On 11/28/2011 12:31 PM, John Levine wrote:
I would be interested in a brief explanation of why we need one now,
since we have gotten along without one for multiple decades.
Having worked with a lot of lawyers, my experience is that few lawyers
understand cost-benefit tradeoffs, and often recommend spending
unreasonably large amounts of money to defend against very remote
risks. Similarly, insurance agents will usually tell you to insure
against anything. (This is why NDAs are 12 pages long, and the
standard deductible on policies is usually an order of magnitude too
small.)
(speaking on own and without any IAOC/Trust background on this topic, and most
certainly with little knowledge of legal issues in this realm. But 'little' is
not 'none'.)
The IETF is a very different place now, than it has been for the multiple
decades preceding. Many participants have no sense of the original culture.
They come in with whatever other cultures they've been exposed to, or with no
background at all. Also, most participants in the IETF have no natural or
trained sense of trust-violating boundaries.
I also have some concern about increased company "orchestration" of some IETF
work, which would seem to invite anti-trust concerns. That's a vague statement
and is meant to be. But vague doesn't mean without foundation.
IMO, that makes it reasonable to have at least a basic statement on the topic.
I think it needs to be cast in IETF cultural terms and delivered in an IETF
style. So, for example, having every participant sign a statement of awareness
of the policy or having a multi-page policy would not make sense for the IETF.
But something probably would.
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf