Inline...
On Thu, Nov 7, 2013 at 9:41 AM, Pete Resnick
<presnick(_at_)qti(_dot_)qualcomm(_dot_)com>wrote:
On 11/7/13 1:36 AM, Richard Barnes wrote:
Like Randy, I sense a fair degree of process omphaloskepsis here.
What process do you think is being over-contemplated here? The bit about
the IAB judging consensus? Fine, ignore that bit. That's not the most
important bit.
The sense of the room was taken, and expressed agreement with a small set
of sentences. I don't see much utility in parsing the event beyond that
simple statement of what happened.
(Dismissing or belittling arguments by characterizing -- or caricaturing
-- them, be it calling them "naive" or "overwrought" or "omphaloskepsis",
is often effective, but inappropriate.)
I apologize for using dismissive language. But actually, my main concern
here is that we're getting distracted by minutiae from things that have
bigger-picture significance.
A wise person once told me that any consensus is judged at a point in
space and time, and this one sure was.
Consensus on *what* exactly in this case? Consensus that we should all be
happy? Consensus that we should all have a pony?
It is true that consensus (rough or otherwise) is a state, and that state
can always change. But consensus should be on a particular point and it
must be relatively stable; it shouldn't be claimed on some broad platitude
for which nobody knows the details, and it shouldn't change unless new
information is brought into the mix.
Consensus on the three questions that were asked (copying from Scott's
message):
1. Is the IETF willing to respond to pervasive surveillance as an attack?
2. IETF should include encryption even outside of authentication where
practical?
3. The IETF should strive for e2e encryption even when there are
middleboxes in the path?
There are ambiguities there. There are ambiguities in any sentence written
in human language. We should have the discussion to sort out the
ambiguities and turn these principles into actions. But the need for that
discussion doesn't undermine the utility of establishing that we have some
base level of agreement.
What you're saying is that it is impossible for the consensus of the
IETF to be estimated in plenary session and that it requires some specially
anointed person (not of the IAB) to judge that consensus.
No, I am absolutely not saying that. I disagree completely with all of the
above statement.
After a discussion of issues, it is perfectly reasonable for someone
(anyone) to *estimate* what the consensus of the IETF might be in plenary
and state that. Sometimes that might even be a good thing.
A hum (or a show of hands, or an applause meter) can give you lots of
information about the sentiment of the room and it might even give you an
estimate of what the consensus of the room is. All fine.
But taking a hum, at the end, without discussion afterward, is not a
reasonable way to *call* consensus. And that's exactly what some people
heard was going on. And it's hard to interpret what Russ said otherwise.
I don't think it's reasonable to call a hum at the end unreasonable :)
Just because we're not in the room doesn't mean we can't continue
discussing. A hum is just a point measurement, whether it comes at the
beginning or the end. In this case, it was a measurement at the beginning
of the discussion, which seems useful to me for establishing some points on
which there is substantial agreement and some points where we need to have
some discussion. In that sense, it has clearly worked, as Scott's thread
demonstrates.
Discussion of the content of the hums -- what do these principles we've
agreed on really mean? -- is a worthwhile activity. Trying to declare the
measurement invalid because of how it was done is not.
(As for the "anointed" person: *Calling* consensus -- that is, making an
IETF decision -- does take someone who the IETF has agreed is responsible
to do that. Estimating consensus or guessing consensus or otherwise
sticking one's finger into the wind and predicting consensus are all fine
-- unless you're doing so to try to shove people into a particular position
-- but making a final call *is* something that we leave for someone in
particular. You'll not that when Ted asked for the hum, he asked Jari to do
it. And again, none of this is the important point of my message.)
I never got the impression that this was what was being done.
Neither argument seems to me like it would really sway the outcome of
this decision...
Sorry: What decision exactly?
Poor choice of words. The outcome of the hum.
These consensus calls seem to have captured the high-level consensus of
the IETF, as gathered in plenary at this meeting. Yes, there was argument
about more specific details at the PERPASS meeting, but I don't think that
invalidates the more general agreement.
Don't get hung up on the details. This isn't about the details.
Have a hum and applause to make you feel good. Just don't confuse people
to think that it means the IETF has come to consensus.
Ask big fluffy political questions that state big fluffy political
principles. Just don't confuse people to think that it means the IETF has
come to consensus.
