on filtering on the client end and I recorgine your contributions in this
area, however the reasons for ASRG is to find end-end solution that would
as most agree involve some kind of change in communication system that
involves both source and destination and change so that spam is not sent.
These solutions might possibly in the future remove need for destination
filtering or replace it with something else (though I suspect this will
have to be used anyway no matter how well we're able to protect improper
communication from happening) and may cause actions solutions that
diminish need for such solutions that you currently make. But I seriously
do not think this is a problem, as most people involved in anti-spam
companies are real really really against spam and the reasons why they got
involved in the first place, so it may very well be true that all of you
are quite capable of going against your own business if it means eliminating
spam! But again as I said, most of these commercial solutions are for
anti-spam filtering on client end, and while this is important, it is not
main issue of what we're talking on the list and as solutions are often
quite similar only one of these "filtering" presentations should be made
(this is for the future...) and best by somebody who're somewhat outside
and can give overview of not just what one company does but several.
However that people in the above companies have such personal views of
spam unfortunetly might have caused an counter-effect and seriously
prolong the meeting by having everyone engaged in the discussion instead
of trying to stay on agenda which did not provide any time for discussions.
That you knew these people personally only made things worse as you were
not ready to say no to them and stop the discussions.
This is probably something to remember for the future - either provide
time (5min) for discussion after each presentation of do not allow for any
discusssions and be strong on this point. I'd opt for 5 min personally,
just add to agenda next time its done.
There was absolutely no mention of these
products or any proprietary technology from any of these companies. These
are people that are at the meeting to participate in a research group
focused on the problem of spam. BTW, you might want to think about the
amount of spam that is stopped daily by these companies.
And I might think about that amount of spamming getting through is rising
as technologies used by spammers become more complex and filtering on
content no longer works all that well. We must focus on technologies that
eliminate spam from the source if possible.
Not to promote any
of these particular technologies, but my point is that we are quite familiar
with the problem and the state-of-the-art and we gather here to move forward
with better answers to the problem.
In short, like I said in previous email - the presentations were all
opinions of particular organizations and all commercial (even
spamcon is
really what I call "commercial" non-profit foundation, as
apposed to say
CAUSE) and were not individual submission as is supposed to
be done at
IETF and IRTF. As a result engineers who were attending IETF probably
got negative view of our group and our efforts.
These were presentations by individuals. The fact that many of the people
that have much to say about spam are affiliated with spam-focused
organizations is not a surprise.
Most spam-focused companies are really the work of several very dedicated
individuals for each organization, I fully recorgnize that. However if
you're familiar with IETF you'll undetand what I mean when I say there is
a difference between individual presenting something and organizations
presenting something and all presentations were clearly organization views
be those organizations mass-mailers, legal, etc.
The only
thing I can think
of why chair did something like that would have been to get
media exposure, I'm sure media not be research or engineering
centric would not see
serious downsides that I have noticed. Now I'n not against additional
media exposure, but I do not believe we're at the point where this is
really needed, what we need are people serious about working
on technical
solutions and media will provide information about our group
to general
user audience that would only bring more noise.
I tapped resources to provide background discussion and different views of
the problem as input to our research group work. This included a view from
the frontline, a view from mass mailers, a view related to endusers and a
view of the relationship between spam legislation and spam technology. Each
of these individuals was highly qualified and very informative. There were
remarks about the scientific merit of some of the stats in the first talk.
However, beyond that the audience was captivated by the information that was
being dispersed.
In part because you'v spent serious time promoting this group in the media
which caused number of people in the audience for whom this was "facinating"
as well as even more people from the media. Anybody who has seen the
list of all the media articles about ASRG which you saw kindly collected at
http://www.ciphertrust.com/press/news/index.htm would understand what I mean.
As I explained, this was the inaugural meeting of the
research group that was started just three weeks ago.
As I mentione below, I think there should not have been life meeting so
soon after group start.
I felt that we needed
to consume some background information before we dive into the technical
details of our work. This session of the meeting including all four of these
talks was scheduled for 45 minutes; that is less than 1/3 of the scheduled
meeting time. Yes, it went over this time due to lengthy Q&A, speakers
overrunning their slots, and the chair not being extremely stringent on time
requirements. If you want to point out any of those last three things, those
are valid points. However, scheduling 1/3 of an inaugural meeting to focus
on background and relevant views of the area is acceptable and necessary.
Indeed I mentioned all of the above. And 1/3 of the time would be ok, but
we saw what happened... I think for next time considering asking IETF to
schedule this in two sessions (purely "informational" and purely technical
- solutions) and not only that but consider making these sessions on
separate days and last session in a day so that we could stay longer.
