Re: [Gendispatch] Fwd: I-D Action: draft-halpern-gendispatch-antitrust-01.txt

Phillip Hallam-Baker <phill@hallambaker.com> Sun, 07 November 2021 19:14 UTC

Return-Path: <hallam@gmail.com>
X-Original-To: gendispatch@ietfa.amsl.com
Delivered-To: gendispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5EF933A11F6 for <gendispatch@ietfa.amsl.com>; Sun, 7 Nov 2021 11:14:19 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.399
X-Spam-Level:
X-Spam-Status: No, score=-1.399 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FORGED_FROMDOMAIN=0.249, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.25, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IH8XcfbLCDr0 for <gendispatch@ietfa.amsl.com>; Sun, 7 Nov 2021 11:14:15 -0800 (PST)
Received: from mail-yb1-f174.google.com (mail-yb1-f174.google.com [209.85.219.174]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D978B3A11F0 for <gendispatch@ietf.org>; Sun, 7 Nov 2021 11:14:14 -0800 (PST)
Received: by mail-yb1-f174.google.com with SMTP id j75so37860453ybj.6 for <gendispatch@ietf.org>; Sun, 07 Nov 2021 11:14:14 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=dPUC97n89N9JBzu3z9bYAWHHbelGFatRbf1DaxHjv/k=; b=oFMSh+DODnA/SfxJwXgypS2g6pEapDakpl4vnwOesHVy/OtwK2BILp6WJ4fqXfrRYo MZFFDKAixVPtXOxvIi6YJ8UaxjIfIjOYLEmSOFtoZ1qYFG6C6Gcqa44/EyyQEHFN3jBN +0YtJDAET8IArHnofK09bmIy61rX5sXfiUSbbTRqAvYSnt3O0Dc0lUZ3noEfteT9+bn3 ppdtLWeCSfvD8Ggpw8lVfCtHDAWclN6o64F6pIfsYyrT50/NnuYmJbS4bpFHYwm3PRG6 JzvM0uqkWCqI83FXEIi48Mfz86u8tG913n0zUaiLrTbYy+yZ3wZhux3eQ92WbQYf0JJh YyXw==
X-Gm-Message-State: AOAM531Agtrwft/IjwQV2T8fOjtxIS4fmIKPqCF67yIe6RvGTQfodHzW kdkngdqV7zQZRZdtm2kQr3URgqtc8cNegpbuSww=
X-Google-Smtp-Source: ABdhPJzPvk5witBGroRKH0aZkkG8dxAh264dw6NyenFZHEqmIPvrqU56oxadfBD8ltOCLjY5YbcZ2zgqCE+4CPn+958=
X-Received: by 2002:a25:1906:: with SMTP id 6mr75057968ybz.334.1636312452824; Sun, 07 Nov 2021 11:14:12 -0800 (PST)
MIME-Version: 1.0
References: <163595251682.11706.5053299985084837548@ietfa.amsl.com> <8854c3cc-694b-1a7f-ebc8-47bed9bb4e0f@joelhalpern.com> <CABcZeBOk7Y6vWeQ2gJ6Z1Z-FCpAdU4+awtcL=zEKrqyvtjDh5g@mail.gmail.com> <0be3bb7d-7387-22c4-844c-1e0fb707b0de@joelhalpern.com> <8b602637-b934-3713-3ce4-7da4e59ed69e@gmail.com> <c8cb28f5-f8b7-0471-ce07-7b33f724c2e6@joelhalpern.com> <745cb38e-5ca2-5f96-ebcd-c88517bb3b46@gmail.com> <c94229e2-a3d8-f25a-1a05-dc649949db34@joelhalpern.com>
In-Reply-To: <c94229e2-a3d8-f25a-1a05-dc649949db34@joelhalpern.com>
From: Phillip Hallam-Baker <phill@hallambaker.com>
Date: Sun, 07 Nov 2021 14:13:59 -0500
Message-ID: <CAMm+LwgsFUCDqeQ8YPTX+mT1csfYsq8uUfsHUVNBCM37-emaAw@mail.gmail.com>
To: "Joel M. Halpern" <jmh@joelhalpern.com>
Cc: Brian E Carpenter <brian.e.carpenter@gmail.com>, GENDISPATCH List <gendispatch@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000007e05f405d037aebf"
Archived-At: <https://mailarchive.ietf.org/arch/msg/gendispatch/EA3X9HrAS4gPAElBcm9DgK6e_pk>
Subject: Re: [Gendispatch] Fwd: I-D Action: draft-halpern-gendispatch-antitrust-01.txt
X-BeenThere: gendispatch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: General Area Dispatch <gendispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/gendispatch>, <mailto:gendispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/gendispatch/>
List-Post: <mailto:gendispatch@ietf.org>
List-Help: <mailto:gendispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gendispatch>, <mailto:gendispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 07 Nov 2021 19:14:20 -0000

CABForum has an anti-trust statement that is considerably narrower than the
one proposed and that has been subject to a lot of lawyering.

