-----Original Message-----
From: Bill Strahm [mailto:bill(_at_)strahm(_dot_)net]
Sent: Saturday, September 16, 2006 3:00 PM
To: todd glassey
Cc: chair(_at_)ietf(_dot_)org; Contreras, Jorge; ietf(_at_)ietf(_dot_)org
Subject: Re: Flaw in the design of NoteWell makes Notewell Not Well.
I don't know about the rest of you - but my sponsor tells me
to participate and gives me the right to abide by the Note Well.
This is a simple thing for most sponsors to do - so this
whole analysis is based on a participant that is working
without their sponsors knowledge.
Now I am officially done feeding the trolls Bill todd glassey wrote:
By the way all and Jorge, you should take this as a formal
challenge
to refute - I don't think you can. I found what I think is
a massive
flaw (AKA a "Catch 22") in NoteWell as to how it applies to
corporate
participants ad unfortunately, I think it means that the IETF's
processes IP induction process need to be shut down until
NOTEWELL can
be formally fixed since it by my take its broken and
solicits fraud's
in a large number of the IP's it claims "it owns based" on
email submissions.
This email constitutes formal notice
--------------------------
If Jorge, the IETF's Advisory or General Counsel as a licensed
attorney wants to pop up and formally for the record say
this analysis
of the NoteWell Process ISN'T TRUE then the rest of this
post can be
ignored, BUT otherwise this memo constitutes a formal notice of my
concerns about the IETF's Participation Agreement. A very complex
contract spread across numerous documents which I characterize as
"unenforceable based on numerous frauds it forces
Participants who are
using their Company Email services and the ownership of the IP
submitted, which must be represented to it through its design";
So Jorge please formally advise your client as to whether
this is true
or not, and instruct them appropriately. I.e. If this post
is accurate
and these concerns are real then please instruct your client to
immediately cease any NoteWell type assignment's to the IETF until
this matter is resolved. By the way this also eliminates any
submissions to the Editor too for the same reasons through
Corporate
Email Gateway's,
Let me explain:
Corporate Entities and their AUP's
--------------------------
Corporate Entities who are public or constrained by civil
'standard of care'
laws like SOX or other legislation generally all have a
formal HR rule
that each and every employee signs an IT AUP agreement. Think back
folks - did you sign one of these? The reason is that usually these
AUP's contain an Email specific agreement that says "that
the Company
owns any and all emails emanating through their email system" & you
folks who are sponsored by some third party who is
constrained under
commercial law all probably signed one of these.
The AUP you signed
-----------------------------
If you did, I suggest that you READ IT CAREFULLY. If the
AUP says the
company/entity owns all the IP that flows through its email gateway
then YOU cannot legally speaking assign those rights to the
IETF since
YOU DONT OWN THEM. That means without specific agreements
between the
Your Sponsor, a Public Entity, and the IETF, as well as an
amended AUP
between you as an Employee and your Employer, you (the Employee)
should not be posting from the Work address/domain or system. That
also means that without some specific agreement between the
Employer
and the IETF there can be no transfer of IP rights into the IETF.
The IETF's faking this by creating boilerplate which claims
that you
also must represent to the IETF that you have these legal
capabilities
is also an inducement to commit fraud IMHO since it is very likely
that any and all management of the IETF signed one or more
of these IP
and AUP controlling agreements with their sponsors.
NoteWell's Failing
-------------------------
NoteWell as it stands today has a statement that any and all email
sent to the IETF becomes the property of the IETF. So then
the problem
is that the person sending IP to the IETF through the Corporate GW
doesn't own that IP to assign it to the IETF. Only the
Sponsoring Entity could do that.
Knowing that this is true and continuing to violate the
agreement may
be fraud by wire
-------------------------
This is where it gets messy; the current boiler plate says that to
participate you have to turn over IP you don't own... and per the
agreement you likely signed with your corporate sponsor, to
participate in the IETF through the employer's Email GW you have to
convey IP that you NO LONGER have formal rights to. Further, to
protect the IETF you MUST represent to the IETF that you have this
contractual authority; which as it turns out only very few if any
actually do and the misrepresentation of may be a federal crime.
NoteWell - Private Company's and their IETF participation
-------------------------
This makes the IETF's NoteWell provisions ineffective because no
matter what the "Sponsored Employee or Contractor" says
once they sign
that AUP they would then need another specific
agreement/exemption to
set aside the claims of the Sponsor to those IP's they were
to contribute to the IETF.
No one would issue such a Email Release
-------------------------
No one in their right mind would issue such a release against their
Email servers. It would make the internal IP much more
difficult to protect.
Likewise, no company sending staff to participate in the
IETF except
those that have formal Standards Practices would likely have any
assignment of rights provisions for their Standards
Practice Staff to
be excluded from other IP controls within that Employer's
Operations.
The IETF mandates that its participants all formally hold
an Enduring
Power of Attorney
-------------------------
The problem is that NO COMPANY with possible exclusion of
its formal
Standards Initiative Staff have actually given those staff members
real releases to represent their interests. I.e. without
specific and
particular Employee Management Policies there is likely no
conveyance
whether NoteWell says there is or not, further most
Corporate Sponsors
realize that their Internal IP becomes at risk with any
other policies
in place... so the provisions to allow one to use the Email GW for
conveying property to the IETF are very iffy at best.
Does this make a Fraud? - I say YES.
-------------------------
The IETF is aware of these constraints and it has built technical
practice models to sidestep the law herein. That is very probably
technically illegal under US Law then to operate the IETF in this
manner and is arguably a fraud by wire between the IETF and
the Participant with the Sponsor as the victim.
You can blow this off as a technical "oh well" but I don't
think this
is going to go away... So my claim is that NoteWell doesn't
work from
Corporate Email Gateways IMHO as it sits now.
Jorge if you want to argue differently please do, but I
don't think you can.
Todd Glassey
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf