Re: IESG/IAB next documents on administrative restructuring
A note on these documents: The publication process took a few days. In the meantime, members of the IESG and IAB, who read the documents last week, have suggested to the authors several points at which these documents could be improved. This includes: - Doing more to clarify the roles of the various parties in the iasa-bcp document, such as specifying more of what it means that the IETF Administrative Director is an ISOC employee who works under the supervision of the IAOC - Changing some of the proposed transition plan, by making the interim body that oversees the transition be an interim body rather than a proto-IAOC; this will, among other things, make sure that we're not committing to finding someone willing to work for 3 years in 3 weeks. We will try to get draft updates reflecting those changes out before the I-D update deadline; of course, this should be regarded as input for discussion - it's perfectly appropriate for the community to argue in favour of (or against) either the -00 or the -01 version of the plan! Harald --On fredag, oktober 22, 2004 09:02:24 +0200 Harald Tveit Alvestrand [EMAIL PROTECTED] wrote: Hello, People from the IESG and IAB have created 3 internet-drafts to follow up on the administrative restructuring process: - draft-iab-iesg-adminrest-rec-00 - draft-wasserman-iasa-bcp-00 - draft-wasserman-adminrest-plan-00 These are intended as the basis for the next phase of discussion in the IETF; they hit the I-D directories this Thursday. To keep track of the various documents in the IETF administrative restructuring process, and to give ourselves a site where we can keep documents that need to be changed more quickly than is natural for the I-D submission process, we have started creating a web site to keep track of the documents of this activtity. It also makes it possible to read these documents in HTML format. At the moment, the site URL is: http://psg.com/~mrw/Scenario-O Please check it out! Harald, for the IESG and IAB ___ Ietf mailing list [EMAIL PROTECTED] https://www1.ietf.org/mailman/listinfo/ietf ___ Ietf mailing list [EMAIL PROTECTED] https://www1.ietf.org/mailman/listinfo/ietf
A new technique to anti spam
Email traditional technique\'s working flow: 1.Sender sends his email to sender\'s smtp server for his client computer by smtp 2.Sender\'s smtp server sends the email to the receiver\'s smtp server by esmtp/smtp 3.Receiver\'s smtp server moves the email to the pop3 server(/or imap server/or web server) 4.Receiver gets the email from the pop3 server by pop3 To anti spam by using a new technique call \"anti-spam by macroeffect\" New technique\'s working flow: 1.Sender sends his email to sender\'s smtp server for his client computer by smtp 2.Sender\'s smtp server communicates with receiver\'s smtp server to test if the receiver\'s uses the new technique. if is,the sender\'s left the email on \"Full-content Email\" server.At the same time,it creates a email-pointer pointing to the email.(if the result of testing is the receiver\'s can\'t support the new one, then sender\'s transfer email by using tranditional tech) 3.Sender\'s smtp server sends email-pointer to the receiver\'s smtp server by esmtp 4.Receiver\'s smtp server moves email-pointer to the pop3 server(/or imap server/or web server) 5.Receiver gets the email-pointer from the pop3 server by pop3 6.According to email-pointer,receiver downloads the email from the \"Full-content Email\" server after identifying the authority of the \"Full-content Email\" server\'s IP address. Teh characteristics of the new technique: 1.compatible with the traditional technique,coming from RFC 1869 2.To limit the sender\'s send-box(not only receive-box),because the email\'s body stores there. 3.Receivers receive only the email-pointer.if spam,to delete it can save the Internet flux(reducing network bandwidth) The advantages of the new technique: 1.As a receiver,you first judges the useful of the email by simple information(email-pointer:subject,from,to and etc).if is,you can refuse it to forbid download the body of the email(reducing the Internet flux) 2.As a receiver,sometimes you judges it\'s spam after you download the body to read.You also can refuse it.Because the email\'s body occupys the sender\'s send-box,it stops the sender to send a new email after he emptys his send-box.(As a spammer,he want to maximize the effects of the junk-mails.He wishs most of the receivers read the junk-mail.But he can\'t judge if the receiver has no time to read or the receiver refuse it after reading it,because the status of both are same.The spammer check the stauts of the junk,if it\'s UNREAD.He must need a decision to delete it to get more room to send new junk to new receiver OR keep it to wish the receiver read in a day or two.If the spammer chooses the later,it means the older email occputies the send-box,so he can not send as many junk as he can.it slow the speed of spam-making.If the spammer choose the former,that means the junk mail has been deleted before it take effect by self) 3.As a sender,you can know if your email has been read.Because the body of the email was left on your send-box,after the receiver download it and accept it(if spam,the receiver can refuse it),you can check the status of email on send-box.The status are only READ or UNREAD.\"The receiver downloads and accepts it\" makes the status READ,and \"the receiver has no time to read or the receiver set it spam\" makes the status UNREAD.If the receiver has not read the email,you can modify your email to make sure you can express your true willing.(The email has been send,but you can modify before receiver read it) Of cause,if you configure that system can delete the READ emails automatically for you. The specifications of the new technique(detail of the specifications): 1.How to create the email-pointer? Separate the email into body and header.Get the header plus a email-location to create the email-pointer.That it is,the email-pointer only has header and no body. For example:a simple email-pointer can be(between BEGIN and END) < From:\"Mike\"<[EMAIL PROTECTED]> To:\"John\"<[EMAIL PROTECTED]> Date: Thu, 8 Jul 2004 00:08:23 +0100 Subject:This is a test X-MPTR:svr=192.168.95.100;port=9110;id=20040707230823.GA29023;md=1732457bac7b4d141732457bac7b4d14;size=2573;spam=20% >>END 2.What is the structure of the email-location? It\'s in the header.Combine with the IP,port of \"Full-content Email\" server,and id,md5,size of the email and other params. For example:a simple email-location can be X-MPTR:svr=192.168.95.100;port=9110;id=20040707230823.GA29023;md=1732457bac7b4d141732457bac7b4d14;size=2573 3.The session between both new tech email servers (1) S: C: S: 220 dbc.mtview.ca.us SMTP service ready C: EHLO ymir.claremont.edu S: 250-dbc.mtview.ca.us says hello S: 250-EXPN S: 250-HELP S: 250-8BITMIME S: 250-XONE S: 250-XVRB S: 250 XMPTR ... Email server return \"XMPTR\" means it
Re: Sunshine Law
Margaret Wasserman wrote: Hi Paul, Ignoring the rest of your post and just picking up on this part: 3. with regard to process transparency, you have all had a chance to read my thoughts about california's sunshine law which holds that: The people of this State do not yield their sovereignty to the agencies which serve them. ... This is, I believe, one reason why our process includes a recall procedure. It's interesting that this has never been exercised, but I think its existence already puts the IESG and IAB on notice. However, it's always going to be a judgement call which decisions are purely operational and get made quickly by the I*, and which ones deserve debate in the sunshine. Brian ___ Ietf mailing list [EMAIL PROTECTED] https://www1.ietf.org/mailman/listinfo/ietf
Re: Shuffle those deck chairs!
