Re: Hum theatre

Richard Barnes <> Thu, 07 November 2013 18:29 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 31A1721E8163 for <>; Thu, 7 Nov 2013 10:29:17 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.903
X-Spam-Status: No, score=-2.903 tagged_above=-999 required=5 tests=[AWL=0.073, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id cHyp1pvMjGOI for <>; Thu, 7 Nov 2013 10:29:12 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTP id 5494D11E822F for <>; Thu, 7 Nov 2013 10:28:45 -0800 (PST)
Received: by with SMTP id n16so1403619oag.13 for <>; Thu, 07 Nov 2013 10:28:44 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=qjE2lW1PsJJjwhdh8qCglQWhttUomYnFLoQlsgUWg00=; b=eqVHKxVX3ptZak05RTDV8TrmnCuNcaUvTfhzGX7aXVMqDXW98iHaZjaXkJEday23u4 aj8mtRXQgkz2ywh4G/IF9ZX/59lHx51myyYx6OwKYeKijJxV+ey5hqYSWzcUCyTbfpPN uiuR3HutjfYTFQToQxF5j30WjW+9h6zZ0mW6IgXKx0Gs56tKpFDmMgtUn/iKmM44blWP IVMuTq62kq0QVRcBNrcoi5pUJasXDF3li8MVlob6GI3NJaU458VFslMbsjt8oqaxhROz FRxM61C7VxWlNv1Ucc3buJTApPergc8Et4SLI+plgEaSHAl2GavR3jSUjlEDxY6IoHTX UZpQ==
X-Gm-Message-State: ALoCoQneRTP8iMroas6yiRfrmPJcUpB+lBIW5n9MJFl6phH/OzxrtNS4yuGFtql7Tteg+FSMA7pK
MIME-Version: 1.0
X-Received: by with SMTP id rs8mr1060741oeb.34.1383848924715; Thu, 07 Nov 2013 10:28:44 -0800 (PST)
Received: by with HTTP; Thu, 7 Nov 2013 10:28:44 -0800 (PST)
In-Reply-To: <>
References: <> <> <> <> <> <>
Date: Thu, 7 Nov 2013 10:28:44 -0800
Message-ID: <>
Subject: Re: Hum theatre
From: Richard Barnes <>
To: Pete Resnick <>
Content-Type: multipart/alternative; boundary=047d7b33cd7494b11304ea9a6fd7
Cc: Tim Bray <>, Dave CROCKER <>, IETF Discussion <>
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF-Discussion <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 07 Nov 2013 18:29:17 -0000


On Thu, Nov 7, 2013 at 9:41 AM, Pete Resnick <>wrote:

>  On 11/7/13 1:36 AM, Richard Barnes wrote:
>  Like Randy, I sense a fair degree of process omphaloskepsis here.
> What process do you think is being over-contemplated here? The bit about
> the IAB judging consensus? Fine, ignore that bit. That's not the most
> important bit.

The sense of the room was taken, and expressed agreement with a small set
of sentences.  I don't see much utility in parsing the event beyond that
simple statement of what happened.

>  (Dismissing or belittling arguments by characterizing -- or caricaturing
> -- them, be it calling them "naive" or "overwrought" or "omphaloskepsis",
> is often effective, but inappropriate.)

I apologize for using dismissive language.  But actually, my main concern
here is that we're getting distracted by minutiae from things that have
bigger-picture significance.

>   A wise person once told me that any consensus is judged at a point in
> space and time, and this one sure was.
> Consensus on *what* exactly in this case? Consensus that we should all be
> happy? Consensus that we should all have a pony?
> It is true that consensus (rough or otherwise) is a state, and that state
> can always change. But consensus should be on a particular point and it
> must be relatively stable; it shouldn't be claimed on some broad platitude
> for which nobody knows the details, and it shouldn't change unless new
> information is brought into the mix.

Consensus on the three questions that were asked (copying from Scott's
1. Is the IETF willing to respond to pervasive surveillance as an attack?
2. IETF should include encryption even outside of authentication where
3. The IETF should strive for e2e encryption even when there are
middleboxes in the path?

There are ambiguities there.  There are ambiguities in any sentence written
in human language.  We should have the discussion to sort out the
ambiguities and turn these principles into actions.  But the need for that
discussion doesn't undermine the utility of establishing that we have some
base level of agreement.

>   What you're saying is that it is impossible for the consensus of the
> IETF to be estimated in plenary session and that it requires some specially
> anointed person (not of the IAB) to judge that consensus.
> No, I am absolutely not saying that. I disagree completely with all of the
> above statement.
> After a discussion of issues, it is perfectly reasonable for someone
> (anyone) to *estimate* what the consensus of the IETF might be in plenary
> and state that. Sometimes that might even be a good thing.
> A hum (or a show of hands, or an applause meter) can give you lots of
> information about the sentiment of the room and it might even give you an
> estimate of what the consensus of the room is. All fine.
> But taking a hum, at the end, without discussion afterward, is not a
> reasonable way to *call* consensus. And that's exactly what some people
> heard was going on. And it's hard to interpret what Russ said otherwise.

I don't think it's reasonable to call a hum at the end unreasonable :)
Just because we're not in the room doesn't mean we can't continue
discussing.  A hum is just a point measurement, whether it comes at the
beginning or the end.  In this case, it was a measurement at the beginning
of the discussion, which seems useful to me for establishing some points on
which there is substantial agreement and some points where we need to have
some discussion.  In that sense, it has clearly worked, as Scott's thread

Discussion of the content of the hums -- what do these principles we've
agreed on really mean? -- is a worthwhile activity.  Trying to declare the
measurement invalid because of how it was done is not.

