Erik, colleagues,
I am top-posting since I am not responding directly to anything in your message
but on the general thread.
I’d like to argue that this is not an IETF issue as such. Regardless whether
Erik is trying to solve a real problem, this is only an IETF issue if there is
a problem with the specification or the interpretation of the specs. If
individual IETFers want to be involved Euro-citizens than that is fine (and if
it comes to secure communication, a Good Thing TM), but lets try to keep the
institution out of it. Remember that the IETF is about voluntary adoption and
that we, as institution, do not do certification of implementations.
It is a thin line. Any question about what the IETF can do to make the Internet
better is fine. In this case I am a bit concerned that the IETF could be
perceived it is telling the EP how to run its business. Lets try to keep clear
of the latter and keep the ball on the first.
—Olaf
(no hats)
[ Nothing but rough context below]
On 10 jun. 2014, at 07:40, JOSEFSSON Erik
<erik(_dot_)josefsson(_at_)europarl(_dot_)europa(_dot_)eu> wrote:
Dear Jaldora, dear Mr Moonesamy,
I am overwhelmed by your thoughtful feedback! Thanks for taking time!!
I have tried to edit the pad with your comments in mind.
I do agree the request should not be rude. However, Regulation 1049/2001[0]
which provides the legal basis for the Access to Documents requests puts an
obligation on the institution to assist citizens exercising their rights, in
particular "If an application is not sufficiently precise, the institution
shall ask the applicant to clarify the application and shall assist the
applicant in doing so [...]" (art 6.2).
There is another request in the pipeline on transparency in EP security
procedures that you might find interesting to follow (and maybe help with):
http://www.asktheeu.org/en/request/man_in_the_middle_attack_on_the
http://pad.epfsug.eu/p/epfsug-eod-accessnetwork
Taken together, these requests stem from concerns that despite our efforts[1]
the EP "does not yet have the necessary means for secure electronic
communications" (see point 4 in [2] below), which explains (but does not
justify) why I was reaching out on the perpass list.
Again, thank you for your kind help!
Best regards.
//Erik
[0]
http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2001:145:0043:0048:EN:PDF
[1] https://wiki.debian.org/DebianParl/GreensEFA
[2]
http://epfsug.eu/wws/arc/epfsug/2014-06/msg00039/DG-IPOL-and-DG-EXPO-priorities.pdf
________________________________________
From: Alexander Burton-Vulovic [aburtonvulovic(_at_)siliconsteed(_dot_)com]
on behalf of jaldorakyor(_at_)gmail(_dot_)com
[jaldorakyor(_at_)gmail(_dot_)com]
Sent: Monday 9 June 2014 22:59
To: JOSEFSSON Erik; S Moonesamy; ietf(_at_)ietf(_dot_)org
Cc: pawal(_at_)blipp(_dot_)com
Subject: RE: RFC compliance and the European Parliament
Erik;
Well, the original message doesn't seem to clearly convey what you wanted and
the follow-up is simply unnecessarily rude.
The original request, as I read it, is for two things:
1. Documents relating to EP mail systems, policies, and server settings
relating to RFC 5321 sec. 3.9;
2. Documents relating to forecasts or plans relating to (1).
The response is "we have not found any documents that meet those criteria".
Now, they may or may not have any of those documents, but berating them for
'forget[ting] to address any of my requests' when as far as I can tell they
exactly answered the question you asked is more than a little unfair.
Reading the follow-up, though, I get the impression that what you asked for
is not really what you wanted to know and there has been a miscommunication.
On re-reading your follow up, it seems clear to me that the original request
was worded ambiguously and doesn't properly convey what you want to obtain.
What's wrong with saying, "Sorry, must have been a miscommunication. My
concern is that someone working in the EP with a @europarl mail address won't
receive mailing list messages. Can I have any documents relating to the EP's
mail handling policy and server settings and future changes to same?"
-Jaldora
-----Original Message-----
From: ietf [mailto:ietf-bounces(_at_)ietf(_dot_)org] On Behalf Of JOSEFSSON
Erik
Sent: June 9, 2014 3:39 PM
To: S Moonesamy; ietf(_at_)ietf(_dot_)org
Cc: pawal(_at_)blipp(_dot_)com
Subject: RE: RFC compliance and the European Parliament
Dear Mr Moonesamy,
Dear Mr Wallström,
Thank you for placing my call in the right context. I hope this list
<ietf(_at_)ietf(_dot_)org> allows me to reply without subscribing first. If
not, please advice on how to subscribe.
Assuming I was already subscribed, the problem is the following: If anyone
else working in the EP is subscribed to this list with his @europarl mail
address, he will never receive this email. That's it.
The request asks for the documentation of the reasons for this fact, or more
precisely, access to all documents relating to the EP's policies and server
settings for interacting with RFC 5321 compliant mailing lists.
No such documentation has been provided by the EP.
We are preparing a follow-up request here:
http://pad.epfsug.eu/p/epfsug-eod-emailrfccompliance
Grateful for any help and comments on the pad.
Best regards.
//Erik
________________________________________
From: S Moonesamy [sm+ietf(_at_)elandsys(_dot_)com]
Sent: Monday 9 June 2014 17:55
To: JOSEFSSON Erik; ietf(_at_)ietf(_dot_)org
Subject: Re: RFC compliance and the European Parliament
Hi Erik,
I am copying this message to ietf(_at_)ietf(_dot_)org instead of the perpass
mailing list as the question is not related to surveillance.
At 04:00 09-06-2014, JOSEFSSON Erik wrote:
I need help from the standards community with regards to RFC-compliance
in the European Parliament.
I reach out here because I believe you expect your work on improving
the internet will be implemented, maybe in particular by public bodies
we hold to a higher standard wrt transparency than others[0].
In an Access to Documents request the EP just stated that "conformity
with RFC-5321 section 3.9 is by nature outside EP's responsibilities"
[1].
Do you agree? Are there RFCs which correct implementation would, by
nature, fall within the responsibilities of the EP?
I read the reply. In my opinion the text quoted (above) from the reply
conveys a different meaning. My understanding of that part of the reply is
that mailing lists managed outside that email system is outside EP's
responsibility. The question you asked could be stated as follows:
Is it the responsibility of the EP to set the standards for email systems
to adhere to?
Please find a link to our documentation of the particular issue with
RFC-5321 section 3.9 below[2]
The issue in that document is about whether the mail relays for
europarl.europa.eu can reject a message from a (external) mailing list if the
"From:" header contains "europarl.europa.eu" as the domain part. There is be
a mail delivery problem if the external email system implements and follows
what is written in RFC 5321.
Regards,
S. Moonesamy
signature.asc
Description: Message signed with OpenPGP using GPGMail