The big concerns for anti-trust are price fixing and use (or threatening
use) of market power to prevent a product being offered.

CABForum has in fact negotiated mandates to cease use of crypto algorithms.
In fact it is the only organization that can enforce a mandate to stop use
of an algorithm.

Dropping SHA-1 did not pose a concern because the ultimate rights owner was
NIST and they were hardly likely to complain. Things might have been a bit
different if there were royalties involved. Which probably makes it
important to get the right to deprecate an algorithm agreed before
accepting any encumbered algorithm.




On Sun, Nov 7, 2021 at 11:23 AM Joel M. Halpern <jmh@joelhalpern.com> wrote:

> Folks can act both as individuals and employees at the same time.  Even
> in the same action.
>
> The point of these guidelines is to provide advice to participants about
> things which, if they do them, could create risk for them, their fellow
> participants, and the IETF as a whole.
>
> As far as I can tell, none of the policies you consider sufficient are
> clear about any of these behaviors.  (That is why as part of our
> revision we went through and made sure we were not getting into general
> behavior, but only giving guidance on things related to antitrust.)
>
> I am not expecting rigid rules.  I don't think the community would want
> that.  I doubt they would serve us well.  And legal matters are always
> nuanced.
>
> Separately, I have many times watched competitors compromise.  While it
> is always couched as :I can't live with that", it is clearly often
> driven by product, plans, etc.  EKR even pointed to folks negotiating
> when an interop test would make sense, and what features should be
> tested.  This is driven by a lot more folks than the individuals in the
> room.  The example of folks speaking in ways that are grounded in their
> employer are myriad.  Most of them are fine, even though one could argue
> that they contravene the letter of the policy.  The guidelines are to
> point out when it is not fine.
>
> It sure seems to me we need a venue to work out what we as a community
> can live with.  I would not be surprised if we discover that there are
> one or two things we do routinely that are actually bad ideas from an
> antitrust perspective.  We will then have to decide what we as a
> community want to recommend (not require) about that.
>
> It was suggested at one point that the Note Well advice could be just
> "obey the law".  My problem with that is that it does not give people
> any advice about widely agreed pitfalls that should be avoided.
>
> Yours,
> Joel
>
>
> On 11/6/2021 11:48 PM, Brian E Carpenter wrote:
> > On 07-Nov-21 15:19, Joel M. Halpern wrote:
> >> Brian, the fact that we say people participate as individuals does not
> >> suddenly make them no longer employees of their company.  And if they
> >> act in ways that are anti-competitive on behalf of those employers,
> >
> > That is why our rules say what they say. The draft IMHO confuses the
> issue.
> > It talks about how participants might infringe competition law *if* they
> > break the IETF rules by not acting as individual contributors.
> >
> > Introduction, sentence 1, says "Standards development frequently requires
> > collaboration between competitors." That's simply not what the IETF does.
> > It would apply to SDOs that are membership organisations whose members
> > are competing companies. On reflection, the whole document is written
> from
> > the wrong premise.
> >
> > Section 5 starts "As the IETF is a standards development environment
> where
> > representatives from competitors are highly likely to be present..."
> > Wrong. By definition, there are *no* representatatives present.
> >
> > [I believe the original legal advice came at least partly from Geoff
> > Stewart,
> > and the IBM corporate standards people, who knew a lot about antitrust
> > because of the big antitrust suits against IBM, were also giving advice
> > in those days.]
> >
> > I think the whole draft needs a rewrite on the basis that anyone who