scott bradner wrote: Please do NOT spread that kind of total misinformation. You have to disclose your IPR as soon as reasonably possible when an internet-draft or RFC potentially infringing on it has been published, no matter the category it's headed. Pekka is correct But to be precise, the requirement applies to *contributors* and there is an exception: This requirement specifically includes Contributions that are made by any means including electronic or spoken comments, unless the latter are rejected from consideration before a disclosure could reasonably be submitted. In other words, it doesn't apply to bystanders or to bad ideas that are rapidly dropped. Brian ___ Ietf mailing list [EMAIL PROTECTED] https://www1.ietf.org/mailman/listinfo/ietf
Re: Shuffle those deck chairs!
Paul, Paul Vixie wrote: [vixie] ... i do think the iesg/iab should think carefully about making something a proposed standard or draft standard or full standard without having first negotiated royalty-free use rights on behalf of all future implementors, as scrocker did with jbezos for the RSADSI IPR that went into early dnssec. [carpenter] I don't think we can require the IESG to negotiate anything. There are all kinds of legal issues there. To my knowledge, both WGs and the IESG do think carefully about this, but often conclude that the default IETF conditions (RAND) are realistic and acceptable. what you call concluding, i call railroading and inertial ignorance. From when I was inside the black helicopter, which is a few years ago, the IESG discussions that I witnessed on this topic were definitely not conducted in ignorance, but in awareness of the various conflicting interests. That doesn't mean the right decisions were reached of course - the ADs are only fallible humans - but your comment is quite unfair from what I saw. The IETF exists to make the Internet work better, not to exclusively support the open source movement. my arguments on this topic aren't related to the open source movement. Well, I think that is much clearer in *this* message than in your previous one. [This doesn't mean that I am against RF or OSS - it means I want the IETF to continue to live in the real world, where patents and royalties continue to exist alongside OSS.] the hull of brian's boat just scraped the top of an iceberg, but i'm going to try to answer without having to pull this asteroid-sized chunk of ice out of the water and show it to all of you. I'm aware of the iceberg, and incidentally so are the most senior executives at my employer. http://news.com.com/IBM+pledges+no+patent+attacks+against+Linux/2100-7344_3-5296787.html The trick with icebergs is to steer around them, not to try to melt them. even so, everybody check your seat belts and shoulder straps, 'cuz i gotta learn ya somehow: 1. in spite of not having a clear corporate status, ietf is a de facto public trust. companies and people participate in ietf because they believe certain things, and among those things is what brian said: because it's a way to get work done. there are however other things, and exactly what those things are is at the heart of the current isoc-ietf-malamud hairball nightmare. I think this is a category error. The proposal on the table is how to improve the IETF's administration *without impacting the standards process one bit*. The concerns you are raising are orthogonal. So I see no hairball and no nightmare in draft-malamud. Let's get the administration working properly. And let's separate any discussion of process transparency and IPR policy from that completely. You're not raising trivial issues here, but they are separable from the administrative stuff. Brian ___ Ietf mailing list [EMAIL PROTECTED] https://www1.ietf.org/mailman/listinfo/ietf
Re: Shuffle those deck chairs!
