Re: SDNAuth - Secure SDN authentication and authorization - Interested?

[Tobias Gondrom <tobias.gondrom@gondrom.org>]

Dave,

This is getting into legal fineprint now.

Just from a process perspective to answer to your question:
(in my work at the IAOC, I have seen this type of question before and 
heard some legal advise on it - but I am not a lawyer, nor giving legal 
advise (disclaimer)...)
Actually to distinguish what is under IETF notewell and not, it does not 
matter where the mailing-list is hosted.
E.g. two IETFers could have a call on the phone or meet over coffee in 
the garden and talk about a subject related to the IETF work and if they 
perceive they are working within the IETF at that moment (and that the 
Notewell applies), they are doing so under the IETF notewell. Where the 
conversation happens is not of importance.

Best regards, Tobias


Ps.: having said that, I did not think shutting down the non-WG 
mailing-list was the best approach.... - a non-WG mailing-list does not 
cost much and we the IETF are here to allow for people to come together 
and have conversations about work related to or leading to the IETF. And 
as long as it is not a WG yet, the hurdle to come together should be as 
low as possible. Shutting down a pre-BOF mailing-list because it is not 
of BOF quality yet, is IMHO not in supporting the inclusion and mission 
of the IETF. But hey, different ADs have different approaches. And as I 
said before, in the end it does not matter where the mailing-list is 
hosted. ;-)



On 05/02/15 05:18, Dave Cridland wrote:
>
> That's much clearer, and to my mind more worrying.
>
> Any discussion outside of the IETF is outside the IETF, whether it's 
> within a group, or a list, or a pub on the corner, or whatever. The 
> IETF surely cannot impose its IPR rules to the world at large.
>
> If the results of that discussion are later entered as a contribution 
> to the IETF, the IETF's IPR rules apply to the person contributing, 
> not to the originator.
>
> If the list discussion needs to happen under the IETF rules, the list 
> needs to be formally an IETF one.
>
> Note that I'm not concerned with the specifics of whether this list 
> ought to exist or whether the goals are defined - just whether an 
> non-IETF list should be under IETF rules.
>
> On 4 Feb 2015 21:02, "Kathleen Moriarty" 
> <kathleen.moriarty.ietf@gmail.com 
> <mailto:kathleen.moriarty.ietf@gmail.com>> wrote:
>
>     On Wed, Feb 4, 2015 at 3:49 PM, Dave Cridland <dave@cridland.net
>     <mailto:dave@cridland.net>> wrote:
>     > So you want this list to be under IETF rules, because it's
>     intended that
>     > IETF contributions will happen from it, but you don't want it to
>     be an IETF
>     > list, because people might treat it as being IETF contributions.
>
>     My request was in the list of steps I provided to Hosnieh and that was
>     just to ensure that those contributing to a draft outside of IETF
>     understand that the NoteWell applies to content on that draft to be
>     contributed.  It's important for this to be understood by
>     contributors.  My request was for her to work with a small group and I
>     never suggested a list.  I sent her this list several weeks ago along
>     with a private note to help her with next steps.  The list I sent her
>     is the same that I posted.
>
>     I'm going to get back to reading drafts and not answer for others in
>     this discussion.
>
>     Best regards,
>     Kathleen
>
>     >
>     > I see there's a distinction, I'm not clear why it was drawn, but
>     I'll take
>     > your word for it that it's not as political as it sounds.
>     >
>     > On 4 Feb 2015 20:27, "Kathleen Moriarty"
>     <kathleen.moriarty.ietf@gmail.com
>     <mailto:kathleen.moriarty.ietf@gmail.com>>
>     > wrote:
>     >>
>     >> Hi Dave,
>     >>
>     >> I didn't read this thread the same way you did.  I read it as Ted
>     >> pointing out that the Notewell will be important for
>     contributors to
>     >> understand applies for any submission that comes to the IETF.
>     >>
>     >> You can look at the SecAuth archive to see why it was
>     shutdown.  Many
>     >> were glad as the work was taking too long to become focused into an
>     >> achievable set of goals.  A push to go back to the drawing
>     board was
>     >> needed.  If it's an IETF list, many feel they have to follow it and
>     >> the work wasn't ready for that yet.  We'll re-evaluate the proposal
>     >> when they have had time to narrow the scope and figure out what
>     >> problem they want to solve most.
>     >>
>     >> Best regards,
>     >> Kathleen
>     >>
>     >> On Wed, Feb 4, 2015 at 3:08 PM, Dave Cridland
>     <dave@cridland.net <mailto:dave@cridland.net>> wrote:
>     >> > Do I understand this right? The original mailing list was
>     shut down by
>     >> > the
>     >> > IETF, and folks are now complaining that the third party list
>     isn't an
>     >> > IETF
>     >> > one? Seriously?
>     >> >
>     >> > On 4 Feb 2015 14:29, "Tobias Gondrom"
>     <tobias.gondrom@gondrom.org <mailto:tobias.gondrom@gondrom.org>>
>     >> > wrote:
>     >> >>
>     >> >> On 04/02/15 21:12, Ted Lemon wrote:
>     >> >>
>     >> >> On Feb 3, 2015, at 6:14 PM, Tobias Gondrom
>     <tobias.gondrom@gondrom.org <mailto:tobias.gondrom@gondrom.org>>
>     >> >> wrote:
>     >> >>
>     >> >> just fyi: the mailing-list does on its sign-up page (in the
>     first line)
>     >> >> make the explicit statement to operate under the IETF
>     >> >> Notewell:https://mail.rozanak.com/mailman/listinfo/sdnauth
>     >> >>
>     >> >> That's precisely what I would advise doing in this
>     situation.   It
>     >> >> might
>     >> >> be worth adding that the list is informal and is not
>     sponsored by the
>     >> >> IETF,
>     >> >> though; otherwise people might get the impression that it's
>     an official
>     >> >> IETF
>     >> >> mailing list.   You should also disclose whether or not the
>     list is
>     >> >> being
>     >> >> archived, although since it's not an IETF mailing list,
>     whether you do
>     >> >> so is
>     >> >> not up to us.   If the list is not archived, however, it
>     might be
>     >> >> difficult
>     >> >> and involve a painful discovery process if for some reason
>     the Note
>     >> >> Well had
>     >> >> to be enforced in a lawsuit.  So while keeping an archive
>     places an
>     >> >> additional burden on Hosnieh, it is probably a win for other
>     >> >> participants.
>     >> >>
>     >> >> (And yes, I realize you were talking to the other Ted... :)
>     >> >>
>     >> >>
>     >> >> Just fyi: I am not the administrator of the mailing-list. I just
>     >> >> happened
>     >> >> to sign-up and noticed that the notewell is/was already
>     there on the
>     >> >> sign-up
>     >> >> page. It seems the new list only got needed up as the Sec AD
>     (Kathleen)
>     >> >> shut
>     >> >> down the previous IETF BOF mailing-list.
>     >> >>
>     >> >> And to answer your second question: it appears the new list
>     is being
>     >> >> archived, as is also a basic mailman function.
>     >> >>
>     >> >> Best regards, Tobias
>     >>
>     >>
>     >>
>     >> --
>     >>
>     >> Best regards,
>     >> Kathleen
>
>
>
>     --
>
>     Best regards,
>     Kathleen
>