Away 10/12-10/16: [L2TPEXT Milestones past due]
I will be out of the office on Friday, October 12. I will not be checking email or vmail until Monday, October 16. If the matter is urgent, please contact my manager Mike Stallings , or check the following URL for Escalation contact information: http://www-tac.cisco.com/escalation/viper_listings.shtml Thank you. -- --Carlos Pignataro. Escalation RTP - cisco Systems ___ Ietf mailing list Ietf@ietf.org https://www1.ietf.org/mailman/listinfo/ietf
I'm not in the office
Dear sender, I'm on vacation, without access to email, until 23/10/2006. Your message has been received and will be answered but do not expect a reply until sometime late in the week of 23/10. For urgent matters, please contact: [EMAIL PROTECTED] Kind regards, Henk ___ Ietf mailing list Ietf@ietf.org https://www1.ietf.org/mailman/listinfo/ietf
Re: draft-kolkman-appeal-support
> - supporters are willing to offer proof of identity to a > secretariat function of the IETF ...difficult, it reminds me of Usenet CSVs. What do you have in mind, a phone number offered for a verification call ? They would need to support different plausibility checks wrt WP:SOCK In a quite specific situation I was involved with, several supporters of an "alternate" viewpoint offered to make verification calls. Unfortunately they all had the same telephone number. I find that generally the reaction from claimed identities falls into one of three distinct categories: - "No problem, here's the pointer to my CV, here's 5 people who know both of us personally, if you need a copy of my driver's license just send me the fax number to send it to, what else can I do to help?" - "For religious/political/conscience reasons I refuse to give out my identity to anyone, so rather than violate my r/p/c belief, I'll withdraw from the case. However, I understand your reasoning and respect your refusal to admit me as a party to the case." - "mumble, mumble, mumble, civil rights, mumble, mumble, mumble, of course I am a separate person, mumble, mumble, mumble, what do you mean, how do you prove that you're not Bill Clinton, mumble mumble, what is this identity thing anyway?" What I draw as conclusions from these 3 case should be obvious; I'm a little unhappy about not getting the full value of the input from the second class of people, but to the third class I say "good riddance". Harald ___ Ietf mailing list Ietf@ietf.org https://www1.ietf.org/mailman/listinfo/ietf
Re: draft-kolkman-appeal-support
Harald Alvestrand wrote: > 9/10 of all drafts are trashed by the quite effective mechanism > of waiting 6 months... no need for dramatic action. Depends, that 3710-thingy was quite spicy, and all I know about "cancels" in the tools.ietf.org archive is that it's possible. > - supporters are distinct human beings WP:SOCK is okay... > - supporters are willing to offer proof of identity to a > secretariat function of the IETF ...difficult, it reminds me of Usenet CSVs. What do you have in mind, a phone number offered for a verification call ? They would need to support different plausibility checks wrt WP:SOCK > I might even toss in "has contributed to at least one IETF > mailing list he's subscribed to". That's simpler. > The important point (to me) would be to shift appealants from > a mode of "I am the lone voice of reason - if I am allowed to > carry my arguments forward in front of a higher body, Truth > and Justice will prevail" to a mode where appealants think > "I need to check with a few other people that I'm right before > progressing - perhaps my arguments are not compelling, or > perhaps I even might be wrong". > It may cause reasonable people who are upset to think twice, MAY as in "maybe not" ;-) Maybe it's simpler today if folks find the "procdoc-roadmap" with some bloody details not covered by the new Tao. Frank ___ Ietf mailing list Ietf@ietf.org https://www1.ietf.org/mailman/listinfo/ietf
Re: draft-kolkman-appeal-support
Michael Thomas wrote: John C Klensin wrote: ...The only folks who need to look for supporters are those who have appealed before and whose appeals have been rejected as without merit. Can an appeal be rejected with merit? Certainly. A simplistic created-on-the-spot example: The IETF publishes RFC 8214, on "Lessons Learned About Hosting an IETF Social", whereupon Ima Complainer appeals specification 8.3.2a "Construction of Corkscrews" because it includes the verbage "Threads must be right-handed, ie, the screw must travel INTO the cork when the handle is turned clockwise." Appeal one: "I represent Bob's Hardware Company (henceforth BHC), which has been making left-handed corkscrews for 300 years, and they work fine. All of our customers prefer them, saying that our tools are the best they have ever found. Why are you suddenly making our standard product 'non-standard'?" Rejection of Appeal one: "The IESG has determined that BHC is a traditional supplier of tools designed specifically for left-handed users. As such, we find that BHC is an exception to