Hi.
Scott Brim is doing the main (gen-art) review of this document but I
started so here is my twopennorth...
I have come to this with relatively fresh eyes since I have stayed out of
the governance discussions since my work on the problem WG a while back and
have only just started following this work again in the last couple of
weeks. So pardon me if I am reopening old discussions inappropriately
(somebody will doubtless tell me!)
Some thoughts:
S1, para 3: s/Such support includes/The support for current work includes/
S1, Para 3:
The IASA is also ultimately responsible for the financial
activities associated with IETF administrative support such as
collecting IETF meeting fees, paying invoices, managing budgets and
financial accounts, and so forth.
Given that IETF/IASA is operating as some sort of subsidiary of ISOC, I'm
not sure that IASA can be ultimately responsible for
anything. s/ultimately/day-to-day/ or some such?
S1, para 4: 'and met well' ? Nice thought but what does it *actually* mean?
S2.2: I know that US data protection laws and practices are not as well
developed as European ones, but I think there ought to be some duty to
protect the data and generate a suitable privacy policy, as well as keep it
available. (Item 7).
S2.2: Should the IASA be responsible for ensuring that the IETF (especially
if it is run as a subsidiary) fulfils its legal and regulatory
responsibilities? It certainly needs to maintain any records that might be
needed for such purposes beyond just financial matters. I am not expert in
US company law but I am sure there must be *some* things they would need to do.
S3, para 3 (also S3.2): Is it a matter of being mealy mouthed, or does the
IAOC sub-committee (effectively) not have firing as well as hiring powers
over the IAD?
S3.1, para 3: This para states that signing powers will be delegated to the
IAD up to some specified limit. Who has signing powers beyond this? This
is just part of a much wider point about the actual powers of the IETF/IAOC
and the relationship with ISOC which I will discuss at the end of these notes.
S3.1: I think this whole section should be much clearer about exactly what
powers are delegated to the IAD to make commitments, as opposed to just
negotiating: ISOC executes the contracts but the IAD will want to know
that ISOC is a rubber stamp/back stop for this process and is not going to
start second guessing him if he operates within the parameters set for
him. This is related to the long discussion on Issue 739. There is also
the potential for dispute between IAOC and IAD/ISOC which is not really
addressed.
s3.4: It would be nice to see a requirement that minutes were published in
a set period or at least in a timely fashion after meetings, rather than
just regularly.
s4:
While there are no hard rules regarding how the IAB and the IESG
should select members of the IAOC, such appointees need not be
current IAB or IESG members (and probably should not be, if only to
avoid overloading the existing leadership). The IAB and IESG should
choose people with some knowledge of contracts and financial
procedures, who are familiar with the administrative support needs of
the IAB, the IESG, or the IETF standards process. The IAB and IESG
should follow a fairly open process for these selections, perhaps
with an open call for nominations or a period of public comment on
the candidates. The procedure for IAB selection of ISOC Board of
Trustees [RFC3677] might be a good model for how this could work.
After the IETF gains some experience with IAOC selection, these
selection mechanisms should be documented more formally.
Given the comments in S3, para 1, should the appointees by 'regular
members' of the IETF (i.e., people with a good track record of attending
IETF meetings) as with NomCom members are their appointees?
So much for the nits:
There has been a considerable amount of discussion both earlier on Scenario
C and after Pete Resnick's Issue 739 about the 'new' IETF's dependence on
the ongoing good will of the ISOC BoT. I understand that this document is
intended, in some sense, to represent the best deal we can achieve in
retaining a degree of independence from ISOC whilst relying on the
financial clout and legal status of ISOC. I think some of the items I
highlighted above provide areas where this rather fragile independence
could be further eroded if they remain as they are currently. The exact
degree of delegation of powers to the IAD, whether the IAOC has really any
say in firing an IAD and where signature powers lie in matters beyond the
limit delegated to the IAD are all critical to this and need to be
addressed explicitly IMO. The issue of whether there is anything further
that could be done to provide a dispute resolution process if the IAOC or
the IETF as a whole cannot agree with ISOC's approach and yet people do not
want to start divorce proceeding remains FFS.
Can I finally remind people that although the legalistic stuff is being
carried out under US law (or so I take it), the IETF aspires to be an
International body, and sensitivities vary, especially on things like data
protection!
Regards,
Elwyn
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf