Re: [Eligibility-discuss] NomCom selection Fwd: Notification for draft-eastlake-rfc3797bis-00.txt
Donald Eastlake <d3e3e3@gmail.com> Tue, 30 May 2023 17:32 UTC
Return-Path: <d3e3e3@gmail.com>
X-Original-To: eligibility-discuss@ietfa.amsl.com
Delivered-To: eligibility-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B2344C16B5A8 for <eligibility-discuss@ietfa.amsl.com>; Tue, 30 May 2023 10:32:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.845
X-Spam-Level:
X-Spam-Status: No, score=-1.845 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QKCaTEFFk5pZ for <eligibility-discuss@ietfa.amsl.com>; Tue, 30 May 2023 10:32:07 -0700 (PDT)
Received: from mail-ej1-x62a.google.com (mail-ej1-x62a.google.com [IPv6:2a00:1450:4864:20::62a]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E3895C17B331 for <eligibility-discuss@ietf.org>; Tue, 30 May 2023 10:32:07 -0700 (PDT)
Received: by mail-ej1-x62a.google.com with SMTP id a640c23a62f3a-96f99222e80so7058466b.1 for <eligibility-discuss@ietf.org>; Tue, 30 May 2023 10:32:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1685467926; x=1688059926; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=L5qJATKe/AMw8EAtOORn5obUl809uaUnLBiyNMIJCTg=; b=fTHj3zzh9n2zwm94GTkG/NVP+tCmNBVfPvZ2UNo1BVr3RrQ6FAHRfXep0ewM+weWdL 7Hd+D0f41Jc6hTVN2e4+ZG3/blJe4wA90UO6es3Uu/kofu3ZxRaDWWqSnxX8Rl0UJ3Re 6VohjGZrwXCf5aXnwPFk0wzwlpeK9AHTDqqK1nZpnAykvlJnnQleTp8NR5C9GUgur+Sv hOPFE5f4jHLuZGOO7RPTTX/LdcEK6A6TR53wJ/iMlBwlGOOdY/kdLuKrAu58bARddsHd TY70TP3vVRLNEeHl0CxO/u8C6TTbV2QuA+jEgcKHdJZO3g6SMONgrr4+qUMB9TmhNBM8 Ycrg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1685467926; x=1688059926; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=L5qJATKe/AMw8EAtOORn5obUl809uaUnLBiyNMIJCTg=; b=BAxxsJFDxkxPPmII0Y/Yqq7EnboS7Qac4UiipHEDwuxfsWOidaHyFdfshEhHK6ZYG2 Z59NuZmndiV/kZkZafNXrun6ny36EyvlXPu4sktRSAHpkv4CkNGsi6e9/ubnnJblsB0m R3xWNrVrlUdx+PnKFB7+aOXAeQsEfJmE6pNXpbYCokRcysO9gmkz3N4GwSGtwjzPIWaP qTpCmLio6X+x+/04vAZEWLTZH5HAL/DGeDudv1Md+y5AgRE3MWeYojdyeK5qazSmWWIX 9SP4i3YaqqMhkIpOvTpbZZ/gcAsscEz6/DNkTn32hU7dg0F47A4e9x7Rs8bw52YC6HeP ytHQ==
X-Gm-Message-State: AC+VfDyvdcwrcNuBpFhfYcxmV+hOZ87Lfy5L0D8pW6V+ki7iGU2zWXPf 4sXuts0zcri7gIJM5JrSTpyeWsXWI3gysSULlkfN0BCVfUY=
X-Google-Smtp-Source: ACHHUZ45oomPh+fiWT8aEatXnSqrbLzmlmouSWsiyv2VFxsdlsFuNccoWq9t5YhZFUwDlkY4LlShcNhX5KrHXN+PvK0=
X-Received: by 2002:a17:907:26c6:b0:96f:7636:65ca with SMTP id bp6-20020a17090726c600b0096f763665camr10822330ejc.3.1685467925479; Tue, 30 May 2023 10:32:05 -0700 (PDT)
MIME-Version: 1.0
References: <54F373CD-1E97-42BC-9AAB-0451ABD9D448@eggert.org> <1229DD7D-3640-4EFD-8058-D0EC18020038@eggert.org> <18537EEF-4E16-4C48-8456-02A8FB0C8CFC@vpnc.org>
In-Reply-To: <18537EEF-4E16-4C48-8456-02A8FB0C8CFC@vpnc.org>
From: Donald Eastlake <d3e3e3@gmail.com>
Date: Tue, 30 May 2023 13:31:53 -0400
Message-ID: <CAF4+nEF9B2cokxzLkwHCCtDmDNKuW6B+NCxbOYupEtSn0mg0Rg@mail.gmail.com>
To: Paul Hoffman <paul.hoffman@vpnc.org>
Cc: Lars Eggert <lars@eggert.org>, eligibility-discuss@ietf.org
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/eligibility-discuss/jErclYB39YXp4KT6UJWl1w71RWk>
Subject: Re: [Eligibility-discuss] NomCom selection Fwd: Notification for draft-eastlake-rfc3797bis-00.txt
X-BeenThere: eligibility-discuss@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IETF eligibility procedures <eligibility-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/eligibility-discuss>, <mailto:eligibility-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/eligibility-discuss/>
List-Post: <mailto:eligibility-discuss@ietf.org>
List-Help: <mailto:eligibility-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/eligibility-discuss>, <mailto:eligibility-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 30 May 2023 17:32:11 -0000
