John, One addition to your description -- a small, but important, point...
ANSI (of which both UL and the normative standards on which their more detailed testing/evaluation standards are based are members and accredited SDOs) makes a careful decision between "safety standards" and other sorts of things. By the definitions they use, the IETF has never done a safety standard. That is probably A Good Thing. The safety standards tend to be rigidly normative, specifying exactly what is permitted and what is not. There is no need for our sort of interoperability testing, because things are required to conform to an explicit set of specifications and requirements. And, where that isn't done, there are usually requirements for approval by the local authority or use of "approved" equipment. In both cases, the term "to approve" implies some sort of inspection or certification entity. The characteristic that these things have in common is that they are designed to be incorporated into legislation. The National Electrical Code, with which many readers of this list are probably familiar (my apologies to those, especially out of the US, who are not -- you already knew that we do things in odd ways here), is a good example. The Code itself is nothing more than an ANSI Standard. Conformance is voluntary, right? Well, the text is full of references to approved devices and approval by local authority. Then various jurisdictions come along, take that "voluntary" standard, and pass laws saying that it is illegal to do electrical things any other way. In the process, they specify the local approval authority (your friendly neighborhood electrical inspector in most cases) and the list of bodies that can approve "approved" devices. The latter is a list that usually has only one entry on it, and that entry is UL. If Valdis can buy a non-UL-certified night light in Vermont, he gets a choice. In many jurisdictions, it is illegal to sell such things, or household fire insurance is scrap paper if there is a fire traced to a device without UL certification. And, for some devices, the codes themselves require that only certified devices get installed. Now, in our business, partially because we don't do safety standards, we rely on external certification processes, including a lot of self-certification, rather than these elaborate drills that prevent selling or installing things that, in the judgement of some organization, are non-conforming. Stef's most recent notion of people doing their own interoperabiity testing and announcing what they find if they want to is exactly self-certification. And it has been around for years. But that brings us right back to where this series of thread started: the company in question has never, to my knowledge, made a loophole-free public claim that it conforms to anything the IETF has produced, especially at the applications level. If they had made such a claim, and obviously didn't conform, then someone might have a reasonable cause of action against them, with or without a public announcement process. But they are doing exactly what they claim to be doing (read the licenses) -- delivering software that may or may not work and may or may not be good for anything. If one doesn't like that, one should presumably go elsewhere or figure out why there isn't an "elsewhere" and do something about it. john --On Monday, 28 January, 2002 09:01 -0800 John W Noerenberg II <[EMAIL PROTECTED]> wrote: > At 10:19 PM -0500 1/26/02, [EMAIL PROTECTED] wrote: >> >> I have in my bedroom a night light, which I purchased at a >> local grocery store. It has a UL logo on it, which doesn't >> tell me much about its suitability as a night light (I can't >> tell if it's bright enough, or if it's too bright, or what >> its power consumption is), but it *does* tell me 2 things: >> >> 1) It has been *tested* and found free of any known safety >> design problems. It may not *work* as a night light, but it >> won't shock me when I go to throw it in the trash can because >> it's not suitable. >> >> 2) A high enough percentage of night light manufacturers get >> UL listed that I can afford to be suspicious of any company >> that doesn't have the logo on their product. > > Underwriters Laboratories, Inc. is a non-profit corporation > that was founded in 1894. This > <http://www.ul.com/about/otm/otmv3n2/labdata.htm>article > describes the process UL uses for developing their standards. > Many UL standards receive ANSI certification. According to > the article, UL relies on information from a number of sources > while developing a standard. > > UL tests products submitted by its customers for *conformance* > to its standards. UL's reputation depends on the rigor and > independence of their testing. I don't know how it costs to > submit a product for testing, but obtaining UL certification > isn't free. UL's certification program is successful, because > when consumers like Valdis (and me) see a UL label, they > believe in its value. As Valdis points out, the value of the > label has limits. > > Certification isn't the work of a volunteer organization like > the IETF. It could be the work of an organization like > Underwriters Labs. This would be a good thing for Internet > standards, imho. > > One idea proposed multiple times in this meandering discussion > is that those advocating testing should put up or shut up -- > create a testing organization or move on to other topics. I > concur with both those suggestions. I'm sure you'll all be > pleased this is my last word on the topic. > > best, > -- > > john noerenberg > [EMAIL PROTECTED] > > -------------------------------------------------------------- > -------- While the belief we have found the Answer can > separate us and make us forget our humanity, it is the > seeking that continues to bring us together, the makes and > keeps us human. -- Daniel J. Boorstin, "The Seekers", 1998 > > -------------------------------------------------------------- > --------