Tim Bray wrote: On Oct 21, 2004, at 7:59 AM, Eric S. Raymond wrote: Brian E Carpenter [EMAIL PROTECTED]: I don't think we can require the IESG to negotiate anything. There are all kinds of legal issues there. To my knowledge, both WGs and the IESG do think carefully about this, but often conclude that the default IETF conditions (RAND) are realistic and acceptable. If IETF continues to believe this, groups like Apache and Debian will continue to have to end-run IETF I'm with ESR on this one. The W3C bit the bullet and built a patent/IPR policy that has integrity and is based on the notion that the Net works properly when important components can be built by un-funded independents without worrying about getting their asses sued by someone with a patent portfolio. If the IETF wants to ignore history and build an Internet where that doesn't hold, feel free, but it's not a very interesting kind of place. -Tim Patent holders who choose to stay outside the standards setting process are not in the least impressed by the IPR policy of the standards body, whether it is the W3C, the IETF, or anywhere else. Those are the patent holders you need to worry about, not the ones who play nice by helping to set open standards. You're shooting at the wrong target by shooting at the IETF and its participants. Brian ___ Ietf mailing list [EMAIL PROTECTED] https://www1.ietf.org/mailman/listinfo/ietf
Re: I-D ACTION:draft-lyons-proposed-changes-statement-01.txt
Patrice, I'm extracting here soem of your comments to Joel and some of those to Margaret, because I think there is a single underlying point to be discussed: Patrice Lyons wrote: ... While there are many reasons why incorporation of an association is desirable, one important reason for a technical association like IETF to incorporate is the substantial increase in exposure to potential liabilities arising from conflicting patent claims that has arisen over the last few years. In this context, there has been some talk of donation recently of patents for IETF, particularly a group of patents, for IETF purposes at little or no cost. What happens if a group of pooled patents is donated to IETF by the very organization that also controls funding for the IETF? What happens if such an organization is under no direct control by the IETF and takes steps that embroil the IETF in patent litigation? ... Second, you raised a question about ISOC. While my comments didn't single out ISOC, if ISOC is viewed as a fundraising entity or an actual source of funds for the IETF, and is also the organization charged with hiring an Administrative Director for the IETF and supervising his/her efforts such as contracting with third parties for IETF support services, I would again assert: where are the checks and balances. ... Apart from the provision of routine IETF support services, fundraising for the IETF is a potential source of conflict of interest. To minimize the possibility that a contributor of funds for IETF purposes might be perceived as having an undue influence on IETF standards setting work, I have proposed that a new, separately incorporated and independent entity called the IETF Foundation be established to manage the IETF fundraising activities. ... In any event, the IETF retains the fiduciary obligation to supervise and control any support services provided to the IETF by third parties, including any possible new administrative entity that may be established to serve the IETF community. While supervisory responsibility for certain support services (whether under contract or simply volunteer) may be delegated by the IETF to others, the obligation to provide general oversight for such activities resides ultimately with the IETF leadership, in particular the IESG. Now we agree that the IETF *is* an unincorporated association, and there was very strong consensus in earlier discussions that we don't want to change its fundamental nature and its open door policy. If that is granted, then the leadership (i.e. the IESG and IAB) are as far as I can see under no formal responsibility whatever - there's just a social contract in place (and if that breaks down, we can all go home anyway). So the *fiduciary* responsibility for supervision and control and for integrity in fund raising and fund disbursement *has* to lie with a body corporate in some jurisdiction. That body can join the IETF social contract by agreeing to accept policy and technical direction form the IETF leadership, but that doesn't move the legal responsibility. And that being so, I just don't see the conflict of interest - if the body disburses funds for purposes other than what they were collected for, or breaks its social contract with the IETF, that's a breach of responsibility, but that can happen in any scenario whatever. Patent donations don't affect this - a patent is an asset and so it's really just like more money. Some poison pill would be needed to ensure that the patent can never be misused, but again I don't see conflict of interest. I just don't see how any of this argues for more than one body corporate. Brian ___ Ietf mailing list [EMAIL PROTECTED] https://www1.ietf.org/mailman/listinfo/ietf
Re: Sunshine Law
Hi Brian, At 2:23 PM +0200 10/23/04, Brian E Carpenter wrote: This is, I believe, one reason why our process includes a recall procedure. It's interesting that this has never been exercised, but I think its existence already puts the IESG and IAB on notice. However, it's always going to be a judgement call which decisions are purely operational and get made quickly by the I*, and which ones deserve debate in the sunshine. There are several important things that your response glosses over... Secrecy and closed meetings are not simply a matter of expedience in the IETF, they are supported by our prevailing culture and documented rules. We currently, and quite explicitly, expect our leadership to use their judgement in deciding what the community should and should not be told. It is a fact that the IAB and IESG regularly hold meetings, hold mailing list discussions, make decisions and/or receive information that is not shared with the rest of the community. This is a perfectly valid way to run an organization (most commercial corporations are run this way, for example), but it is not (at least in California!) considered to be a reasonable way to run a government. And, I personally do not think that this is the way we should be running the IETF. To illustrate the fact that the IETF is not organized or run in accordance with the Sunshine Law today, let me give some examples: RFC 3710 (the IESG charter) says: The IESG also has private group discussions, using any means of its choice, including email. Records of those discussions are not required to be made public. This is believed to be vital in permitting a frank exchange of viewpoints and worries, allowing people to speak out freely on topics known to be controversial, and permitting people to change their minds based on presented arguments. Decisions and their justification are a matter of public record. What this paragraph says is that our IESG deliberations are allowed to be secret. Only our decisions and their justifications are recorded and accessible to the community. And, in fact, we make many decisions that are not recorded, and others that are recorded without enough detail to understand their justifications. RFC 3710 then goes on to offer even more reasons why the IESG, in particular, might decide to hold a discussion of which the community is not informed: However, discussion of personnel matters and possibly legal and financial matters may sometimes be required to be kept confidential, and the chair may, with the consent of the full members, exclude liaison and ex officio members whose presence is seen as inappropriate for the particular discussion. Although RFC 2850 (the IAB charter) does not empower the IAB to have any private group discussions that are not minuted, it does say basically the same things about personnel, financial or legal matters: However, discussion of personnel matters and possibly legal and financial matters may sometimes be required to be kept confidential, and the chair may, with the consent of the full members, exclude liaison and ex officio members from such discussions. The passive voice in these sections is a bit ambiguous, but it is clear that the IETF Chair and IAB Chair believe that they can jointly require that the IAB and IESG keep information regarding legal or financial matters confidential. They apparently also believe that it is appropriate for the Chairs to keep some information confidential from the IESG or IAB. The IETF Chair and the IAB Chair have, on several occasions chosen to hold substantive discussions or make decisions in small groups that exclude most of the IAB and IESG. These groups are sometimes justified based on prevailing thinking regarding directorates which allows the leadership (at least IESG members) to hand-pick small groups of people for advice, etc. Brian, I believe that you and John Klensin were both members of one such group -- the IAB Advisory Committee that did the initial AdminRest work. As far as I know, your meetings were not minuted and your mailing lists archives were not open, although you did produce a public report in RFC 3716. Is it your belief that the public report includes all of the substantive information that you received, and all of the substantive issues that you discussed as members of that advisory team? Or did the team make some decisions regarding what the community did or did not need to know? Is there any reason why your mailing list archives were not made publicly accessible? What it even considered? I do not believe that, today, we can recall our leaders for using their judgement in accordance with our prevailing culture and documented rules. So, if we want the IETF to be more open and transparent, I think that we need to change those rules or pass a new rule that overrides them. We, the IETF community, need to decide how we want the IETF to
Re: Shuffle those deck chairs!