> > acts for their employer in an IETF forum is in breach of the IETF's
> rules.
> > That should be the starting point, not the two sentences quoted above.
> >
> > I do agree that WG Chairs and ADs should be advised to shut down any such
> > behaviour. And a description of what might be incorrect behaviour is
> > useful. But the original sin here is acting as a company rep, in direct
> > violation of RFC 2026 and its predecessors.
> >
> > Regards
> >      Brian
> >
> >> it
> >> can place the IETF as a whole, and other participants in the IETF, at
> >> risk.  particularly if they are from a company that is considered to
> >> have a dominant position in the market.
> >>
> >> So I am looking for the IETF to give participants advice to help avoid
> >> these risks.  I do not know who wrote the advice 30 years ago, or what
> >> assumptions they made.
> >
> >
> >> I know that about 15 years ago our lawyer
> >> thought it would be helpful to clarify these things, but we chose not
> to.
> >>
> >> Put differently, if we thought there was no effect from employers on
> >> people's actions here, we would not have the rules that each company may
> >> have no more than 2 members on the nomcom.  or the expectation that when
> >> there is more than one chair of a working group they will be from
> >> different companies.  or that we expect that ADs in a given area will
> >> come from different companies.  Or that the nomcom almost never appoints
> >> more than two ADs to the IESG from the same company.   We do understand
> >> that affiliation affects thing.
> >>
> >> Yours,
> >> Joel
> >>
> >> On 11/6/2021 9:53 PM, Brian E Carpenter wrote:
> >>> Joel,
> >>> On 07-Nov-21 14:30, Joel M. Halpern wrote:
> >>>> Finding the right balance on the wording of this issue is something I
> >>>> expect the discussion once dispatched will need to do.
> >>>>
> >>>>    From what the lawyers tell me, I believe this kind of discussion
> >>>> does
> >>>> head towards incurring significant risks.  So having guidelines that
> >>>> help us stay on the right side of that seems desirable to me.
> >>>
> >>> Help us understand. Since the IETF's motto is rough consensus and
> >>> running code, and our participants are individuals not company
> >>> representatives (and who therefore simply *cannot* make agreements
> about
> >>> companyy products), how can discussing and agreeing to implement
> certain
> >>> features and test interoperability *before* reaching rough consensus
> >>> conceivably breach competition law?
> >>>
> >>> That the IETF is not a venue for companies to make agreements with each
> >>> other has been established, if not since 1986, then certainly since
> 1992
> >>> (RFC1310): "Participation is by individual technical contributors,
> >>> rather than formal representatives of organizations."
> >>>
> >>> I do not understand why the legal advice given in 1992, 102 years after
> >>> the USA's Sherman Act, needs revisiting.
> >>>
> >>> The same goes for the other new doctrine that I queried in
> >>>
> https://mailarchive.ietf.org/arch/msg/gendispatch/VTxH4Rx_NJPgBeY9FHphdYJZYAw/
> >>>
> >>> .
> >>>
> >>> I'm having second thoughts about whether this should be dispatched at
> >>> all. Since the formalisation of the standards process almost 30 years
> >>> ago was done with clear awareness of US and EU competition law, I'm far
> >>> from convinced that it's the IETF's job to give people advice in this
> >>> area. Participants who are employees should get such advice from their
> >>> employers. We certainly shouldn't be publishing advice that has a
> >>> chilling effect on rough consensus and running code.
> >>>
> >>>      Brian
> >>>
> >>>>
> >>>> Yours,
> >>>> Joel
> >>>>
> >>>> On 11/6/2021 9:07 PM, Eric Rescorla wrote:
> >>>>>
> >>>>> Hi Joel,
> >>>>>
> >>>>> This paragraph stood out to me in this document.
> >>>>>
> >>>>>       There should be no agreement among participants
> > to implement or to
> >>>>>       adhere to IETF standards, or any discussions as
> > to when
> >>> participants
> >>>>>       will begin to offer products conforming to IETF
