In message <20050809204911(_dot_)GA10575(_at_)thunk(_dot_)org>, "Theodore Ts'o"
writes:
On Tue, Aug 09, 2005 at 03:41:42PM -0500, Spencer Dawkins wrote:
Hi, Ted,
(offlist) - the current NOMCOM chair posted to the IETF list that for
two AD positions this cycle, there were only two candidates, and for a
third position, there were only three.
Are you saying that we may not be able to get even that many candidates
who are willing to serve, if we ask ADs to provide project management?
If we forbid AD's from making any technical contributions, but to only
serve as process managers and as project managers and nothing more
than that? Yeah, I would be concerned about whether we would be able
to find people willing to volunteer to do nothing but that.
I can guarantee that if my primary responsibility when I was Security
AD was process and project management, there's no way I'd ever have
taken the position. Rather, I was willing to serve because it was a
way in which I could have more leverage as a security specialist.
I should add that an AD has to walk a very fine line in making
technical contributions; such contributions are often taken as having
far greater weight than they should, because of the obvious possibility
of a DISCUSS later on. Every AD knows this, of course -- how often
have you seen a comment prefaced by "AD hat off" or equivalent?
Let me give a concrete example. At one point in the development of
AAA, there was a lot of discussion about the need for proxies. Now,
from a security perspective I think proxies are a bad idea, for reasons
I outlined in my plenary talk. But I had to be very circumspect in how
I said this in the WG -- the issue was by no means clear-cut enough
that I felt entitled to force the issue with the threat, implicit or
explicit, of a DISCUSS.
--Steven M. Bellovin, http://www.cs.columbia.edu/~smb
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf