Re: [Cfrg] Requesting removal of CFRG co-chair

Daniel Kahn Gillmor <> Tue, 07 January 2014 05:23 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 9830B1AE437 for <>; Mon, 6 Jan 2014 21:23:26 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -0.001
X-Spam-Status: No, score=-0.001 tagged_above=-999 required=5 tests=[BAYES_40=-0.001] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id Xce1Z-m5oXDr for <>; Mon, 6 Jan 2014 21:23:24 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTP id C52411ADF7F for <>; Mon, 6 Jan 2014 21:23:23 -0800 (PST)
Received: from [] ( []) by (Postfix) with ESMTPSA id E1F27F984; Tue, 7 Jan 2014 00:23:12 -0500 (EST)
Message-ID: <>
Date: Tue, 07 Jan 2014 00:23:09 -0500
From: Daniel Kahn Gillmor <>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Icedove/24.1.1
MIME-Version: 1.0
References: <>
In-Reply-To: <>
X-Enigmail-Version: 1.6
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="DKgtHdLXWAVLv9VApD9UMmhXCLlFd3IcC"
Subject: Re: [Cfrg] Requesting removal of CFRG co-chair
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 07 Jan 2014 05:23:26 -0000

On 01/06/2014 05:17 PM, wrote:
> It is a FEATURE (not a bug) that mutually distrustful people
> are in a position to engage in a common arena.

Yes, there are competitors here, including some people who distrust each
other.  But the IETF and the IRTF are not gladiatorial sports or
marketplace proving grounds.  They are places where commercial,
industrial, academic, governmental and civil society actors can can come
together to collaboratively develop interoperable standards and
mechanisms, to improve the internet for everyone.

This assumes a baseline of common goals, such as those expressed by our
community after IETF 88:

Organizations who do not share these common goals, and especially those
who are actively working to subvert them, do not fit into this
forum-of-competitors model that you're touting.

> Why, for example, do you want poll watchers from opposing
> parties to be in the same room at the same time?

Members of the political parties may compete with each other, but they
all have an interest in the continued functioning of the electoral system.

How do you feel about a poll watcher from an organization whose stated
goals include actively damaging the electoral system itself?  What about
a member of such an organization who offers to help with the thankless
task of coordinating the poll watching?  What if that volunteer has had
ample opportunity to explicitly disavow and reject their organization's
goal of damaging the electoral system, but has not done so publicly?

What does this situation do to motivate people who want to see the
electoral system function better, and who are considering volunteering
to help watch the polls?

I understand that WG and RG co-chairs are not dictators, and that they
cannot single-handedly mandate results.  But I don't buy the argument
that they have no special influence over the process.  Anyone with a
history of working in groups can tell you that even the most thankless
coordinating/facilitating work holds implicit power.  That's power to
shape agendas, to highlight certain decisions over others, to
magnify certain views and minimize others, and to craft the public
messages that reach beyond the group.  RFC 2014 itself calls this
"wide discretion in the conduct of Research Group business".

The IETF does not (and should not) exclude individuals from
participation based on their organizational affiliation.  And certainly
organizations aligned in opposition to the goals of the IETF may attempt
to covertly damage the IETF process no matter what.

But it does not follow from these facts that the IETF should accept or
endorse leadership from people who have explicit, public affiliations
with groups opposed to the goals of the IETF.

One of the counterclaims here is that the IETF has open process where
concerns can be brought up and dealt with.  Well, they're being brought
up, but it doesn't feel that they've been dealt with.


I plan to call for more participation in the CFRG at the Real World
Crypto conference in New York next week.  Since the Snowden leaks, there
is renewed interest and energy around the topics that the CFRG is
chartered to investigate.   It should be easier to encourage
participation than it would have been previously, because people are
more aware of the scope of the issues now, and it is clear that there is
a strong ethical case to defend users from pervasive monitoring and

Unfortunately, I expect it to be significantly harder to effectively
advocate for additional participation in the research group given that
one of the co-chairs continues to work for a known adversary.