the "general use" of these standards. The appeal has merit, but is rejected." Appeal two: "Everyone in the IETF Social Planning Work Group has blue eyes, and as such cannot be trusted. Please push RFC 8214 back until we can get some brown-eyed engineers on this WG." Rejection of Appeal two" "The IESG has reviewed several personality to eye color studies, and has been unable to find any correlation between eye color and integrity. The appeal is rejected as being without merit." It might make sense to have a ruling something like, "any participant can appeal any IETF document or decision, with the following limit: The body appealed to may, at it's discretion, refuse to accept an appeal if the appealer has had more appeals rejected without merit than all other results." This means that, if more than half of your appeals were RWOM, they _may_ refuse to hear you. Nothing keeps you from getting someone else to appeal for you. It's just that, if someone with no history does this for you, and it is RWOM, then they are 1 to 0, themselves. Are we simply formalizing a reputation system here? Don't we have better things to do? -- Unable to locate coffee. Operator halted. ___ Ietf mailing list Ietf@ietf.org https://www1.ietf.org/mailman/listinfo/ietf
Re: draft-kolkman-appeal-support
John C Klensin wrote: (1) The "supporter" procedure/requirement should be triggered only is someone shows symptoms of being a vexatious appellant. People who are entering their first appeals don't trigger it. People whose last appeal was successful, even in part (that would need to be defined, of course, and that might not be easy) don't trigger it. The only folks who need to look for supporters are those who have appealed before and whose appeals have been rejected as without merit. Can an appeal be rejected with merit? Mike (2) The definition of someone permitted to be a "supporter" must, as several people have pointed out (Ned, IMO, most eloquently), be broad enough to include active IETF contributors who don't attend meetings. One class of action that might need appealing would be a procedural decision that would [further] impede the ability of those people to effectively get work done in the IETF and they _must_ have standing to appeal such measures by themselves or in conjunction with others who are similarly impacted. I would have no problem with a requirement that someone actually be a human being with some active interest or involvement in the IETF -- what some other standards bodies describe as a "materially concerned party". But requiring meeting attendance as proof of that seems to violate all sorts of IETF principles. (3) The idea that, if someone successfully appeals, or supports an appeal, on one action, they should be permanently barred from supporting similar appeals in the future is seriously broken. It could only have a chilling effect on the generation of appeals, legitimate ones as well as bogus ones, because one would want to save endorsements for important-enough occasions. It is also at variance with a principle that has been discussed recently on the IETF list wrt mailing list behavior and complaints: how an appeal is processed and considered should depend on its substance and merits, not on the identity of the submitter. This is particular important if someone who is relatively more familiar with IETF processes and fluent in English is asked to prepare an appeal on behalf of someone who is not -- a situation that, if anything, we want to encourage since I believe that well-drafted appeals tend to take less IESG and IAB time than ones in which those bodies have to spend time figuring out what the real problem is or what is wanted. Now, clearly, the above has the implication of "one free appeal per customer". If the bad guys whom Olaf is trying to protect against got themselves organized into a cabal, they could manage a denial of service attack. But I'm not sure that is a real, as distinct from theoretical risk and, more important, I think it is a risk we have to run if we want to have a viable appeals process. However, as I read the above, I wonder if the model of the I-D is backwards and your observation about "vexatious litigants" should be carried a bit further. Suppose we consider this situation as somewhat more like the mailing list abuse issue than one in which we assume that every person filing an appeal is the enemy until proven otherwise. If we adopt a model of that sort, then: We change the possible responses to an appeal from, broadly, "yes" or "no" to "yes", "no", and "no, and this is irrational and/or obviously totally without merit". The latter, which could itself be appealed but not by the subject (only by someone else on his, her, or its behalf), would imply something analogous to posting restrictions: a period in which the person was barred from appealing, or needed supporters, or something else. Similar to posting restrictions, the requirements/ barriers could be escalated if they needed to be applied additional times. That is