Re: [Gendispatch] Fwd: I-D Action: draft-halpern-gendispatch-antitrust-01.txt

Tony Rutkowski <rutkowski.tony@gmail.com> Mon, 08 November 2021 13:28 UTC

Return-Path: <rutkowski.tony@gmail.com>
X-Original-To: gendispatch@ietfa.amsl.com
Delivered-To: gendispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C4DB03A100F for <gendispatch@ietfa.amsl.com>; Mon, 8 Nov 2021 05:28:32 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.427
X-Spam-Level:
X-Spam-Status: No, score=-5.427 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, NICE_REPLY_A=-3.33, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QAkx5QhTHCMz for <gendispatch@ietfa.amsl.com>; Mon, 8 Nov 2021 05:28:27 -0800 (PST)
Received: from mail-qt1-x82a.google.com (mail-qt1-x82a.google.com [IPv6:2607:f8b0:4864:20::82a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 078093A0FF6 for <gendispatch@ietf.org>; Mon, 8 Nov 2021 05:28:27 -0800 (PST)
Received: by mail-qt1-x82a.google.com with SMTP id v4so13568260qtw.8 for <gendispatch@ietf.org>; Mon, 08 Nov 2021 05:28:26 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=message-id:date:mime-version:user-agent:subject:content-language:to :cc:references:from:in-reply-to; bh=7MhsBAuN2eVmlzEgWRzmuH+6yELCVkaTUzELb2Ervys=; b=Am7NdNqReDwMIojtEimib46WlWn7LZWUdRfaryTsBq1B2/spbkw+EwwMmxogHQ6Gur cT5TjUfPX8vYUNwkjLFUiFJkC5flFBTujCfQ21UhxQaICH9oFYOXR2PBs9vwjy8XC59y PSQAWsa5kMPniiG6tpVLeBtIBO4K7sQangOaDnOwHygbq2q8tnKu5lxLY9PV0nPkpa1y 8sTeVPpzJumhLkfSD4WgzV1NoF7qrJdMn2TpRQu3/wByFHaWhYgB/JWjqclVUnj+zq/5 WA+rkucCsXI2tTiLeXn0qku23i2A8k7YjAyibzVN9gKeO/XwpjqYgkxb+8len3/5cUxi YZZw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:message-id:date:mime-version:user-agent:subject :content-language:to:cc:references:from:in-reply-to; bh=7MhsBAuN2eVmlzEgWRzmuH+6yELCVkaTUzELb2Ervys=; b=LhqO4IcnEirNuH1AwfsUJh/l3GakNP89AKJQOCKtLHg4rx2fbR+AIYmjFJ24rvT6l2 1+wQ/ehsBjn6v2OjNRMr9dpt0Oe/iOswBYEX0hrZifbdIGwzgLkDofQ2qmu3MqQNlmoi 60ZHkTzcBdIhhqJ0kpEom7i9a/ckwaP0Tl6Pvnlnzd4/ftM+4t8Jzn62nZwt06ef9hnL PWZM3SVgMrIupuIZilgS062T7JDP2tY/5nvqTY61DXRHWk00AiCz14ySG2IugXJnesHr er0/id6cCq9avJrIPRGI8aKOvSeVY0/aRgiuzzR2wZYafA+TOUzIqD6ldCbtuivsEGgL uqcg==
X-Gm-Message-State: AOAM5338xNQcNe2hf25syrsp4JjDbzYWnVBEkVH+64VN3mekXICYw3nt BKA5ClDv41YAX97tsctgjs1Sb8+xntU=
X-Google-Smtp-Source: ABdhPJzKYv+Qs8fvvdWtPGAG91EOZ9UmbORKhYbjErvowdxRpSMay3SptmRidmIZJOzTgg1DbG+TOQ==
X-Received: by 2002:a05:622a:56:: with SMTP id y22mr65421033qtw.364.1636378104901; Mon, 08 Nov 2021 05:28:24 -0800 (PST)
Received: from [192.168.1.249] (pool-70-106-224-166.clppva.fios.verizon.net. [70.106.224.166]) by smtp.gmail.com with ESMTPSA id o5sm9500432qkl.50.2021.11.08.05.28.24 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 08 Nov 2021 05:28:24 -0800 (PST)
Content-Type: multipart/alternative; boundary="------------M9JNGCC7QvQYDS59ZKJVwWRZ"
Message-ID: <95603310-d1eb-09ed-9c29-9c8960e16215@gmail.com>
Date: Mon, 08 Nov 2021 08:28:23 -0500
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Thunderbird/91.3.0
Content-Language: en-US
To: Phillip Hallam-Baker <phill@hallambaker.com>, "Joel M. Halpern" <jmh@joelhalpern.com>
Cc: GENDISPATCH List <gendispatch@ietf.org>