--On Thursday, 21 October, 2004 22:16 +0200 Brian E Carpenter [EMAIL PROTECTED] wrote: I'm with ESR on this one. The W3C bit the bullet and built a patent/IPR policy that has integrity and is based on the notion that the Net works properly when important components can be built by un-funded independents without worrying about getting their asses sued by someone with a patent portfolio. If the IETF wants to ignore history and build an Internet where that doesn't hold, feel free, but it's not a very interesting kind of place. -Tim Patent holders who choose to stay outside the standards setting process are not in the least impressed by the IPR policy of the standards body, whether it is the W3C, the IETF, or anywhere else. Those are the patent holders you need to worry about, not the ones who play nice by helping to set open standards. You're shooting at the wrong target by shooting at the IETF and its participants. Brian, While I've been trying to avoid this discussion, since it seems to be one of repeat the same thing over and over again in the hope that people will eventually believe you... or it will become true, I think your observation above calls for two additional observations (which have probably also been made before). I also know you know all of this, but it seems to need saying again. (1) Unlike consortia whose mission tend to be either make things better for the members while improving things overall or improve things overall while making things better for the members, the IETF's purpose is, to paraphrase recent discussions, to make the Internet work better by defining and promoting interoperability. However often they may intersect, those are different goals. To take the oft-cited W3C as an example, its mission is to develop[s] interoperable technologies (specifications, guidelines, software, and tools) to lead the Web to its full potential. W3C is a forum for information, commerce, communication, and collective understanding. That full potential part isn't an IETF objective, nor, normally, are information, commerce, and communication. Their realizing those goals may well justify the membership saying if the open source folks, however defined, can't implement this, then we don't care about it. The IETF, by contrast, needs to be open even to the most encumbered of approaches if it is clear that they are technically so far superior that the market will adopt them no matter what we do. And we need to understand them to the extent possible to make a judgment about whether or not they are that superior. I believe need we need to go to great lengths to avoid requiring an overly-encumbered technology. But, if we cannot find an alternative, we can't. And if we conclude that an encumbered technology is acceptable as an alternative or additional option in a standard, I think that is --as it always has been-- a judgment that WGs and the IESG need to be able to make. (2) If one accepts even a fraction of my comments above, then it is in our interest, and the Internet's interest, to make the IETF tent spread as widely as possible. Our message to patent-holders should be please participate here and see if things can be worked out to mutual benefit not you are evil and we don't want you here unless you mend your ways. We should try to be as inclusive as possible of those who are inclined to play outside the standards game so as to make them people we can have discussions with, people and organizations who might see the advantages of interoperability, and not targets. john ___ Ietf mailing list [EMAIL PROTECTED] https://www1.ietf.org/mailman/listinfo/ietf
Re: Shuffle those deck chairs!
On my way to the dust bin of history, I happened to notice this posting from Eric S. Raymond: In what way? Microsoft now knows that with the mere threat of a patent it either can shut down IETF standards work it dislikes or seize control of the results through the patent system. The IETF has dignaled [sic] that it will do nothing to oppose or prevent these outcomes. If you want an SDO to not allow use of work based on asserted or claimed patent rights, then you have to accept that a company such as Microsoft will always be able to intervene and shut down a group or attempt to force decisions for its strategic benefit. This is actually a strong argument for a compromise position, such as RAND. In short, we've come full circle. Can you take this conversation to the IPR group? Thank you, Eliot ___ Ietf mailing list [EMAIL PROTECTED] https://www1.ietf.org/mailman/listinfo/ietf
Re: Sunshine Law
Hi, I fully agree that the best way to manage any organization, ideally, will be NO ANY secrecy, full openness in every step, every decision. And this include, and specially, how we should manage IETF. I've been very concerned, and is not a matter of discussion here, but just to show the situation, about the way the WG chairs, ADs, secretariat and even the IETF chair, took a lot of decisions. I'm always for a complete openness, but I also understand that is not so simple, and we need to balance. Having every single conversation or meeting scripted is not simple, if not impossible and costly, even when the technology can help a lot. For example, having every email going through mail exploders which are archived and publicly open, will be easy, but how we can actually (if we should) force all the participants to not use private emails, outside of the list ? Can some of the participants not talks so openly if they know that their messages or conversations, are open to everyone ? So, yes, we MUST try up to the limit, and clarifying rules and processes will probably help as much as getting any kind of minutes or email traffic being open. And of course, a last and valid resort should be always to be forced to reply to any IETF member very frankly, openly and honestly about any question he might ask. If the people who took a decision is not open about it, then that people should be immediately removed from its position. Just my 2 cents. Regards, Jordi De: Margaret Wasserman [EMAIL PROTECTED] Responder a: [EMAIL PROTECTED] Fecha: Sat, 23 Oct 2004 11:46:51 -0400 Para: Brian E Carpenter [EMAIL PROTECTED], [EMAIL PROTECTED] Asunto: Re: Sunshine Law Hi Brian, At 2:23 PM +0200 10/23/04, Brian E Carpenter wrote: This is, I believe, one reason why our process includes a recall procedure. It's interesting that this has never been exercised, but I think its existence already puts the IESG and IAB on notice. However, it's always going to be a judgement call which decisions are purely operational and get made quickly by the I*, and which ones deserve debate in the sunshine. There are several important things that your response glosses over... Secrecy and closed meetings are not simply a matter of expedience in the IETF, they are supported by our prevailing