ietf
[Top] [All Lists]

gen-art: (Extra) Review of draft-ietf-iasa-bcp-04.txt

2005-01-20 09:34:02
Hi.

Scott Brim is doing the main (gen-art) review of this document but I started so here is my twopennorth...

I have come to this with relatively fresh eyes since I have stayed out of the governance discussions since my work on the problem WG a while back and have only just started following this work again in the last couple of weeks. So pardon me if I am reopening old discussions inappropriately (somebody will doubtless tell me!)

Some thoughts:
S1, para 3: s/Such support includes/The support for current work includes/

S1, Para 3:
The IASA is also ultimately responsible for the financial
   activities associated with IETF administrative support such as
   collecting IETF meeting fees, paying invoices, managing budgets and
   financial accounts, and so forth.

Given that IETF/IASA is operating as some sort of subsidiary of ISOC, I'm not sure that IASA can be ultimately responsible for anything. s/ultimately/day-to-day/ or some such?

S1, para 4: 'and met well' ? Nice thought but what does it *actually* mean?

S2.2: I know that US data protection laws and practices are not as well developed as European ones, but I think there ought to be some duty to protect the data and generate a suitable privacy policy, as well as keep it available. (Item 7).

S2.2: Should the IASA be responsible for ensuring that the IETF (especially if it is run as a subsidiary) fulfils its legal and regulatory responsibilities? It certainly needs to maintain any records that might be needed for such purposes beyond just financial matters. I am not expert in US company law but I am sure there must be *some* things they would need to do.

S3, para 3 (also S3.2): Is it a matter of being mealy mouthed, or does the IAOC sub-committee (effectively) not have firing as well as hiring powers over the IAD?

S3.1, para 3: This para states that signing powers will be delegated to the IAD up to some specified limit. Who has signing powers beyond this? This is just part of a much wider point about the actual powers of the IETF/IAOC and the relationship with ISOC which I will discuss at the end of these notes.

S3.1: I think this whole section should be much clearer about exactly what powers are delegated to the IAD to make commitments, as opposed to just negotiating: ISOC executes the contracts but the IAD will want to know that ISOC is a rubber stamp/back stop for this process and is not going to start second guessing him if he operates within the parameters set for him. This is related to the long discussion on Issue 739. There is also the potential for dispute between IAOC and IAD/ISOC which is not really addressed.

s3.4: It would be nice to see a requirement that minutes were published in a set period or at least in a timely fashion after meetings, rather than just regularly.

s4:
   While there are no hard rules regarding how the IAB and the IESG
   should select members of the IAOC, such appointees need not be
   current IAB or IESG members (and probably should not be, if only to
   avoid overloading the existing leadership).  The IAB and IESG should
   choose people with some knowledge of contracts and financial
   procedures, who are familiar with the administrative support needs of
   the IAB, the IESG, or the IETF standards process.  The IAB and IESG
   should follow a fairly open process for these selections, perhaps
   with an open call for nominations or a period of public comment on
   the candidates.  The procedure for IAB selection of ISOC Board of
   Trustees [RFC3677] might be a good model for how this could work.
   After the IETF gains some experience with IAOC selection, these
   selection mechanisms should be documented more formally.

Given the comments in S3, para 1, should the appointees by 'regular members' of the IETF (i.e., people with a good track record of attending IETF meetings) as with NomCom members are their appointees?


So much for the nits:
There has been a considerable amount of discussion both earlier on Scenario C and after Pete Resnick's Issue 739 about the 'new' IETF's dependence on the ongoing good will of the ISOC BoT. I understand that this document is intended, in some sense, to represent the best deal we can achieve in retaining a degree of independence from ISOC whilst relying on the financial clout and legal status of ISOC. I think some of the items I highlighted above provide areas where this rather fragile independence could be further eroded if they remain as they are currently. The exact degree of delegation of powers to the IAD, whether the IAOC has really any say in firing an IAD and where signature powers lie in matters beyond the limit delegated to the IAD are all critical to this and need to be addressed explicitly IMO. The issue of whether there is anything further that could be done to provide a dispute resolution process if the IAOC or the IETF as a whole cannot agree with ISOC's approach and yet people do not want to start divorce proceeding remains FFS.

Can I finally remind people that although the legalistic stuff is being carried out under US law (or so I take it), the IETF aspires to be an International body, and sensitivities vary, especially on things like data protection!

Regards,
Elwyn


_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf


<Prev in Thread] Current Thread [Next in Thread>