ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: IESG Success Stories

2007-01-08 09:18:03
from [Hallam-Baker, Phillip] [Permanent Link] 


From: Brian E Carpenter [mailto:brc(_at_)zurich(_dot_)ibm(_dot_)com] 



On 2007-01-05 20:55, John C Klensin wrote:
...

I have two questions...

(1) Do you have evidence of actual situations in which an 

AD behaved 

in this way, kept concerns to him or herself, and then raised them 
only, and for the first time, via a DISCUSS after Last Call?


How about a case where an AD had decided, before being an AD, 
not to fight against something s/he thought was misguided, 
and then found it on the IESG agenda two or three years later?


If you want ADs to take on that type of role they have to have a mandate. The 
NOMCOM process is intentionally designed to eliminate accountability and in the 
process eliminates any mandate.

ADs have the same rights to bring up issues in IETF last call. They should not 
use their ability to raise objections in private in preference to raising them 
in public.


Clearly there is always the potential for someone to re-read a draft and 
suddenly realize that there is an issue that they had not seen before.

The problem I am having is with the term 'misguided'. This can mean two things:

1) The objector believes that the WG has overlooked an issue or treated it 
inadequately.

2) The WG looked into an issue in depth and decided to take an opposite 
approach.


This is quite an important issue in the security area. The success rate is not 
good. We have a serious problem with Internet crime. The way that we have been 
doing security in the past has clearly not worked.

We cannot necessarily wait until everyone in the security area accepts that 
risk and accountability based schemes are more useful than end-to-end security.

Looking at the proposals made for BGPSEC it is very clear to me that our 
approach is still a minority one within the IETF even though it is arguably now 
the consensus amongst security protocol designers.

DKIM is not designed to do the same set of things that S/MIME and PGP are 
designed to do. DKIM is not designed to provide non-repudiation, contractual 
binding or end-to-end security.


I think we need to remember here that the IETF began as an institution to 
facilitate research. There will always be Kuhn type processes underway in some 
part of the field. And the IAB and IESG will always be filled with people who 
represent the old view rather than the new.

There is a big difference between an individual contributor peddling an 
anti-gravity machine and a Working Group with ten active members that has both 
a design and a working model.


The risk in allowing type 2 objections to fester is that either the 
organization splits a second time or we have another case of an aggrieved party 
making a demonstration.

_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: IESG Success Stories, John C Klensin
Next by Date:  RE: IESG Success Stories, Hallam-Baker, Phillip
Previous by Thread:  Re: Intermediate wg summaries, Spencer Dawkins
Next by Thread:  RE: IESG Success Stories, Hallam-Baker, Phillip
Indexes:  [Date] [Thread] [Top] [All Lists]