culture and documented rules. We currently, and quite explicitly, expect our leadership to use their judgement in deciding what the community should and should not be told. It is a fact that the IAB and IESG regularly hold meetings, hold mailing list discussions, make decisions and/or receive information that is not shared with the rest of the community. This is a perfectly valid way to run an organization (most commercial corporations are run this way, for example), but it is not (at least in California!) considered to be a reasonable way to run a government. And, I personally do not think that this is the way we should be running the IETF. To illustrate the fact that the IETF is not organized or run in accordance with the Sunshine Law today, let me give some examples: RFC 3710 (the IESG charter) says: The IESG also has private group discussions, using any means of its choice, including email. Records of those discussions are not required to be made public. This is believed to be vital in permitting a frank exchange of viewpoints and worries, allowing people to speak out freely on topics known to be controversial, and permitting people to change their minds based on presented arguments. Decisions and their justification are a matter of public record. What this paragraph says is that our IESG deliberations are allowed to be secret. Only our decisions and their justifications are recorded and accessible to the community. And, in fact, we make many decisions that are not recorded, and others that are recorded without enough detail to understand their justifications. RFC 3710 then goes on to offer even more reasons why the IESG, in particular, might decide to hold a discussion of which the community is not informed: However, discussion of personnel matters and possibly legal and financial matters may sometimes be required to be kept confidential, and the chair may, with the consent of the full members, exclude liaison and ex officio members whose presence is seen as inappropriate for the particular discussion. Although RFC 2850 (the IAB charter) does not empower the IAB to have any private group discussions that are not minuted, it does say basically the same things about personnel, financial or legal matters: However, discussion of personnel matters and possibly legal and financial matters may sometimes be required to be kept confidential, and the chair may, with the consent of the full members, exclude liaison and ex officio members from such discussions. The passive voice in these sections is a bit ambiguous, but it is clear that the
Re: Sunshine Law
Margaret, A comment on part of your note to Brian... --On Saturday, 23 October, 2004 11:46 -0400 Margaret Wasserman [EMAIL PROTECTED] wrote: ... Brian, I believe that you and John Klensin were both members of one such group -- the IAB Advisory Committee that did the initial AdminRest work. As far as I know, your meetings were not minuted and your mailing lists archives were not open, although you did produce a public report in RFC 3716. Is it your belief that the public report includes all of the substantive information that you received, and all of the substantive issues that you discussed as members of that advisory team? Or did the team make some decisions regarding what the community did or did not need to know? Is there any reason why your mailing list archives were not made publicly accessible? What it even considered? ... While it was not handled perfectly (by my rather tough definition at least), that effort came pretty close to the way I think things that require some private discussions should be done.The existence of the effort, and the members of the committee, were, if I recall, made known to the community (and certainly to all of the IAB and IESG) on a contemporary basis. The general agenda being discussed was also exposed fairly early. And, yes, while I disagree with some of the tone and details of the report, it did pretty much cover all of the substantive issues we discussed. Certainly I can recall no discussion of what the community did or did not need to know and am pretty sure that no such discussion occurred. Now, the reasons the discussions and mailing list archives were not made public. I don't think we really discussed it, but all of us who are familiar with the IETF process, yourself included, have noticed how rapidly the S/N ratio can deteriorate in public discussion of things for which the public doesn't take the time to understand the details. Private discussions are sometimes a necessity, as is the ability to float what might be stupid ideas without having them quoted for years as one's firm position. When issues that either involve people's jobs, that can get highly emotional, or that may involve legal claims are at issue, the importance of holding private discussions becomes even greater (and we have seen all of those things in various pieces of the Admin restructuring/reorg process).I'd actually favor changing the rules to make that more explicit. But it seems to me that what we don't need to do is rather nicely reflected in the difference between the AdminRest process, as Leslie managed it, and the rather more confused consultants report and scenarios process that has followed it more recently. In the latter, it has been claimed that members of the IESG and IAB have been cut off from information, even when they have wanted it, and with no reasons being given. I don't know if that is true, but, if it is, I think that is intolerable -- not the cutting off, but the lack of exposure of agendas and reasons why privacy was needed. And, if it is not, a little more open discussion would go a long way to making the community feel better about the process. There have been discussions that have been hidden --intentionally or accidentally-- from the community. I think there is a huge difference between We are going to discuss X with Y. Those discussions need to be private because they touch on sensitive issues, but a summary of conclusions and justifications will be made available as soon as that is possible consistent with that level of sensitivity and the community isn't entitled to know that the discussions are being held. For long periods of time, the community was been told very little besides we are looking at this and you should stand by (and, by implication be prepared to support whatever we conclude). It is at least debatable whether the consultant's report reflected all of the available options accurately and fairly (although, if it did not, it may never be clear whether that was due (as has been alleged) to malice, excessive control behavior, prior strong biases about acceptable outcomes, etc., or just to asking Carl to do far too much work in too short a time. I am tired of singing this song, but there have also been assertions of the rights of the IESG and/or IAB do things and make decisions out of sight of the community, and I don't believe there are any such rights or any role for such claims in any of our processes. But, again, that isn't how the first rounds of AdminRest were handled, and I think the differences are pretty important. john ___ Ietf mailing list [EMAIL PROTECTED] https://www1.ietf.org/mailman/listinfo/ietf
