ietf
[Top] [All Lists]

Re: Eliot's draft-farrell-perpass-attack thread

2013-12-11 11:17:10
On 12/9/2013 5:28 AM, Stephen Farrell wrote:

 The question essentially
is how to cater for network management. I think the
current text is fine, Eliot doesn't,


The IETF has been bitten by the privacy-protection bug, which is prompting extensive, serious activity on the topic. That's excellent, of course. However the community is responding with a sense of urgency about issuing policy statements that I believe is precipitous.

Policy statements need to represent more than a simple assertion of a desire or goal. They need to consider implications, carefully and relatively thoroughly. It's also best if the statements are written with some attention to likely misinterpretation. (For example, the current draft is careful to explain its distinctive use of the word 'attack'; while some readers will persist in misinterpreting the use, at least the document makes itself clear.)

Although the draft-farrell-perpass-attack might be subject to all sorts of wordsmithing improvements, its basic structure, scope, tone, and language seem pretty reasonable to me, given the goal of the document.

What is less clear are its implications for work in the IETF.

And that won't get resolved in a day or a week.

The community needs time to discuss its application within on-going IETF work, as well as discussing possible new work. Such discussions need time. Not necessarily a lot, but more than has had a chance to happen so far.

Eliot's concerns are a good example. I suspect there are quite a few more. (I'm not commenting on the details of Eliot's concerns; my point is that there needs to be time to discover and explore more concerns such as his, with careful effort to resolve them.)

I'd like this draft to get published, but I'd like the community to pursue publication more thoughtfully than has been possible within the very short lifespan of the document.

In order to avoid concerns about this being open-ended, I'll suggest a target of 4 months. In other words, enough to take us through another IETF meeting and a bit beyond.

Within that time, areas and working groups need to explicitly and diligently discuss the implications of this draft on their work and feed it back into revisions of the draft.

In other words, the community needs to take on a work item to offer comments on the likely application of this draft to technical efforts in the IETF, so that we can develop some understanding of how the document will be useful (and how it might be revised to avoid difficulties...)

At that point, the document will represent a degree of substantive, strategic technical thinking by the community, rather than a more wistful and frankly superficial expression of concern.

d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net

<Prev in Thread] Current Thread [Next in Thread>