Is the IETF missing a disclosure policy?
Rob Sayre <sayrer@gmail.com> Wed, 21 August 2019 04:34 UTC
Return-Path: <sayrer@gmail.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5A84D120853 for <ietf@ietfa.amsl.com>; Tue, 20 Aug 2019 21:34:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QSPwQMTnqm3C for <ietf@ietfa.amsl.com>; Tue, 20 Aug 2019 21:34:35 -0700 (PDT)
Received: from mail-io1-xd2a.google.com (mail-io1-xd2a.google.com [IPv6:2607:f8b0:4864:20::d2a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AA94F12007A for <ietf@ietf.org>; Tue, 20 Aug 2019 21:34:35 -0700 (PDT)
Received: by mail-io1-xd2a.google.com with SMTP id t6so1932035ios.7 for <ietf@ietf.org>; Tue, 20 Aug 2019 21:34:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=YroHBwEX5bk7qpIaX8KwTl0YutCGyW6m0wKa5rqKHZw=; b=hU3FAFtTVIz99XMzV8/gj695HtOEC8RHqlJOHo5TE2z0iO5pMydzllGol/M4oMiNtd u8b8slVJa/egzhvPgQZnjhEvwzRfqVou9l+M/py/unGk5HKMX4qcG77YhoDlIOPZWCem ZxiRue0xulGVvGJzgG6BTm+ggjcaH4FMKGBT0j0G2mcHkg8O0msw6vtL/Aes17SiUYZP OQFCrAJwyVbxSctJ6C5GPZM/Vedrcjt5cPI17Ybo08evbd/0MVCCc/0K/HCzIoH4Mzpz X2C1Iuj8XTkw8BrpD6yyU73QsMd1KKeO9kru87bdfm5FiDBY+wk8TewuhtP2vGC4181B gVXA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=YroHBwEX5bk7qpIaX8KwTl0YutCGyW6m0wKa5rqKHZw=; b=Y0J+8cifuySFHGq3A73ZlcsWnIInOJCjy3oWXtLgXu+DkV/nQLiHWdmGEGZtbHsNBo Ha6sn7r1WTE7A2yax+Y6C+SbVmjTyt1THVKTa6en4F5Bh7qDyaNQE2n0UoGCin3rq9na eFEKxbvhzu2aRxAQfN8xcqdJ1CWpOQRRxq3ExVEyfMY44eXTQLAs45MAiQ8GiSYduMrJ 7NBjC8Lhb7oPwnfRf4RjHcQZA2sx9KajmDNyFAS706ZYg9Qz4WkPcNUBDmAZiiJzYBes uoohjdst/c2E1V/H8IbyQKv7+Y1hyP4XyRUNjQGOb7OdilGFl8R4pWyESFrIf3cCiq/4 KnLQ==
X-Gm-Message-State: APjAAAWteNJIiGTIR2ygrkuu8ekyg1n4r6Znn9RH+64EWE8TfplXG2bV HnW2fethAi7YE7ZYrOC+ey/YWa2VPfPreDrPSKLTqYZwNBE=
X-Google-Smtp-Source: APXvYqz41MyQXJhmSjeSrKa3eGRPKryIx8b6DIi0JumJV/H/k+0IUTw8TpWU5ZNhcTIyhg5KJtxg4cMYou/RWP8h+lw=
X-Received: by 2002:a5d:8457:: with SMTP id w23mr4663987ior.189.1566362074588; Tue, 20 Aug 2019 21:34:34 -0700 (PDT)
MIME-Version: 1.0
From: Rob Sayre <sayrer@gmail.com>
Date: Tue, 20 Aug 2019 21:34:23 -0700
Message-ID: <CAChr6SxrXp3mMUGU6dpyXkWD09pKcaYdnHMZCPbM09JPW56xGg@mail.gmail.com>
Subject: Is the IETF missing a disclosure policy?
To: IETF discussion list <ietf@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000000ba9e9059099174e"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/MidstfWiVRursWbOkDIhCKSQqUs>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Aug 2019 04:34:37 -0000
Hi, I've been participating in some IETF DNS mailing lists, and I'm finding them pretty strange. I get a lot of questionable messages that seem to attack me personally. Some level of animosity might be expected, since I tend to claim that the various DNS working groups are collectively not very good at security. This doesn't seem like a completely outlandish claim to me, but reasonable people can disagree. One thing I have noticed is that I get a lot of public, aggressive messages from people that sell DNS-filtering software to ISPs. I had to do a little bit of internet searching to figure this out, and it's definitely not obvious from their email messages alone. While I understand and respect the reason that the IETF maintains that participants are here as individuals, it also seems like an ethical problem that some people do not state how they are getting paid, when that matter could constitute a conflict. thanks, Rob
- Is the IETF missing a disclosure policy? Rob Sayre