Hi Avri,
You make valid points. However, I assume that a company system
administrator has nothing to do with the IETF. In this case, as far as I
know, the tools team is not bound by all the rules of NomCom. For
instance, the tools team members are potential candidates for
nomination, aren't they? May be there are expected to abide by the
confidentiality rules, but the restriction of not being eligible for
nominations certainly does not apply as far as I know. So, being active
participants in the IETF community and being eligible candidates for
nominations provides a significantly different landscape from a network
administrator who does not have a clue about the IETF.
Regards,
Vidya
-----Original Message-----
From: Avri Doria [mailto:avri(_at_)acm(_dot_)org]
Sent: Wednesday, November 08, 2006 12:41 PM
To: IETF-Discussion
Subject: Re: nomcom and confidentiality
Hi,
To add a tidbit. There has long been a notion of an umbrella
of confidentiality in Nomcom. Which means that anyone who
has, or is given access, to any of the confidential
information has to agree to keep the information
confidential. While I have paid very little attention t
nomcom over the last few years, I assume this idea is still relevant.
I agree with Harald that there is this common assumption of
trust given to system administrators. And in fact when as a
Nomcom chair, i kept info on my system, there was always the
possibility that a company system administrator could see the
info and do something with it. I assume the same is true of
every nomcom members who receives the email on a work owned
computer. I would assume that in addition it being implicit
that the tools team folks be trusted to treat things
confidentially, that it be explicit that members of the tool
team and other administrators of the systems agree to keep
nomcom information confidential. I am not looking for an
NDA, but perhaps an explicit statement might be useful in
assuring people.
a.
On 7 nov 2006, at 05.37, Harald Alvestrand wrote:
I think some of Laksminath's concern is valid.
But I think the solution to the problem is simple:
Make it publicly known who is on the technical staff that
supports the
Nomcom, and make it clear that these people:
1) May learn Nomcom information as a side effect of their technical
work to support Nomcom
2) Have promised not to reveal that information to others, and have
promised not to take any other action based on that
information (apart
from fixing technical problems)
This is analogous to the role of an email postmaster: He *can* read
any mail on the system, if he really wants to, but we trust
him to not
*do* it - or, if he has to during debugging, we trust him
to "forget"
what he's read.
I trust that Henrik thought this was "so obvious it didn't need
mentioning".
Harald
--On 7. november 2006 00:39 -0800 Lakshminath Dondeti
<ldondeti(_at_)qualcomm(_dot_)com> wrote:
Fred,
When I saw a non-nomcom member having access to what I thought was
nomcom-confidential, I was very concerned and now doubt the entire
process. I was told that it is secure, but it has not
been verified
as far as I can tell. At this point, no offense to the
tools team, I
remain unconvinced.
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf