On Jan 3, 2014, at 12:33 PM, Eric Rosen <erosen(_at_)cisco(_dot_)com> wrote:
Ted> The point of the IETF stating a position on this is not to give ADs
Ted> another thing they can hassle document authors about.
One has to look at the likely impact of the draft, not merely at the
intentions of the authors.
I'm sorry, I know that there have been some really painful incidents in the
past, and that people are sensitized to the potential for a repeat, but I'd
like to think that the IETF has learned from those experiences.
You say that we are edging into politics here, but I don't think that's true.
I think that it's entirely appropriate for us to document pervasive monitoring
as an attack, because it is one. If you disagree with that, that's fine, I'd
like to hear your explanation. If you agree that it's an attack, but think
the IETF doesn't need to address it, I'd like to hear about that. But it
seems to me that you are doing neither of those things.
I think one likely impact of this draft is that authors and working groups will
take pervasive monitoring more seriously as a threat when they are designing
their protocols. It's also possible that ADs will use this document as a
bludgeon. I don't think anyone on the current IESG wants to see that happen.
If you completely disagree that authors and working groups ought to be
thinking about this, then I can see why you would argue for simply scrapping
the document. But if you are solely trying to address the concern that the
IESG will go mad with power, then let's talk about how to tweak the document to
address that concern.