References: <163595251682.11706.5053299985084837548@ietfa.amsl.com> <8854c3cc-694b-1a7f-ebc8-47bed9bb4e0f@joelhalpern.com> <CABcZeBOk7Y6vWeQ2gJ6Z1Z-FCpAdU4+awtcL=zEKrqyvtjDh5g@mail.gmail.com> <0be3bb7d-7387-22c4-844c-1e0fb707b0de@joelhalpern.com> <8b602637-b934-3713-3ce4-7da4e59ed69e@gmail.com> <c8cb28f5-f8b7-0471-ce07-7b33f724c2e6@joelhalpern.com> <745cb38e-5ca2-5f96-ebcd-c88517bb3b46@gmail.com> <c94229e2-a3d8-f25a-1a05-dc649949db34@joelhalpern.com> <CAMm+LwgsFUCDqeQ8YPTX+mT1csfYsq8uUfsHUVNBCM37-emaAw@mail.gmail.com>
From: Tony Rutkowski <rutkowski.tony@gmail.com>
In-Reply-To: <CAMm+LwgsFUCDqeQ8YPTX+mT1csfYsq8uUfsHUVNBCM37-emaAw@mail.gmail.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/gendispatch/FKFqdSy63xCpjCaY-WQpHwL58PU>
Subject: Re: [Gendispatch] Fwd: I-D Action: draft-halpern-gendispatch-antitrust-01.txt
X-BeenThere: gendispatch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: General Area Dispatch <gendispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/gendispatch>, <mailto:gendispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/gendispatch/>
List-Post: <mailto:gendispatch@ietf.org>
List-Help: <mailto:gendispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gendispatch>, <mailto:gendispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Nov 2021 13:28:33 -0000

The CA/B Forum Bylaws are in some ways broader.  See 
CA-Browser-Forum-Bylaws-v2.3.pdf (cabforum.org) 
<https://cabforum.org/wp-content/uploads/CA-Browser-Forum-Bylaws-v2.3.pdf>.  
The antitrust provisions are very prominent and reinforced at every 
meeting. Note that they are applied even to ancillary "interested 
parties" with directed enforcement requirements. They are also extremely 
attentive to transparency at every step of the vetting and adoption 
processes.  They also control a very narrow market segment, have rather 
few parties involved, and the risks are borne by the relatively small 
number of participating OS and browser vendors.  IMHO, they have also 
been very lucky - especially in today's environment where competition 
authorities worldwide are subjecting "tech industry" participants to 
considerable scrutiny and undertaking mega enforcement actions.


On 07-Nov-21 2:13 PM, Phillip Hallam-Baker wrote:
> CABForum has an anti-trust statement that is considerably narrower 
> than the one proposed and that has been subject to a lot of lawyering.
>
> The big concerns for anti-trust are price fixing and use (or 
> threatening use) of market power to prevent a product being offered.
>
> CABForum has in fact negotiated mandates to cease use of crypto 
> algorithms. In fact it is the only organization that can enforce a 
> mandate to stop use of an algorithm.
>
> Dropping SHA-1 did not pose a concern because the ultimate rights 
> owner was NIST and they were hardly likely to complain. Things might 
> have been a bit different if there were royalties involved. Which 
> probably makes it important to get the right to deprecate an algorithm 
> agreed before accepting any encumbered algorithm.
>
>
>
>
> On Sun, Nov 7, 2021 at 11:23 AM Joel M. Halpern <jmh@joelhalpern.com> 
> wrote:
>
>     Folks can act both as individuals and employees at the same time.
>     Even
>     in the same action.
>
>     The point of these guidelines is to provide advice to participants
>     about
>     things which, if they do them, could create risk for them, their
>     fellow
>     participants, and the IETF as a whole.
>
>     As far as I can tell, none of the policies you consider sufficient
>     are
>     clear about any of these behaviors.  (That is why as part of our
>     revision we went through and made sure we were not getting into
>     general
>     behavior, but only giving guidance on things related to antitrust.)
>
>     I am not expecting rigid rules.  I don't think the community would
>     want
>     that.  I doubt they would serve us well.  And legal matters are
>     always
>     nuanced.
>
>     Separately, I have many times watched competitors compromise.
>     While it
>     is always couched as :I can't live with that", it is clearly often
>     driven by product, plans, etc.  EKR even pointed to folks negotiating
>     when an interop test would make sense, and what features should be
>     tested.  This is driven by a lot more folks than the individuals
>     in the
>     room.  The example of folks speaking in ways that are grounded in
>     their
>     employer are myriad.  Most of them are fine, even though one could
>     argue
>     that they contravene the letter of the policy.  The guidelines are to
>     point out when it is not fine.
>
>     It sure seems to me we need a venue to work out what we as a
>     community
>     can live with.  I would not be surprised if we discover that there
>     are
>     one or two things we do routinely that are actually bad ideas from an
>     antitrust perspective.  We will then have to decide what we as a
>     community want to recommend (not require) about that.
>
>     It was suggested at one point that the Note Well advice could be just
>     "obey the law".  My problem with that is that it does not give people
>     any advice about widely agreed pitfalls that should be avoided.
>
>     Yours,
>     Joel
>
>
>     On 11/6/2021 11:48 PM, Brian E Carpenter wrote:
>     > On 07-Nov-21 15:19, Joel M. Halpern wrote:
>     >> Brian, the fact that we say people participate as individuals
>     does not
>     >> suddenly make them no longer employees of their company.  And
>     if they
>     >> act in ways that are anti-competitive on behalf of those
>     employers,
>     >
>     > That is why our rules say what they say. The draft IMHO confuses
>     the issue.
>     > It talks about how participants might infringe competition law
>     *if* they
>     > break the IETF rules by not acting as individual contributors.
>     >
>     > Introduction, sentence 1, says "Standards development frequently
>     requires
>     > collaboration between competitors." That's simply not what the
>     IETF does.
>     > It would apply to SDOs that are membership organisations whose
>     members
>     > are competing companies. On reflection, the whole document is
>     written from
>     > the wrong premise.
>     >
>     > Section 5 starts "As the IETF is a standards development
>     environment where
>     > representatives from competitors are highly likely to be present..."
>     > Wrong. By definition, there are *no* representatatives present.
>     >
>     > [I believe the original legal advice came at least partly from
>     Geoff
>     > Stewart,
>     > and the IBM corporate standards people, who knew a lot about
>     antitrust
>     > because of the big antitrust suits against IBM, were also giving
>     advice
>     > in those days.]
>     >
>     > I think the whole draft needs a rewrite on the basis that anyone who
>     > acts for their employer in an IETF forum is in breach of the
>     IETF's rules.
>     > That should be the starting point, not the two sentences quoted
>     above.
>     >
>     > I do agree that WG Chairs and ADs should be advised to shut down
>     any such
>     > behaviour. And a description of what might be incorrect behaviour is
>     > useful. But the original sin here is acting as a company rep, in
>     direct
>     > violation of RFC 2026 and its predecessors.
>     >
>     > Regards
>     >      Brian
>     >
>     >> it
>     >> can place the IETF as a whole, and other participants in the
>     IETF, at
>     >> risk.  particularly if they are from a company that is
>     considered to
>     >> have a dominant position in the market.
>     >>
>     >> So I am looking for the IETF to give participants advice to
>     help avoid
>     >> these risks.  I do not know who wrote the advice 30 years ago,
>     or what
>     >> assumptions they made.
>     >
>     >
>     >> I know that about 15 years ago our lawyer
>     >> thought it would be helpful to clarify these things, but we
>     chose not to.
>     >>
>     >> Put differently, if we thought there was no effect from
>     employers on
>     >> people's actions here, we would not have the rules that each
>     company may
>     >> have no more than 2 members on the nomcom.  or the expectation
>     that when
>     >> there is more than one chair of a working group they will be from
>     >> different companies.  or that we expect that ADs in a given
>     area will
>     >> come from different companies.  Or that the nomcom almost never
>     appoints
>     >> more than two ADs to the IESG from the same company.   We do
>     understand
>     >> that affiliation affects thing.