Hi Paul, On Mon, May 29, 2023 at 6:27 PM Paul Hoffman <paul.hoffman@vpnc.org> wrote: > By a weird coincidence, I was creating a new, simpler choosing > protocol when this discussion came up. A colleague was seeing if RFC > 3979 fit their need to select m of n people, but had problems with > the implementation of 3797. And what were these implementation problems? People don't seem to have much problem duplicating the nomcom Chair's results when the Chair choses to use RFC 3797. IANA didn't seem to have much problem using it to select the ACE Prefix. I'd have to go dig up the details but there was also a case where an IEEE 802.11 TG Chair used it to select some 802.11 parameter and sent me mail afterwards saying they were surprised it was so easy to use. Of course, these two cases were simply selecting 1 value from n. > When I looked at draft-eastlake-rfc3797bis-02, I saw that the > pitfalls that were in 3797 were still there, and this spurred me to > come up with something as good but simpler. The goal of rfc3797bis was to add a way to re-randomize when the selection has to be extended. This makes it more complex. Your draft would, to satisfy some people, have to be similarly extended and made more complex. In your Section 4 you just punt and imply there is no problem here. > Please see > <https://datatracker.ietf.org/doc/draft-hoffman-genarea-random-candidate-selection/>. > It may be of interest for the discussion of > draft-eastlake-rfc3797bis. Your method is very reminiscent of the method for which there was a burst of interest some years ago. The method in 3797 requires, for public confidence, that, after it is frozen, the volunteer list from which selection is to be made not be changed in length or order. This never seemed like such a severe restriction to me. (You repeatedly talk about pitfalls in 3797 but don't say what they are. Perhaps it is that restriction.) If I remember correctly, this suggestion years ago was that a hash-based scheme would be superior. The scheme I remember being suggested was that the names in the volunteer list would be hashed and sorted and then selection would be made by calculating a sequence of pseudo-random numbers, as in 3797, but rather than selecting the Nth entry using the remainder modulo the remaining list length, the selected entry would be the one whose hash was, for example, the next higher hash (using ring arithmetic) from the random hash. I considered adding something based on this hash based method to rfc3797bis but it didn't seem worth the effort. People are used to the existing method and I hadn't heard any complaints for a long while except for those in connection with extending selection. (It is of course, clear that, in the hash scheme described above, someone's chance of being selected would depend on how large a gap there was below them in the sorted sequence of hashes, which means someone could affect their chance of selection by their choice of name. The obvious solution is to salt the names with something unpredictable. At which point, the probing for selection becomes unnecessary and the top x can be selected which is what you propose. So, maybe, if I had decided to add a hash-based method to 3797, I would have thought of this and duplicated much of what you came up with. Or maybe I would have missed it...) Your hash method is simpler than the above hash method in that it produces the list in selection order with the sort rather than using multiple probes into the list to select and remove the selectees in order. However, while it would be the case that you could remove ineligible people from the list without affecting the results, you still couldn't add anyone and you have the new criteria that the exact binary "name" on the list must be absolutely immutable after the list is frozen. If someone complains that their name has changed or their name is wrong on the list, you just have to tell them "Too bad, it can't be changed". While your hash method is simpler than the hash method initially described above, I don't think your selection