ietf
[Top] [All Lists]

Re: Status

2014-01-01 16:34:20


--On Wednesday, January 01, 2014 12:18 -0900 Melinda Shore
<melinda(_dot_)shore(_at_)gmail(_dot_)com> wrote:

On 1/1/14 11:34 AM, Andrew Sullivan wrote:
On Wed, Jan 01, 2014 at 12:13:31PM -0800, Dave Crocker wrote:
ps.  My own suggestion is Experimental.   
Please, no.  That status has been abused enough.  What would
you be trying to learn by this experiement?  What would the
conditions be that you would conclude you knew the answer?
If you can't answer those questions, "Experimental" is just
wrong.

I'd actually be fine with experimental, to the extent that it
provided background for some experiments with trying to find
a workable framework for evaluating snoop-resistance in IETF
specifications.  I'm less good with publishing a BCP that's
neither "best" nor "current" nor "practice."

I have to agree with Andrew.  The most important parts of the
document are, to me, the statement that there is an issue, that
the IETF community recognizes that issue, and that there is a
general sentiment that considering it and doing something about
it is generally a good idea.

Where I start having problems is where it seems to specify
constraints on protocols or criteria that could be used to block
standardization of protocol specs that don't meet someone's
theory of what is possible or good enough.   As others have
said, we shouldn't be approving things (and claiming the
existence of consensus about them) that call for action but that
aren't actionable without new rounds of debate about what those
actions are or that seem to specify, a priori and for most or
all protocols, that some tradeoffs and constraints are more
important than others without careful examination of the others.

Identifying a document as experimental doesn't help with that in
any way unless, as Andrew suggested, we are prepared to specify
the experiments and the corresponding evaluation criteria.

I've deliberately avoided making concrete suggestions, but let
me give that up and suggest two alternatives:

(1) Many years ago, in a discussion of formal models of various
types of systems, Joe Weizenbaum [1] suggested the most of the
value in such models lay in the thinking, hypothesis testing,
and topic examination that went into their creation; "running"
the models was less often significantly useful.  Perhaps this
topic is much like that: the community, and especially those of
its members who have been following the discussions and thinking
about the various comments, have learned a great deal.  Maybe
publishing it, especially with claims of consensus, would be
anticlimax at best and an invitation, not just to abuse but to
additional versions of the endless process debates that, as I
think Randy Bush was suggesting, because a blocking factor and
substitute for getting actual work on the Internet done in the
IETF.  That isn't a good tradeoff, so maybe it is time to just
stop.

(2) Perhaps it is useful to the community that we make a strong
statement that pervasive surveillance is an attack on the
Internet, its openness, and the ability to use the network with
confidence.  I don't have a problem with such a statement
although, if we make it, I think we should also be considering
statements about patent abuses, competitiveness among ISPs and
other "open access" and "net neutrality" issues, and a
collection of other issues and areas.  But, if we do that, let's
do that and issue it as an informational statement or RFC, not
pretend that it is a standard, much less a best current
practice.   If that document wants to call for actions or
experiments, that would be great, as long as it isn't written in
a way that can easily be confused with such actions or
experiments.

best,
   john



[1] For those of you who don't recognize the name, look it up --
probably would be good for you.

Melinda





<Prev in Thread] Current Thread [Next in Thread>