Re: draft-lyons-proposed-changes-statement-01.txt
Margaret, You appear to be agreeing with my comments about the fundraising issue. There should be a distinction between routine contributions of funds for specific IETF events, and more substantial, long term support for IETF activities. Of course money is received in connection with IETF meetings: this is essential to the running of such events. There are also donations in kind to support such activities as the computer room and possible entertainment at the venue. However, such contributions whether in kind or cash differ considerably from the sustained donations that may be sollicited in order to provide long term stable support for IETF purposes and allow it to expand the services provided to the IETF community, and the Internet more generally. Regards, Patrice - Original Message - From: Margaret Wasserman [EMAIL PROTECTED] To: Patrice Lyons [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Thursday, October 21, 2004 10:32 AM Subject: Re: draft-lyons-proposed-changes-statement-01.txt Hi Patrice, At 11:07 AM -0400 10/20/04, Patrice Lyons wrote: You mentioned the importance of keeping support services, such as management of cash flow, separate from IETF technical efforts. I share this concern in large part. However, I would draw a distinction between carrying out routine administrative, financial (like accounting for expenses and meeting fees), technical (such as computer rooms at meetings), legal or other support services for the IETF (support services), and the solicitation, donation, receipt and other fundraising efforts for IETF purposes (fundraising). I don't believe that this distinction is as clean as you have indicated, particularly when it comes to meeting sponsorship, donations-in-kind and preferred contract pricing. Meeting sponsorship is one means by which large companies can offer financial support to the IETF (in return for PR and good will), so it is not really distinct from fund raising. This lack-of-distinction is emphasized by the meeting in Korea, where the sponsors donated $150,000 to the CNRI/Foretec, in addition to usual sponsorship costs which run in 6 figures themselves. I have no objection, at all, to having our meetings sponsored and/or having the sponsors make additional donations, but I think that meeting sponsorship is quite clearly a form of funding. Another form of funding is donations-in-kind. CNRI/Foretec currently buys equipment, software, etc. for running the IETF adminstrative activity. It might be possible to get companies to donate these goods, so that we don't have to pay for them. But, this is also a form of funding. Another, even more subtle form of funding is preferred contract pricing. Carl Malamud's report supposes that there are some people who would offer preferred (or zero-cost) prices to the IETF for their services, either for the PR or good will associated with providing those services. We already see this today on a smaller level -- the ops.ietf.org site is on Randy Bush's server, edu.ietf.org is on James Seng's and tools.ietf.org is on Henrik Levkowetz's. Many people donate their time to do a number of system administration tasks for the IETF and/or to run servers for our use (issue tracking, jabber, etc.) Maybe someone else will agree to run the IETF mailing lists for free (or cheap)? Or our web site? These are also all donations of goods, services, etc. So, I propose that we can't realistically separate all fund raising activities from the administrative support activity, at least not without eliminating some significant sources of funding. Please let me know if this clarification of my comments meets your concerns. I look forward to resolving the administrative issues that have been under discussion recently, but would add a note of caution on a rush to judgment. The reorganization issues under consideration are of major importance for the future of the IETF, and the Internet community more generally. We are in agreement that decisions about the structure of the IETF are important, long-term decisions that should not be taken lightly or made hastily. Margaret ___ Ietf mailing list [EMAIL PROTECTED] https://www1.ietf.org/mailman/listinfo/ietf
Re: I-D ACTION:draft-lyons-proposed-changes-statement-01.txt
Brian, What corporate (or for that matter unincorporated body) are you talking about here? Even if the IETF remains an unincorporated entity, it should retain the fiduciary responsiblity for overseeing its activities going forward. Incorporation wouldn't change this basic obligation. Regards, Patrice - Original Message - From: Brian E Carpenter [EMAIL PROTECTED] To: Patrice Lyons [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Thursday, October 21, 2004 4:41 PM Subject: Re: I-D ACTION:draft-lyons-proposed-changes-statement-01.txt Patrice, I'm extracting here soem of your comments to Joel and some of those to Margaret, because I think there is a single underlying point to be discussed: Patrice Lyons wrote: ... While there are many reasons why incorporation of an association is desirable, one important reason for a technical association like IETF to incorporate is the substantial increase in exposure to potential liabilities arising from conflicting patent claims that has arisen over the last few years. In this context, there has been some talk of donation recently of patents for IETF, particularly a group of patents, for IETF purposes at little or no cost. What happens if a group of pooled patents is donated to IETF by the very organization that also controls funding for the IETF? What happens if such an organization is under no direct control by the IETF and takes steps that embroil the IETF in patent litigation? ... Second, you raised a question about ISOC. While my comments didn't single out ISOC, if ISOC is viewed as a fundraising entity or an actual source of funds for the IETF, and is also the organization charged with hiring an Administrative Director for the IETF and supervising his/her efforts such as contracting with third parties for IETF support services, I would again assert: where are the checks and balances. ... Apart from the provision of routine IETF support services, fundraising for the IETF is a potential source of conflict of interest. To minimize the possibility that a contributor of funds for IETF purposes might be perceived as having an undue influence on IETF standards