method is significantly simpler than 3797. Your method of getting randomness is simpler because you are content with poorer quality randomness with less entropy. But if you are selecting m entries from a pool of n entries, 3797 has you do m hashes each of which selects one and then you are done. Your draft has you do substantially more hashes (n of them, since normally n > m) and then requires a sort which is not needed by 3797. One way to view 3797 is that it selects m integers from the first n integers (1...n). The binding between integers and names is entirely outside of the code. Your scheme intimately convolves the exact names with the selection. Perhaps it is somewhat of a matter of opinion how "simple" each is but, even assuming 3797 is a little more complex, given that there is working trusted code, does it matter? > Please note that the proposal could be turned into an RFC even if > the IETF wants to keep using the protocol in > draft-eastlake-rfc3797bis; there is good reason to have a simpler > protocol defined for others who want to have the same result as what > we have for NomCom, but using an easier-to-understand alternative. I don't know why you say "...the IETF wants to keep using...". It is up to the Nomcom Chair what method they use. Section 4.16 of RFC 8713 says is "One possible selection method is described in [RFC3797]." Admittedly, RFC 3797 is a Best Current Practice (as opposed to its predecessor RFC 2777 which was Informational). There is no particular reason why there could not be multiple methods available to the Nomcom Chair, whether in separate RFCs or in one combined RFC. See miscellaneous other comments below: > --Paul Hoffman I really don't like stock prices or indexes. They are not guaranteed to exist on any particular day because markets close in emergencies, etc., so you have to be careful to word it something like "the X on date Y or the first date after Y that X is available". Sometimes they are represented in more than one way. There is little obligation on the source to maintain any particular format or schedule. On the other hand, with lotteries, governments are very careful to do the drawing for every scheduled day and if there is a problem, they still do the drawing for that day even if it is delayed a little. Basically, all the stuff in 3797 about random sources applies, in my opinion, to your draft. In my opinion, your randomness is too weak and, while it doesn't hurt, your hash function is grossly stronger than needed. I'm puzzled by this sentence: "Such reestablishing of the candidate pool [where extended selection has to be done] can cause confusion and hurt among the candidates who were first selected, then later unselected, due to no fault of the their own." I can understand why a candidate who would be selected but isn't because they are from a sponsor that already has two selectees or because they are uncontactable could be "hurt". (Surely if they are not selected for the third possible reason, that they decline, then it's their own problem.) I also don't know what sort of "confusion" you are talking about. In any case, the nomcom has real deadlines. While the nomcom Chair has to make a substantial good-faith effort to contact selectees, if they can't in a limited amount of time, they have to move on or they risk failing to meet deadlines. Regardless of whether you view this as a problem, it is completely independent of what algorithm is used for selection from the volunteer pool and has nothing to do with re-randomization. You incorrectly claim that RFC 3797 requires re-randomization when the selection process has to be extended. While the current rfc3797bis draft does specify how to do re-randomization and requires it when the selection process is extended, it would only require a few words change to make it optional so the Nomcom Chair could decide if they want to bother with it. I don't get this stuff about how people should use the HTML version. The only weirdness I see is the italic letters S and D which seems insignificant. I think it is a better practice to write documents so the .txt is easily usable. Thanks, Donald =============================== Donald E. Eastlake 3rd +1-508-333-2270 (cell) 2386 Panoramic Circle, Apopka, FL 32703 USA d3e3e3@gmail.com