> (As for the "anointed" person: *Calling* consensus -- that is, making an
> IETF decision -- does take someone who the IETF has agreed is responsible
> to do that. Estimating consensus or guessing consensus or otherwise
> sticking one's finger into the wind and predicting consensus are all fine
> -- unless you're doing so to try to shove people into a particular position
> -- but making a final call *is* something that we leave for someone in
> particular. You'll not that when Ted asked for the hum, he asked Jari to do
> it. And again, none of this is the important point of my message.)

I never got the impression that this was what was being done.

>   Neither argument seems to me like it would really sway the outcome of
> this decision...
> Sorry: What decision exactly?

Poor choice of words.  The outcome of the hum.

>  These consensus calls seem to have captured the high-level consensus of
> the IETF, as gathered in plenary at this meeting.  Yes, there was argument
> about more specific details at the PERPASS meeting, but I don't think that
> invalidates the more general agreement.
> Don't get hung up on the details. This isn't about the details.
> Have a hum and applause to make you feel good. Just don't  confuse people
> to think that it means the IETF has come to consensus.
> Ask big fluffy political questions that state big fluffy political
> principles. Just don't  confuse people to think that it means the IETF has
> come to consensus.
> I know people hate the idea that the IETF can't make grand political
> statements and that we're stuck doing technical work. Making grand
> political statements is fun and gets good press. Tough. Leave grand
> political statements to the IAB and ISOC. Let the IETF do its technical
> work and stop engaging in theatrics. Far less flashy, but significantly
> more useful.

The adjectives "fluffy", "political", and "theatrical" just don't apply to
the questions that were asked.  They're "big", but they're about technical
priorities for design -- what scenarios do we want to address with security
the technologies we're developing?

These are useful and actually surprisingly concrete questions for setting
the overall direction of technical development in the IETF.  They were
already cited in the STIR meeting only a few hours after they were called.
Let's appreciate the value of having agreement on a particular set of
words, even if those words might not have an engineer's preferred level of
precision and clarity.


> pr
>   On Wed, Nov 6, 2013 at 11:21 PM, Pete Resnick <
> > wrote:
>> Some folks approached me after the plenary and asked me why I objected so
>> loudly to these "taking of hums". Tim's response pretty well explains it:
>> On 11/6/13 6:58 PM, Randy Bush wrote:
>>  On 11/6/13 6:50 PM, Tim Bray wrote:
>>>> You’re entitled to your opinion, but I entirely disagree. I thought
>>>> each of those made an important point and highlighted some areas where
>>>> consensus is broadly held. I appreciated Russ’ composition of the issues
>>>> and think he deserves our thanks.
>>> the feeling of those present was pretty clear.
>>  Yes, the feeling of those present was pretty clear. And if Russ had only
>> asked for the feeling of those present, I probably wouldn't have been
>> torqued. I would have, like Dave described it, thought it a bit of
>> political theater, but otherwise said "Whatever".
>> But Russ didn't ask for a "feeling". Russ said that he was asking about
>> consensus, and Tim heard that the result of those hums *were* the IETF
>> coming to consensus. And that's just bogus. There was no consensus, and
>> some of this I think is really damaging to the IETF.
>> Look at a couple of these:
>> On 11/6/13 12:41 PM, Russ Housley wrote:
>>> 1.  The IETF is willing to respond to the pervasive surveillance attack?
>>>      Overwhelming YES.  Silence for NO.
>> This was "The IETF wants to save the lives of bunnies." Press release
>> nonsense. And surely so much mush as not to be consensus. Just let's
>> everybody applaud. OK, who cares, but not useful.
>>  3. The IETF should include encryption, even outside authentication,
>>> where practical.
>>>      Strong YES.  Silence for NO.
>> So if you sat in perpass, you'll know that the result of this hum was
>> rubbish. There were a bunch of people up at the mic in perpass who objected
>> strenuously to this. There was no IETF consensus on this point. But if you
>> took the result of the bogus hum as consensus, you'd sure think so. And
>> that happened because Russ loaded the deck in the way he asked the question
>> to make sure that nobody would hum against it. He asked it at the end when
>> it was clear there would be no discussion of dissent, so that people who
>> might have objected felt comfortable that at least they'd have a chance to
>> explain themselves instead of looking like idiots humming against
>> motherhood and apple pie. Pure nonsense.
>> This wasn't about getting consensus. This was about everybody feeling
>> good about themselves and being able to applaud. And if anyone tries to
>> enforce any of these things as consensus of the IETF (e.g., "Sorry; we had
>> a hum and there was consensus that we're doing encryption without
>> authentication whether you'd like to or not, so you're in the rough"), that
>> should be appealed immediately.
>> This is vote stuffing in the extreme. It's ignoring (heck, it's actively
>> suppressing) minority voices. It makes a joke of coming to consensus at all.
>> And all that said, since when does the IAB judge the consensus of the
>> IETF? Not since 1992, as far as I remember.
>> I don't disagree with any of the statements per se. As Scott Brim pointed
>> out, the statements were incredibly general and left all sorts of stuff
>> undefined, so it's hard to know exactly what I'm signing up to by agreeing
>> with them. But again, it's motherhood and apple pie for most of them. (The
>> second might have been interesting if it weren't buried in the middle of
>> the rest.) And it made for fine press. But IETF consensus? Bullpucky.
>> pr
>> --
>> Pete Resnick<>
>> Qualcomm Technologies, Inc. - +1 (858)651-4478
> --
> Pete Resnick <> <>
> Qualcomm Technologies, Inc. - +1 (858)651-4478