>     >>
>     >> Yours,
>     >> Joel
>     >>
>     >> On 11/6/2021 9:53 PM, Brian E Carpenter wrote:
>     >>> Joel,
>     >>> On 07-Nov-21 14:30, Joel M. Halpern wrote:
>     >>>> Finding the right balance on the wording of this issue is
>     something I
>     >>>> expect the discussion once dispatched will need to do.
>     >>>>
>     >>>>    From what the lawyers tell me, I believe this kind of
>     discussion
>     >>>> does
>     >>>> head towards incurring significant risks.  So having
>     guidelines that
>     >>>> help us stay on the right side of that seems desirable to me.
>     >>>
>     >>> Help us understand. Since the IETF's motto is rough consensus and
>     >>> running code, and our participants are individuals not company
>     >>> representatives (and who therefore simply *cannot* make
>     agreements about
>     >>> companyy products), how can discussing and agreeing to
>     implement certain
>     >>> features and test interoperability *before* reaching rough
>     consensus
>     >>> conceivably breach competition law?
>     >>>
>     >>> That the IETF is not a venue for companies to make agreements
>     with each
>     >>> other has been established, if not since 1986, then certainly
>     since 1992
>     >>> (RFC1310): "Participation is by individual technical contributors,
>     >>> rather than formal representatives of organizations."
>     >>>
>     >>> I do not understand why the legal advice given in 1992, 102
>     years after
>     >>> the USA's Sherman Act, needs revisiting.
>     >>>
>     >>> The same goes for the other new doctrine that I queried in
>     >>>
>     https://mailarchive.ietf.org/arch/msg/gendispatch/VTxH4Rx_NJPgBeY9FHphdYJZYAw/
>
>     >>>
>     >>> .
>     >>>
>     >>> I'm having second thoughts about whether this should be
>     dispatched at
>     >>> all. Since the formalisation of the standards process almost
>     30 years
>     >>> ago was done with clear awareness of US and EU competition
>     law, I'm far
>     >>> from convinced that it's the IETF's job to give people advice
>     in this
>     >>> area. Participants who are employees should get such advice
>     from their
>     >>> employers. We certainly shouldn't be publishing advice that has a
>     >>> chilling effect on rough consensus and running code.
>     >>>
>     >>>      Brian
>     >>>
>     >>>>
>     >>>> Yours,
>     >>>> Joel
>     >>>>
>     >>>> On 11/6/2021 9:07 PM, Eric Rescorla wrote:
>     >>>>>
>     >>>>> Hi Joel,
>     >>>>>
>     >>>>> This paragraph stood out to me in this document.
>     >>>>>
>     >>>>>       There should be no agreement among participants
>     > to implement or to
>     >>>>>       adhere to IETF standards, or any discussions as
>     > to when
>     >>> participants
>     >>>>>       will begin to offer products conforming to IETF
>     > standards.
>     >>>>>
>     >>>>> In groups I am in, WG participants pretty routinely discuss
>     shipping
>     >>>>> timelines and often try to coordinate changes so that they
>     happen
>     >>>>> at similar times (e.g., disabling SHA-1, rolling out new
>     code that
>     >>>>> can interop).
>     >>>>>
>     >>>>> -Ekr
>     >>>>>
>     >>>>> On Wed, Nov 3, 2021 at 8:37 AM Joel M. Halpern
>     <jmh@joelhalpern.com
>     >>>>> <mailto:jmh@joelhalpern.com>> wrote:
>     >>>>>
>     >>>>>       This is a significant revision of the draft on IETF
>     antitrust
>     >>>>>       guidelines.  We tried to address what
>     > we heard in the previous
>     >>>>>       feedback,
>     >>>>>       and tightened the language related to legal issues.
>     >>>>>
>     >>>>>       Chairs, if it is possible I would like to present this for
>     >>>>> dispatching
>     >>>>>       at the upcoming session.
>     >>>>>
>     >>>>>       Thank you,
>     >>>>>       Joel
>     >>>>>
>     >>>>>
>     >>>>>       -------- Forwarded Message --------
>     >>>>>       Subject: I-D Action:
>     draft-halpern-gendispatch-antitrust-01.txt
>     >>>>>       Date: Wed, 03 Nov 2021 08:15:16 -0700
>     >>>>>       From: internet-drafts@ietf.org
>     <mailto:internet-drafts@ietf.org>
>     >>>>>       Reply-To: internet-drafts@ietf.org
>     >>>>> <mailto:internet-drafts@ietf.org>
>     >>>>>       To: i-d-announce@ietf.org <mailto:i-d-announce@ietf.org>
>     >>>>>
>     >>>>>
>     >>>>>       A New Internet-Draft is available from the
>     > on-line Internet-Drafts
>     >>>>>       directories.
>     >>>>>
>     >>>>>
>     >>>>>                 Title
>     >>>      : Antitrust Guidelines for IETF Particiants
>     >>>>>                 Authors         : Joel M. Halpern
>     >>>>>                                   Brad Biddle
>     >>>>>                                   Jay Daley
>     >>>>>                Filename        :
>     >>>>> draft-halpern-gendispatch-antitrust-01.txt
>     >>>>>                Pages           : 8
>     >>>>>                Date
>     >>>     : 2021-11-03
>     >>>>>
>     >>>>>       Abstract:
>     >>>>>            This document provides
>     > guidance for IETF participants on
>     >>>>> compliance
>     >>>>>            with antitrust laws and how to reduce antitrust
>     risks in
>     >>>>> connection
>     >>>>>            with IETF activities.
>     >>>>>
>     >>>>>
>     >>>>>       The IETF datatracker status page for this draft is:
>     >>>>>
>     https://datatracker.ietf.org/doc/draft-halpern-gendispatch-antitrust/
>     >>>>>
>     <https://datatracker.ietf.org/doc/draft-halpern-gendispatch-antitrust/>
>
>     >>>>>
>     >>>>>
>     >>>>>       There is also an HTML version available at:
>     >>>>>
>     https://www.ietf.org/archive/id/draft-halpern-gendispatch-antitrust-01.html
>
>     >>>>>
>     >>>>>
>     >>>>>
>     <https://www.ietf.org/archive/id/draft-halpern-gendispatch-antitrust-01.html>
>
>     >>>>>
>     >>>>>
>     >>>>>
>     >>>>>       A diff from the previous version is available at:
>     >>>>>
>     https://www.ietf.org/rfcdiff?url2=draft-halpern-gendispatch-antitrust-01
>
>     >>>>>
>     >>>>>
>     <https://www.ietf.org/rfcdiff?url2=draft-halpern-gendispatch-antitrust-01>
>
>     >>>>>
>     >>>>>
>     >>>>>
>     >>>>>
>     >>>>>       Internet-Drafts are also available by anonymous FTP at:
>     >>>>> ftp://ftp.ietf.org/internet-drafts/
>     >>>>>       <ftp://ftp.ietf.org/internet-drafts/>
>     >>>>>
>     >>>>>
>     >>>>> _______________________________________________
>     >>>>>       I-D-Announce mailing list
>     >>>>> I-D-Announce@ietf.org <mailto:I-D-Announce@ietf.org>
>     >>>>> https://www.ietf.org/mailman/listinfo/i-d-announce
>     >>>>>       <https://www.ietf.org/mailman/listinfo/i-d-announce>
>     >>>>>       Internet-Draft directories:
>     http://www.ietf.org/shadow.html
>     >>>>>       <http://www.ietf.org/shadow.html>
>     >>>>>       or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
>     >>>>>       <ftp://ftp.ietf.org/ietf/1shadow-sites.txt>
>     >>>>>
>     >>>>>       --
>     >>>>>       Gendispatch mailing list
>     >>>>> Gendispatch@ietf.org <mailto:Gendispatch@ietf.org>
>     >>>>> https://www.ietf.org/mailman/listinfo/gendispatch
>     >>>>>       <https://www.ietf.org/mailman/listinfo/gendispatch>
>     >>>>>
>     >>>>
>     >>>
>     >
>
>     -- 
>     Gendispatch mailing list
>     Gendispatch@ietf.org
>     https://www.ietf.org/mailman/listinfo/gendispatch
>
>