- Re: [Eligibility-discuss] NomCom selection Fwd: N… Lars Eggert
- Re: [Eligibility-discuss] NomCom selection Fwd: N… Robert Sparks
- Re: [Eligibility-discuss] NomCom selection Fwd: N… Salz, Rich
- Re: [Eligibility-discuss] NomCom selection Fwd: N… Eric Rescorla
- Re: [Eligibility-discuss] NomCom selection Fwd: N… Salz, Rich
- Re: [Eligibility-discuss] NomCom selection Fwd: N… Eric Rescorla
- Re: [Eligibility-discuss] NomCom selection Fwd: N… Brian E Carpenter
- Re: [Eligibility-discuss] NomCom selection Fwd: N… Michael Richardson
- Re: [Eligibility-discuss] NomCom selection Fwd: N… Brian E Carpenter
- Re: [Eligibility-discuss] NomCom selection Fwd: N… Barry Leiba
- Re: [Eligibility-discuss] NomCom selection Fwd: N… Donald Eastlake
- Re: [Eligibility-discuss] NomCom selection Fwd: N… Robert Sparks
- Re: [Eligibility-discuss] NomCom selection Fwd: N… Lars Eggert
- Re: [Eligibility-discuss] NomCom selection Fwd: N… Paul Hoffman
- Re: [Eligibility-discuss] NomCom selection Fwd: N… Joel Halpern
- Re: [Eligibility-discuss] NomCom selection Fwd: N… Eric Rescorla
- Re: [Eligibility-discuss] NomCom selection Fwd: N… Paul Hoffman
- Re: [Eligibility-discuss] NomCom selection Fwd: N… Joel Halpern
- Re: [Eligibility-discuss] NomCom selection Fwd: N… Paul Hoffman
- Re: [Eligibility-discuss] NomCom selection Fwd: N… Paul Hoffman
- [Eligibility-discuss] On 3797 alternatives Martin Thomson
- Re: [Eligibility-discuss] NomCom selection Fwd: N… Donald Eastlake
- Re: [Eligibility-discuss] NomCom selection Fwd: N… Salz, Rich
- Re: [Eligibility-discuss] On 3797 alternatives Donald Eastlake
- Re: [Eligibility-discuss] On 3797 alternatives Martin Thomson
- Re: [Eligibility-discuss] On 3797 alternatives Salz, Rich
- Re: [Eligibility-discuss] On 3797 alternatives Eric Rescorla
- Re: [Eligibility-discuss] On 3797 alternatives Martin Thomson
- Re: [Eligibility-discuss] On 3797 alternatives Salz, Rich
- Re: [Eligibility-discuss] On 3797 alternatives Eric Rescorla
- Re: [Eligibility-discuss] On 3797 alternatives Rob Sayre
- Re: [Eligibility-discuss] On 3797 alternatives Salz, Rich
- Re: [Eligibility-discuss] On 3797 alternatives Martin Thomson
- Re: [Eligibility-discuss] On 3797 alternatives Eric Rescorla
- Re: [Eligibility-discuss] On 3797 alternatives Rob Sayre
- Re: [Eligibility-discuss] On 3797 alternatives Salz, Rich
- Re: [Eligibility-discuss] On 3797 alternatives Christian Huitema
- Re: [Eligibility-discuss] On 3797 alternatives Eric Rescorla
- Re: [Eligibility-discuss] On 3797 alternatives Eric Rescorla
- Re: [Eligibility-discuss] On 3797 alternatives Donald Eastlake
- Re: [Eligibility-discuss] On 3797 alternatives Rob Sayre
- Re: [Eligibility-discuss] On 3797 alternatives Rob Wilton (rwilton)
- Re: [Eligibility-discuss] On 3797 alternatives Salz, Rich
- Re: [Eligibility-discuss] On 3797 alternatives Michael StJohns
- [Eligibility-discuss] list address (was: Re: On 3… Stephen Farrell
- Re: [Eligibility-discuss] On 3797 alternatives Michael Richardson
- Re: [Eligibility-discuss] On 3797 alternatives Salz, Rich
- Re: [Eligibility-discuss] On 3797 alternatives Eric Rescorla
- Re: [Eligibility-discuss] list address (was: Re: … Rob Sayre
- Re: [Eligibility-discuss] On 3797 alternatives Michael StJohns
- Re: [Eligibility-discuss] On 3797 alternatives Martin Thomson
- Re: [Eligibility-discuss] On 3797 alternatives Salz, Rich
- Re: [Eligibility-discuss] On 3797 alternatives Michael Richardson
- Re: [Eligibility-discuss] On 3797 alternatives Donald Eastlake
- Re: [Eligibility-discuss] On 3797 alternatives Martin Thomson