setting work, I have proposed that a new, separately incorporated and independent entity called the IETF Foundation be established to manage the IETF fundraising activities. ... In any event, the IETF retains the fiduciary obligation to supervise and control any support services provided to the IETF by third parties, including any possible new administrative entity that may be established to serve the IETF community. While supervisory responsibility for certain support services (whether under contract or simply volunteer) may be delegated by the IETF to others, the obligation to provide general oversight for such activities resides ultimately with the IETF leadership, in particular the IESG. Now we agree that the IETF *is* an unincorporated association, and there was very strong consensus in earlier discussions that we don't want to change its fundamental nature and its open door policy. If that is granted, then the leadership (i.e. the IESG and IAB) are as far as I can see under no formal responsibility whatever - there's just a social contract in place (and if that breaks down, we can all go home anyway). So the *fiduciary* responsibility for supervision and control and for integrity in fund raising and fund disbursement *has* to lie with a body corporate in some jurisdiction. That body can join the IETF social contract by agreeing to accept policy and technical direction form the IETF leadership, but that doesn't move the legal responsibility. And that being so, I just don't see the conflict of interest - if the body disburses funds for purposes other than what they were collected for, or breaks its social contract with the IETF, that's a breach of responsibility, but that can happen in any scenario whatever. Patent donations don't affect this - a patent is an asset and so it's really just like more money. Some poison pill would be needed to ensure that the patent can never be misused, but again I don't see conflict of interest. I just don't see how any of this argues for more than one body corporate. Brian ___ Ietf mailing list [EMAIL PROTECTED] https://www1.ietf.org/mailman/listinfo/ietf
Re: Sunshine Law
From: John C Klensin Now, the reasons the discussions and mailing list archives were not made public. I don't think we really discussed it, but all of us who are familiar with the IETF process, yourself included, have noticed how rapidly the S/N ratio can deteriorate in public discussion of things for which the public doesn't take the time to understand the details. Discussions that are made public can differ from discussions by the public. Publishing a mailing list archive is not the same as letting the peanut gallery contribute to it. If knowing that the archive for a mailing list is public would make contributors as noisy as professional politicians, then you need different contributors. Private discussions are sometimes a necessity, as is the ability to float what might be stupid ideas without having them quoted for years as one's firm position. I have trouble imagining such tender feelings in anyone who should be allowed to participate. Besides, that reasoning would justify keeping everything private except the final conclusions, and often even those. The fear of looking foolish seems to be a major reason why governments try to keep everything secret including their firm positions. Anyone who fears looking foolish should stay out of the kitchen, or learn to phrase ideas tentatively until they've become firm positions. Or follow the old advice to never write anything that would seriously embarrass you if reported by CNN or read in court. When issues that either involve people's jobs, that can get highly emotional, or that may involve legal claims are at issue, the importance of holding private discussions becomes even greater (and we have seen all of those things in various pieces of the Admin restructuring/reorg process).I'd actually favor changing the rules to make that more explicit. I think Colorado's old Sunshine Law allows private personnel discussions. There are periodic mini-scandals about abuses of exceptions to the law, but it generally seems to work. Judging from http://www.google.com/search?q=sunshine+law other states' sunshine laws are similar. However, that old advice about not saying dumb things even in private holds, as demonstrated by Microsoft and SAVVIS. See http://www.google.com/search?q=savvis+spam+memo I think there is a huge difference between We are going to discuss X with Y. Those discussions need to be private because they touch on sensitive issues, but a summary of conclusions and justifications will be made available as soon as that is possible consistent with that level of sensitivity and the community isn't entitled to know that the discussions are being held. True. Vernon Schryver[EMAIL PROTECTED] ___ Ietf mailing list [EMAIL PROTECTED] https://www1.ietf.org/mailman/listinfo/ietf
Re: A new technique to anti spam
test [EMAIL PROTECTED] wrote: Notes:If server dones't supports new tech,just do it as traditional server. In other words, the old way must still be supported. Therefore, the flow of spam can (and therefore will) continue unabated, so long as the spammers use the old way. Furthermore, even if adopted by spammers, your way will only save a bit of computer communication bandwidth. However, that capacity keeps growing by leaps and bounds every year, and has become dirt-cheap, at least in bulk or compared to years past. The real cost of spam is the *human attention* bandwidth! That capacity grows at negligible speed. If your technology relies on human judgement, especially from the end recipient, to say what is spam or not, then it is doing absolutely nothing to save human attention bandwidth. What is needed is some way that will stop spam even if neither the spammers nor most legitimate senders adopt the new way, and before the vast majority of the spam is ever seen by the recipient. It need not be perfect; it need only reduce the flood to a trickle. However, it should be as perfect as possible in NOT generating false POSITIVES, which can be a kiss of death for a business. So far, a combination of just being damn careful with your address (such as using throwaways, and web-forms instead of mailto links), and Bayesian filtering, looks to be the best bet IMHO. Being careful has reduced my spam count from the hundreds per day I get on some old addies, to the few a week I get on a few dozen current ones all put together. (That even includes THIS one, which is on publicly-accessible unaltered web archives.) And that's with *no* filtering at all -- David J. Aronson, Spamfighter since 1994 Work: http://destined.to/program Play: http://listen.to/davearonson ___ Ietf mailing list [EMAIL PROTECTED] https://www1.ietf.org/mailman/listinfo/ietf
Re: Shuffle those deck chairs!