obviously just an outline with a number of details that would need filling in, but it seems to me it has the important property of shifting the balance from "everyone who considers filing an appeal is presumed to be an attacker on the process" to "those who abuse the appeals process get their leashes shortened". Since I believe that the ability to easily appeal silly or inappropriate actions is a key part of our process model --one that wards off the need for much more heavyweight and complex procedures-- it seems to me that is the right way to balance things. john p.s. for those who have had in-the-hall discussions with me about appeals and prevention of DoS attacks in the last few years. Yes, I have changed my mind. Making things harder for those who use the appeals mechanisms to insist that the IETF follow its own pro
Re: [Nea] Re: WG Review: Network Endpoint Assessment (nea)
Harald Alvestrand wrote: A typical NEA case (taken out of what Cisco's NAC is supposed to be good for): - Worker goes on holiday, takes laptop - New attack is discovered that exploits a newly discovered Windows vulnerability - Patch is created, distributed and installed - NEA posture requirement is increased to "must have patch" - Worker comes back, plugs in laptop Without NEA-like functionality: - Worker is admitted - Worker gets attacked & compromised - IDS & other alarms go off - Remediation efforts do what they usually do With NEA: - Worker gets sandboxed - Worker gets upgraded - Worker gets admitted - No compromise, so no remediation No ill intent on the part of any participant (except the attacker). Just a TCO issue. The fact that some fruit is low-hanging doesn't mean it's not worth picking. I don't agree that this is low-hanging fruit. The server component of this system seems like a wonderful new target for DDoS and masquerade attacks. Harald Andy Alan DeKok wrote: Brian E Carpenter <[EMAIL PROTECTED]> wrote: What if your contractor has carefully configured the laptop to give all the right answers? What if it has already been infected with a virus that causes it to give all the right answers? Yes, that's a problem with NEA. No, it's not a problem for many (if not most) people using NEA. The people I talk with plan on using NEA to catch the 99% case of a misconfigured/unknown system that is used by a well-meaning but perhaps less clueful employee or contractor. The purpose of NEA is to enhance network security by allowing fewer insecure end hosts in the network. No one can prevent a determined attacker from getting in. But by providing fewer hosts for him to attack, the attacks become less feasibly, and more visible. Alan DeKok. ___ Ietf mailing list Ietf@ietf.org https://www1.ietf.org/mailman/listinfo/ietf ___ Ietf mailing list Ietf@ietf.org https://www1.ietf.org/mailman/listinfo/ietf ___ Ietf mailing list Ietf@ietf.org https://www1.ietf.org/mailman/listinfo/ietf
Re: draft-kolkman-appeal-support
Frank Ellermann wrote: Perhaps he could be also convinced to trash his draft. I've trashed an "3710-obsolete" draft (before publication - luck). 9/10 of all drafts are trashed by the quite effective mechanism of waiting 6 months... no need for dramatic action. that said, I'd be happy if the requirements were: - supporters are distinct human beings - supporters are willing to offer proof of identity to a secretariat function of the IETF I might even toss in "has contributed to at least one IETF mailing list he's subscribed to". The important point (to me) would be to shift appealants from a mode of "I am the lone voice of reason - if I am allowed to carry my arguments forward in front of a higher body, Truth and Justice will prevail" to a mode where appealants think "I need to check with a few other people that I'm right before progressing - perhaps my arguments are not compelling, or perhaps I even might be wrong". It may cause reasonable people who are upset to think twice, and should rarely block an appeal where there's a real dissent in the community. (I leave it up to people's memories to recover which specific cases the conditions above are intended to address...) Harald ___ Ietf mailing list Ietf@ietf.org https://www1.ietf.org/mailman/listinfo/ietf
Re: draft-kolkman-appeal-support
--On Saturday, 14 October, 2006 09:05 +0200 Eliot Lear <[EMAIL PROTECTED]> wrote: > Ned, > > I am torn with the proposal. On the one hand, I am > sympathetic to DDOS attacks on the process. On the other > hand, I agree with you that serious contributors need a way to > appeal decisions. In particular, I don't like the need to > require support from additional serious members, and I would > only support that if other avenues failed. > > If we look by analogy at the legal system (always a hazardous > thing), we see that there are often special rules in place > when it comes to access to the courts for those who have been > judged vexatious litigants. We could do something similar. > While that alone doesn't prevent me from creating an anonymous > email address and filing an appeal, some