I received many more positive comments after the meeting than I did negative
comments from the few people on this list with other ideas about how the
meeting should have been run.
I'd be surprised if these comments came from people on the mailing list or
otherwise engaged in IETF work.
There were opportunties to bash the agenda
when it was sent to the list as well as the official agenda bashing portion
of the meeting.
This I disagree with you entirely. Agenda was presented 1 day before the
meeting. On IETF groups I'm in agenda was presented week or two before the
actual meeting. There was absolutly no opportunity to "bash" the agenda on
the meeting or on the list.
No such comments were made at either point.
There were made privately to you by several people who were on the list
when they saw the agenda.
So, I appreciate
the fact that some of you have 20/20 hindsight, but I would be more
impressed with useful contributions.
In the future meetings done in connection with IETF (are we
meeting in
Vienna?) if we're going to have so many non-technical discussions, I
would strongly recommend separting into two sessions, one for this
general/media-centric and one for actual engineers to work on
technical
issues that we may have.
I do hope chair takes my comments seriously!
He really did a bad job today chosing what is to be presented
(i'm sure he
had multiple options),
As stated above, there were not as many options as you assumed. Everyone
that had a technical solution to discuss (that made this known more than 2
days before the meeting) was allowed to present.
You know as well as I do that is not true, in fact in your own email you
already admitted as much. And on the list we'v seen many other proposed
solutions too, I'v hard time believing nobody was read to prepare a
presentation for the meeting.
keeping discussions short (so that
there was time
for additional presentations)
or in general being prepared
for this life
meeting (remember agenda is supposed to be reviewed by mail
list and be
announced well before the actual meeting, that is just one example).
RFC 2014 states that a draft agenda must be published to the list well in
advance of the meeting.
So do it this way next time, please!
Your comment about not being prepared is amusing.
This group was chartered the last week in February. Within three weeks, the
group was announced, mailing list started, work items identified, iterated
through drafts of certain work items, meeting during IETF was requested,
granted, and scheduled, agenda planned and confirmed, and meeting held.
I completely agree with you that there was not enough time. My option in
this case would have been to delay first meeting to the next IETF
conference when we were more ready.
Personally, I am content with the progress thus far. Understand that the
research group is three weeks old. Obviously, we will not solve the problem
in the first three weeks. But, we have made some progress and will continue
to make good strides. Just as I tried to explain to you this week, RFC 2014
also states that "A Research Group will conduct much of its business via its
electronic mail distribution list(s)." The way that we will continue to make
progress is from individual contributions. If you are sincerely interested
in helping to solve this problem, then please contribute work and ideas
rather than simply negative opinions. You sent a note to the group about
email address verification on March 12th stating that more detail will be
provided in the next couple of days. More detail was never sent.
Actually if you'v really read my email you'd see that I said that more
details on callback would be sent later (not on verification!), my notes
on verification were almost fully published (see below) I apologize for
not sending notes on callback before and will do so by the end of this week.
As for more details on verification, it was in the presentation which I
made available. The particular details not mentioned before are
to use message tracking protocol for these purposes. I'm now working on
the draft (actually more then one) when draft is ready I'll post it. But
actual details are already made available and if you have questions how
it would work as far as general overview, please feel free to read
presentation and previous notes and ask me questions.
I look forward to seeing some actual contributions from you.
You will. And so I hope as well to see contributions and solutions from
you as well, which beyond the taximony you'v not done and have not actively
participated in the list that much.
---------------------------------------------------------------------------
Trying to continue this debate on the personal scale like this between us
is useless - I'm certain we'll not be able to effect each other's opinion
about what happened with the first meeting and if it was good or bad and
for others if they have been on the meeting they also have their own
opinion and those who were not can not properly accertain it just from our
words along. I do, however, hope you took critisicim properly, but we'll
only know it on the next meeting.
And I personally will not remember personal problems for long (I can
"heat up" very quickly but just as much it does not stay within me
long) and I do not let it to effect my judgement. Plus, I'v a lot more
interest in seeing a solution to spam problem then having some personal
battle with you or anybody else. So, I'd like us to cool our heads, take
step back, relax and be prepared to work for the future.
And the most constructive step to this I'v seen today with introduction of
"ASRG work items", lets hope others follow it and the list actually
becomes productive and not as much "rant" as this email.
And do note that I'll not reply to any other email on this thread, I'v said
more then enough, especially considering that this was after all my opinion.
----
William Leibzon
Elan Communications Inc.
william(_at_)elan(_dot_)net