... To my knowledge, both WGs and the IESG do think carefully about this, but often conclude that the default IETF conditions (RAND) are realistic and acceptable. what you call concluding, i call railroading and inertial ignorance. From when I was inside the black helicopter, which is a few years ago, the IESG discussions that I witnessed on this topic were definitely not conducted in ignorance, but in awareness of the various conflicting interests. That doesn't mean the right decisions were reached of course - the ADs are only fallible humans - but your comment is quite unfair from what I saw. i'm not sure what you think my comment means. WGs who think carefully about these issues are often dominated by a small number of highly vocal folks, and many of the conclusions are made simply to throw bones to these people so they'll sit down and shut up and let the agenda proceed. that's inertial ignorance and if you havn't seen it then i'm surprised. WG chairs, on the other hand, sometimes abuse their responsibility as recognizers of consensus, either declaring the wrong consensus, or declaring consensus when there isn't one, or refusing to declare consensus when there is one. this is railroading and again, if you havn't seen it, i'm surprised. ... 1. in spite of not having a clear corporate status, ietf is a de facto public trust. companies and people participate in ietf because they believe certain things, and among those things is what brian said: because it's a way to get work done. there are however other things, and exactly what those things are is at the heart of the current isoc-ietf-malamud hairball nightmare. I think this is a category error. The proposal on the table is how to improve the IETF's administration *without impacting the standards process one bit*. The concerns you are raising are orthogonal. So I see no hairball and no nightmare in draft-malamud. the nightmare is that we all have to read it and understand it and think about it and talk about it. i actually like the work, i just don't like (a) having to deal with it, and (b) knowing that most ietf participants aren't going to deal with it (leaving the decision to those-who-care.) Let's get the administration working properly. And let's separate any discussion of process transparency and IPR policy from that completely. You're not raising trivial issues here, but they are separable from the administrative stuff. i could have sworn that this thread was about patents. when did we decide that we were actually talking about Plan O from Outer Space? -- Paul Vixie ___ Ietf mailing list [EMAIL PROTECTED] https://www1.ietf.org/mailman/listinfo/ietf
Re: Re: A new technique to anti spam
Dave Aronson, ! This new tech is compatible with the other anti-spam techniques(Such as filterings) Do you notice the structure of mail-location in the new-tech? Such as: X-MPTR:svr=192.168.95.100;port=9110;id=20040707230823.GA29023; md=1732457bac7b4d141732457bac7b4d14;size=2573;spam=20% The last parameter is \"spam\".It means the posibility of \"this email is a junk-mail\" is 20%. Where the value is from? It\'s because the new-tech work together with filterings on the sender smtp server. No like traditional server,the receiver server filter the mail after getting it. The new tech wish the step of sending email-pointer shows the posibility of a spam. So the receiver judge the spam not only by human attention. (The receiver can configure the value to let system filter ones above this value automatically) About the development of the new-tech. First phase,Some huge ESPs turn to use the new-tech,cause them to avoid to receive spam each other Second phase,to stop the new-tech be compatible with the traditional tech. (Becasue most of spammers are use their own pc to make spam,and the new-tech won\'t allow people use pc to be a smtp server,as I wrote the new-tech will share an authority IPs database on Internet) 2004/10/23 23:29:41 : > \"test\" <[EMAIL PROTECTED]> wrote: > > > Notes:If server dones\'t supports new tech,just do it as traditional > > server. > > In other words, the old way must still be supported. Therefore, the flow > of spam can (and therefore will) continue unabated, so long as the > spammers use the old way. > > Furthermore, even if adopted by spammers, your way will only save a bit > of computer communication bandwidth. However, that capacity keeps > growing by leaps and bounds every year, and has become dirt-cheap, at > least in bulk or compared to years past. The real cost of spam is the > *human attention* bandwidth! That capacity grows at negligible speed. > If your \"technology\" relies on human judgement, especially from the end > recipient, to say what is spam or not, then it is doing absolutely > nothing to save human attention bandwidth. > > What is needed is some way that will stop spam even if neither the > spammers nor most legitimate senders adopt the new way, and before the > vast majority of the spam is ever seen by the recipient. It need not be > perfect; it need only reduce the flood to a trickle. However, it should > be as perfect as possible in NOT generating false POSITIVES, which can > be a kiss of death for a business. > > So far, a combination of just being damn careful with your address (such > as using throwaways, and web-forms instead of mailto links), and > Bayesian filtering, looks to be the best bet IMHO. Being careful has > reduced my spam count from the hundreds per day I get on some old > addies, to the few a week I get on a few dozen current ones all put > together. (That even includes THIS one, which is on publicly-accessible > unaltered web archives.) And that\'s with *no* filtering at all > > -- > David J. Aronson, Spamfighter since 1994 > Work: http://destined.to/program > Play: http://listen.to/davearonson > > ___ > Ietf mailing list > [EMAIL PROTECTED] > https://www1.ietf.org/mailman/listinfo/ietf > welcome! ___ Ietf mailing list [EMAIL PROTECTED] https://www1.ietf.org/mailman/listinfo/ietf
RE: NSA Crypto Museum?
Hadmut Danisch [EMAIL PROTECTED] asks: Hi, will anyone be visiting the NSA crypto museum? regards Hadmut Hadmut, We have all visited it already, many of us frequently. However we have no plans to tell the rest of you where it really is. -dlj. _ Take charge with a pop-up guard built on patented Microsoft® SmartScreen Technology. http://join.msn.com/?pgmarket=en-capage=byoa/premxAPID=1994DI=1034SU=http://hotmail.com/encaHL=Market_MSNIS_Taglines Start enjoying all the benefits of MSN® Premium right now and get the first two months FREE*. ___ Ietf mailing list [EMAIL PROTECTED] https://www1.ietf.org/mailman/listinfo/ietf
Lloyd-Jones's First Law of Organizations. Was: Internet-Draft cutoffs
From: Michael Richardson [EMAIL PROTECTED] I wonder if it wouldn't just be simpler to have the WG chair submit the -00 document themselves, as a placeholder for the actual document. This can be done as soon as the WG believes that the should exist. That gets rid of the back-and-forth between chair, author and secretariat. Michael, I remind you of the First Law, which states that if an organization is more concerned about structure or procedure than about the actual work to be done, that organization is on its way to its doom. Your message is clearly on the septic side of this Law. (Please note that I am amused by the fact that in criticising your stupiid message in this way I am also engaging in a discussion of structure or procedure. My saving grace is that I am both amused and mildly ashamed.) Best, -dlj. _ Take charge with a pop-up guard built on patented Microsoft® SmartScreen Technology. http://join.msn.com/?pgmarket=en-capage=byoa/premxAPID=1994DI=1034SU=http://hotmail.com/encaHL=Market_MSNIS_Taglines Start enjoying all the benefits of MSN® Premium right now and get the first two months FREE*. ___ Ietf mailing list [EMAIL PROTECTED] https://www1.ietf.org/mailman/listinfo/ietf