rule around that plus > some indication of previous participation would be useful. So > I would include a very liberal set of people, like those who > have ever attended an IETF or produced an RFC or have been > published in ACM, IEEE, USENIX, SAGE, and or some other list > of credited networking organizations. If you've shown that > you've contributed to the community in some meaningful way > then we should give you the benefit of the doubt. Eliot, It seems to me that, if there is a "right track" here --and that is not obvious to me-- that you are on it or at least on a parallel one. I suggest that implies several changes to the draft, YMMD: (1) The "supporter" procedure/requirement should be triggered only is someone shows symptoms of being a vexatious appellant. People who are entering their first appeals don't trigger it. People whose last appeal was successful, even in part (that would need to be defined, of course, and that might not be easy) don't trigger it. The only folks who need to look for supporters are those who have appealed before and whose appeals have been rejected as without merit. (2) The definition of someone permitted to be a "supporter" must, as several people have pointed out (Ned, IMO, most eloquently), be broad enough to include active IETF contributors who don't attend meetings. One class of action that might need appealing would be a procedural decision that would [further] impede the ability of those people to effectively get work done in the IETF and they _must_ have standing to appeal such measures by themselves or in conjunction with others who are similarly impacted. I would have no problem with a requirement that someone actually be a human being with some active interest or involvement in the IETF -- what some other standards bodies describe as a "materially concerned party". But requiring meeting attendance as proof of that seems to violate all sorts of IETF principles. (3) The idea that, if someone successfully appeals, or supports an appeal, on one action, they should be permanently barred from supporting similar appeals in the future is seriously broken. It could only have a chilling effect on the generation of appeals, legitimate ones as well as bogus ones, because one would want to save endorsements for important-enough occasions. It is also at variance with a principle that has been discussed recently on the IETF list wrt mailing list behavior and complaints: how an appeal is processed and considered should depend on its substance and merits, not on the identity of the submitter. This is particular important if someone who is relatively more familiar with IETF processes and fluent in English is asked to prepare an appeal on behalf of someone who is not -- a situation that, if anything, we want to encourage since I believe that well-drafted appeals tend to take less IESG and IAB time than ones in which those bodies have to spend time figuring out what the real problem is or what is wanted. Now, clearly, the above has the implication of "one free appeal per customer". If the bad guys whom Olaf is trying to protect against got themselves organized into a cabal, they could manage a denial of service attack. But I'm not sure that is a real, as distinct from theoretical risk and, more important, I think it is a risk we have to run if we want to have a viable appeals process. However, as I read the above, I wonder if the model of the I-D is backwards and your observation about "vexatious litigants" should be carried a bit further. Suppose we consider this situation as somewhat more like the mailing list abuse issue than one in which we assume that every person filing an appeal is the enemy until proven otherwise. If we adopt a model of that sort, then: We change the possible responses to
Re: draft-kolkman-appeal-support
Ned, I am torn with the proposal. On the one hand, I am sympathetic to DDOS attacks on the process. On the other hand, I agree with you that serious contributors need a way to appeal decisions. In particular, I don't like the need to require support from additional serious members, and I would only support that if other avenues failed. If we look by analogy at the legal system (always a hazardous thing), we see that there are often special rules in place when it comes to access to the courts for those who have been judged vexatious litigants. We could do something similar. While that alone doesn't prevent me from creating an anonymous email address and filing an appeal, some rule around that plus some indication of previous participation would be useful. So I would include a very liberal set of people, like those who have ever attended an IETF or produced an RFC or have been published in ACM, IEEE, USENIX, SAGE, and or some other list of credited networking organizations. If you've shown that you've contributed to the community in some meaningful way then we should give you the benefit of the doubt. Eliot ___ Ietf mailing list Ietf@ietf.org https://www1.ietf.org/mailman/listinfo/ietf
