Hi,
Thanks for the response.
I don't know whether I am in a severe minority on this particular
position, and hope that my arguments do not come across as a DOS
attack. At a certain point I will accept that rough consensus has
passed this concern by.
To start, I must admit I have trouble equating an individual or
community's disagreement with a decision to a DOS attack, though I do
know how disconcerting and distracting an insistent complaint can be.
I just don't see equating people's concerns with maliciously motivated
attacks, no matter how persistent or obnoxious.
I also have no problem believing that the better option in any such
disagreement would be to respond early and with due diligence with a
public response (accountable and transparent) as opposed to just
deleting it because it appears frivolous. I think we need to be very
careful in defining an objection as frivolous before having given it
due diligence. But once having reviewed an issue and publishing a
response, then there would be no reason to re-review, thus avoiding an
effect similar to that from a DOS attack. I think this differs from
the case of a discussion in a WG since that is an intentional and
ongoing exchange of ideas, and traction is often difficult to gauge on
a WG list where the majority remains silent.
I also think that history has shown us that appeals are relatively rare
and generally not frivolous. It is for this reason that I advocate
extending the current model of appeal, with the caveats about not
voiding contracts etc, to the IAD and IAOC. I think creating the
procedure to avoid so called 'DOS attacks' is, in effect, fighting a
problem we do not have.
a.
On 13 jan 2005, at 13.19, John C Klensin wrote:
--On Thursday, 13 January, 2005 12:06 -0500 avri(_at_)psg(_dot_)com wrote:
Hi,
Either I don't understand it or I don't agree. I allow that I
don't understand it.
Since the model is partially my fault, let me try to explain.
In the first paragraph it seem like anyone can ask for a
decision to be reviewed.
And a sensible IAOC will initiate reviews after any
well-reasoned and sensible request, especially one that contains
information they didn't consider and should have. If they
regularly don't, they should be fired.
In subsequent paragraphs it appears that anyone is limited to
IAOC, IAB and IESG members because no one is required to
review the questions of anyone other then those in an I*. And
while someone can ask for help from the IAB/IESG when their
question is ignored, I don't understand why the level of
indirection. I think that anyone in the community should be
able to go to the IAOC with an issue.
I, Scott, and probably others are very concerned about denial of
service attacks on the IAOC. We have all seen instances (even
on the IETF and IPR list in the last few weeks) in which
determined people will post small variations on the same
complaints over and over again, never noticing that they aren't
getting any traction in the community. If the IAOC is required
to respond to every similar note with a formal review, it can
almost be guaranteed that they will get nothing else done.
One way to deal with the problem would be to say "no one gets to
talk to the IAOC other than the IAB or IESG". That impresses me
as fairly bad news for several reasons. So I tried to strike a
compromise that says:
(1) The IAB and IESG get to initiate requests for
review and insist that the IAOC respond.
(2) Any member of the community can initiate a request
for review. The IAOC gets to decide whether to respond
or to hit "delete". It isn't explicit in the document,
and I don't think it should be, but an IAOC that blows
off all such requests without any good reason should be
headed for retirement.
(3) If the community member doesn't get the expected
review, he or she gets to mount a mini-appeal to see if
the IESG or IAB can be convinced to endorse the question
and demand a review. If the IESG or IAB blows off those
requests unreasonably, _they_ ought to be headed for
retirement, using normal mechanisms.
The text seems consistent with that. If you can suggest better
text, I'm sure the editors would be interested.
I also think it is a work overload issue. In a sense the IAOC
is being created to offload the administrative issues from the
IAB/IESG. So why buffer them from the public's problems?
I would suggest that if "the public" has a legitimate problem
that the IAOC refuses to address after input and a request from
"the public", then the IETF has a problem and the IAB and IESG
should be aware of it.
I think the IAOC should be required to respond to a request
for review from the IETf community without requiring IAB or
IESG intervention.
As I said, the concern is about denial of service attacks. One
could, of course, eliminate or reduce that problem by setting up
some procedure requiring that the IAOC respond to a community
request endorsed by at least some minimum number of people (>>
1). But that seemed more complicated than it was worth: I'd
rather say to the IAOC "if you blow off substantive and
constructive requests for review from community members, we will
blow you off" and just stop there.
john
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf