IETF Logo Mail Archive

Re: [ietf-privacy] New Webiquette RFC

Toerless Eckert <tte@cs.fau.de> Mon, 18 April 2022 12:12 UTC

Return-Path: <eckert@i4.informatik.uni-erlangen.de>
X-Original-To: ietf-privacy@ietfa.amsl.com
Delivered-To: ietf-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BDCC53A0C3C for <ietf-privacy@ietfa.amsl.com>; Mon, 18 Apr 2022 05:12:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.661
X-Spam-Level:
X-Spam-Status: No, score=-1.661 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.248, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OoU1UOISTXCg for <ietf-privacy@ietfa.amsl.com>; Mon, 18 Apr 2022 05:12:45 -0700 (PDT)
Received: from faui40.informatik.uni-erlangen.de (faui40.informatik.uni-erlangen.de [131.188.34.40]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 377DA3A0C43 for <ietf-privacy@ietf.org>; Mon, 18 Apr 2022 05:12:44 -0700 (PDT)
Received: from faui48e.informatik.uni-erlangen.de (faui48e.informatik.uni-erlangen.de [IPv6:2001:638:a000:4134::ffff:51]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by faui40.informatik.uni-erlangen.de (Postfix) with ESMTPS id C1F8158C4AF; Mon, 18 Apr 2022 14:12:38 +0200 (CEST)
Received: by faui48e.informatik.uni-erlangen.de (Postfix, from userid 10463) id 978A54EAC3D; Mon, 18 Apr 2022 14:12:38 +0200 (CEST)
Date: Mon, 18 Apr 2022 14:12:38 +0200
From: Toerless Eckert <tte@cs.fau.de>
To: Bernard Aboba <bernard.aboba@gmail.com>
Cc: Christian Huitema <huitema@huitema.net>, ietf-privacy@ietf.org
Message-ID: <Yl1Vtiv3uUu9kFzp@faui48e.informatik.uni-erlangen.de>
References: <9bb455e8-8dbb-9813-bc8e-6367c80b6063@systemli.org> <e27ce6c6-33aa-1acf-81c5-6ba430b4627d@systemli.org> <740b6d5e-840a-af74-276b-8b4e6719ef96@huitema.net> <CAOW+2dt1d7R2q2KRA1zza84Q4iYaxN6gU0QDr1irHBsD-yC25g@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <CAOW+2dt1d7R2q2KRA1zza84Q4iYaxN6gU0QDr1irHBsD-yC25g@mail.gmail.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-privacy/9MTIEc0UkwkZxBTfbmBeDxdsD_U>
Subject: Re: [ietf-privacy] New Webiquette RFC
X-BeenThere: ietf-privacy@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Internet Privacy Discussion List <ietf-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-privacy>, <mailto:ietf-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-privacy/>
List-Post: <mailto:ietf-privacy@ietf.org>
List-Help: <mailto:ietf-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-privacy>, <mailto:ietf-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Apr 2022 12:12:50 -0000

On Sun, Apr 17, 2022 at 12:48:45PM -0700, Bernard Aboba wrote:
> The questions you refer to are not new.  The same issues (IPR policy
> conformance and hidden agendas) have been raised with respect to the
> affiliations of ‘consultants’ who are hired by clients who wish to remain
> anonymous.  AFAICT, the IETF has never required that consultants divulge
> their clients, even to the nomcom.

Indeed. And there is a wide range how open or secret those consultants are
in the IETF about their sources of financing. And while this may be all quite
well-known to IETF old-timers, it would be nice to even just document these
insights to IETF newcomers. And RFC like the one suggested might be a good
start, although it would expand from "recommendations" to a broader "fyi".

> Anonymous participation takes this trend one step further.  The W3C does
> not allow anonymous participation due to IPR concerns, but their IPR policy
> is also significantly different, since W3C is membership-based (and not
> particularly friendly to ‘consultants’ or small businesses).

> We might decide that this anonymous participation is one step too far, but
> my take is that IETF crossed an important line long ago.

IMHO there is still a relevant difference between complete anonymity and some degree
of tracability/accountability through some form of "public" intermediary.

Cheers
    Toerless

> On Sun, Apr 17, 2022 at 12:15 Christian Huitema <huitema@huitema.net> wrote:
> 
> > This submission raises an interesting question for the IETF: how to
> > treat anonymous (or pseudonymous) submissions?
> >
> > On one hand, there are lots of classic reasons for hiding behind a
> > pseudonym when participating in public discussions. On the other hand,
> > the IETF has to be protected against intellectual property issues and
> > against sabotage by external groups.
> >
> > Before submissions are accepted for publication, their authors have to
> > disclose whether they, or their employer, own intellectual property
> > rights on the technologies described in the draft. Failure to disclose
> > would influence the prosecution of intellectual property disputes that
> > might arise when third parties implement the technology. This provides
> > some degree of protection to implementers. But when the submission
> > cannot be traced to a specific company, these protections disappear, and
> > we might have a problem. So this is one source of tension between
> > standards and anonymity.
> >
> > The other source of tension is the risk of sabotage. Various groups have
> > tried to sabotage the standard process in the past, for example to delay
> > the deployment of encryption, or to introduce exploitable bugs in
> > security standards -- some of these tactics were exposed in the Snowden
> > revelations. Anonymous participation could allow these groups to perform
> > such sabotage in untraceable ways, which is obviously not desirable.
> >
> > I think this issue of anonymous participation is worth discussing.
> >
> > -- Christian Huitema
> >
> >
> > On 4/17/2022 11:35 AM, kate_9023+rfc@systemli.org wrote:
> > > Dear all,
> > >
> > > I'm quite new at creating RFCs. I have recently submitted a draft for
> > > a new webiquette and I am still searching a group which will take care
> > > of it. It would fit into privacy as this new webiquette is dealing
> > > with new internet technology such as deepfakes, sharing photos of 3rd
> > > parties and so on and also deleting old information on a regular basis
> > > good behavior. It's also quite short with only 9 pages and also covers
> > > cancel culture and mobbing. I think a document like this is needed and
> > > important. Anyone here who'd like to take care or helping me making an
> > > RFC out of it? Or guide me in the right direction?
> > >
> > > The draft can be found here:
> > >
> > https://www.ietf.org/archive/id/draft-rfcxml-general-the-new-webiquette-00.txt
> > >
> > > Best Regards,
> > >
> > > Kate
> > >
> > > _______________________________________________
> > > ietf-privacy mailing list
> > > ietf-privacy@ietf.org
> > > https://www.ietf.org/mailman/listinfo/ietf-privacy
> >
> > _______________________________________________
> > ietf-privacy mailing list
> > ietf-privacy@ietf.org
> > https://www.ietf.org/mailman/listinfo/ietf-privacy
> >

> _______________________________________________
> ietf-privacy mailing list
> ietf-privacy@ietf.org
> https://www.ietf.org/mailman/listinfo/ietf-privacy


-- 
---
tte@cs.fau.de

v2.34.0 | Report a Bug | By Email | System Status