I know people hate the idea that the IETF can't make grand political
statements and that we're stuck doing technical work. Making grand
political statements is fun and gets good press. Tough. Leave grand
political statements to the IAB and ISOC. Let the IETF do its technical
work and stop engaging in theatrics. Far less flashy, but significantly
more useful.
The adjectives "fluffy", "political", and "theatrical" just don't apply to
the questions that were asked. They're "big", but they're about technical
priorities for design -- what scenarios do we want to address with security
the technologies we're developing?
These are useful and actually surprisingly concrete questions for setting
the overall direction of technical development in the IETF. They were
already cited in the STIR meeting only a few hours after they were called.
Let's appreciate the value of having agreement on a particular set of
words, even if those words might not have an engineer's preferred level of
precision and clarity.
--Richard
pr
On Wed, Nov 6, 2013 at 11:21 PM, Pete Resnick
<presnick(_at_)qti(_dot_)qualcomm(_dot_)com
wrote:
Some folks approached me after the plenary and asked me why I objected so
loudly to these "taking of hums". Tim's response pretty well explains it:
On 11/6/13 6:58 PM, Randy Bush wrote:
On 11/6/13 6:50 PM, Tim Bray wrote:
You’re entitled to your opinion, but I entirely disagree. I thought
each of those made an important point and highlighted some areas where
consensus is broadly held. I appreciated Russ’ composition of the issues
and think he deserves our thanks.
the feeling of those present was pretty clear.
Yes, the feeling of those present was pretty clear. And if Russ had only
asked for the feeling of those present, I probably wouldn't have been
torqued. I would have, like Dave described it, thought it a bit of
political theater, but otherwise said "Whatever".
But Russ didn't ask for a "feeling". Russ said that he was asking about
consensus, and Tim heard that the result of those hums *were* the IETF
coming to consensus. And that's just bogus. There was no consensus, and
some of this I think is really damaging to the IETF.
Look at a couple of these:
On 11/6/13 12:41 PM, Russ Housley wrote:
1. The IETF is willing to respond to the pervasive surveillance attack?
Overwhelming YES. Silence for NO.
This was "The IETF wants to save the lives of bunnies." Press release
nonsense. And surely so much mush as not to be consensus. Just let's
everybody applaud. OK, who cares, but not useful.
3. The IETF should include encryption, even outside authentication,
where practical.
Strong YES. Silence for NO.
So if you sat in perpass, you'll know that the result of this hum was
rubbish. There were a bunch of people up at the mic in perpass who objected
strenuously to this. There was no IETF consensus on this point. But if you
took the result of the bogus hum as consensus, you'd sure think so. And
that happened because Russ loaded the deck in the way he asked the question
to make sure that nobody would hum against it. He asked it at the end when
it was clear there would be no discussion of dissent, so that people who
might have objected felt comfortable that at least they'd have a chance to
explain themselves instead of looking like idiots humming against
motherhood and apple pie. Pure nonsense.
This wasn't about getting consensus. This was about everybody feeling
good about themselves and being able to applaud. And if anyone tries to
enforce any of these things as consensus of the IETF (e.g., "Sorry; we had
a hum and there was consensus that we're doing encryption without
authentication whether you'd like to or not, so you're in the rough"), that
should be appealed immediately.
This is vote stuffing in the extreme. It's ignoring (heck, it's actively
suppressing) minority voices. It makes a joke of coming to consensus at all.
And all that said, since when does the IAB judge the consensus of the
IETF? Not since 1992, as far as I remember.
I don't disagree with any of the statements per se. As Scott Brim pointed
out, the statements were incredibly general and left all sorts of stuff
undefined, so it's hard to know exactly what I'm signing up to by agreeing
with them. But again, it's motherhood and apple pie for most of them. (The
second might have been interesting if it weren't buried in the middle of
the rest.) And it made for fine press. But IETF consensus? Bullpucky.
pr
--
Pete Resnick<http://www.qualcomm.com/~presnick/>
Qualcomm Technologies, Inc. - +1 (858)651-4478
--
Pete Resnick <http://www.qualcomm.com/~presnick/>
<http://www.qualcomm.com/~presnick/>
Qualcomm Technologies, Inc. - +1 (858)651-4478