> > standards.
> >>>>>
> >>>>> In groups I am in, WG participants pretty routinely discuss shipping
> >>>>> timelines and often try to coordinate changes so that they happen
> >>>>> at similar times (e.g., disabling SHA-1, rolling out new code that
> >>>>> can interop).
> >>>>>
> >>>>> -Ekr
> >>>>>
> >>>>> On Wed, Nov 3, 2021 at 8:37 AM Joel M. Halpern <jmh@joelhalpern.com
> >>>>> <mailto:jmh@joelhalpern.com>> wrote:
> >>>>>
> >>>>>       This is a significant revision of the draft on IETF antitrust
> >>>>>       guidelines.  We tried to address what
> > we heard in the previous
> >>>>>       feedback,
> >>>>>       and tightened the language related to legal issues.
> >>>>>
> >>>>>       Chairs, if it is possible I would like to present this for
> >>>>> dispatching
> >>>>>       at the upcoming session.
> >>>>>
> >>>>>       Thank you,
> >>>>>       Joel
> >>>>>
> >>>>>
> >>>>>       -------- Forwarded Message --------
> >>>>>       Subject: I-D Action: draft-halpern-gendispatch-antitrust-01.txt
> >>>>>       Date: Wed, 03 Nov 2021 08:15:16 -0700
> >>>>>       From: internet-drafts@ietf.org <mailto:
> internet-drafts@ietf.org>
> >>>>>       Reply-To: internet-drafts@ietf.org
> >>>>> <mailto:internet-drafts@ietf.org>
> >>>>>       To: i-d-announce@ietf.org <mailto:i-d-announce@ietf.org>
> >>>>>
> >>>>>
> >>>>>       A New Internet-Draft is available from the
> > on-line Internet-Drafts
> >>>>>       directories.
> >>>>>
> >>>>>
> >>>>>                 Title
> >>>      : Antitrust Guidelines for IETF Particiants
> >>>>>                 Authors         : Joel M. Halpern
> >>>>>                                   Brad Biddle
> >>>>>                                   Jay Daley
> >>>>>                Filename        :
> >>>>> draft-halpern-gendispatch-antitrust-01.txt
> >>>>>                Pages           : 8
> >>>>>                Date
> >>>     : 2021-11-03
> >>>>>
> >>>>>       Abstract:
> >>>>>            This document provides
> > guidance for IETF participants on
> >>>>> compliance
> >>>>>            with antitrust laws and how to reduce antitrust risks in
> >>>>> connection
> >>>>>            with IETF activities.
> >>>>>
> >>>>>
> >>>>>       The IETF datatracker status page for this draft is:
> >>>>>
> https://datatracker.ietf.org/doc/draft-halpern-gendispatch-antitrust/
> >>>>> <
> https://datatracker.ietf.org/doc/draft-halpern-gendispatch-antitrust/>
> >>>>>
> >>>>>
> >>>>>       There is also an HTML version available at:
> >>>>>
> https://www.ietf.org/archive/id/draft-halpern-gendispatch-antitrust-01.html
> >>>>>
> >>>>>
> >>>>> <
> https://www.ietf.org/archive/id/draft-halpern-gendispatch-antitrust-01.html>
>
> >>>>>
> >>>>>
> >>>>>
> >>>>>       A diff from the previous version is available at:
> >>>>>
> https://www.ietf.org/rfcdiff?url2=draft-halpern-gendispatch-antitrust-01
> >>>>>
> >>>>> <
> https://www.ietf.org/rfcdiff?url2=draft-halpern-gendispatch-antitrust-01>
> >>>>>
> >>>>>
> >>>>>
> >>>>>
> >>>>>       Internet-Drafts are also available by anonymous FTP at:
> >>>>>       ftp://ftp.ietf.org/internet-drafts/
> >>>>>       <ftp://ftp.ietf.org/internet-drafts/>
> >>>>>
> >>>>>
> >>>>>       _______________________________________________
> >>>>>       I-D-Announce mailing list
> >>>>>       I-D-Announce@ietf.org <mailto:I-D-Announce@ietf.org>
> >>>>>       https://www.ietf.org/mailman/listinfo/i-d-announce
> >>>>>       <https://www.ietf.org/mailman/listinfo/i-d-announce>
> >>>>>       Internet-Draft directories: http://www.ietf.org/shadow.html
> >>>>>       <http://www.ietf.org/shadow.html>
> >>>>>       or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
> >>>>>       <ftp://ftp.ietf.org/ietf/1shadow-sites.txt>
> >>>>>
> >>>>>       --
> >>>>>       Gendispatch mailing list
> >>>>>       Gendispatch@ietf.org <mailto:Gendispatch@ietf.org>
> >>>>>       https://www.ietf.org/mailman/listinfo/gendispatch
> >>>>>       <https://www.ietf.org/mailman/listinfo/gendispatch>
> >>>>>
> >>>>
> >>>
> >
>
> --
> Gendispatch mailing list
> Gendispatch@ietf.org
> https://www.ietf.org/mailman/listinfo/gendispatch
>