|
|
|
|
|
|
|
Skipping
|
|
Skipping
|
|
draft-ietf-elegy-rfc8989bis-04
|
|
draft-ietf-elegy-rfc8989bis-04
|
|
|
|
|
|
Abstract
|
|
Abstract
|
|
|
|
|
|
The IETF Nominating Committee (NomCom) appoints candidates to several
|
|
The IETF Nominating Committee (NomCom) appoints candidates to several
|
|
IETF leadership committees. RFC8713 provides criteria for NomCom
|
|
IETF leadership committees. RFC8713 provides criteria for NomCom
|
|
membership that attempt to ensure that NomCom volunteers are members
|
|
membership that attempt to ensure that NomCom volunteers are members
|
|
of the loosely defined IETF community, by requiring in-person
|
|
of the loosely defined IETF community, by requiring in-person
|
|
attendance in three of the past five in- person meetings. In 2020
|
|
attendance in three of the past five in-person meetings. In 2020
|
|
and 2021, the IETF had six consecutive fully online plenary meetings
|
|
and 2021, the IETF had six consecutive fully online plenary meetings
|
|
that drove rapid advancement in remote meeting technologies and
|
|
that drove rapid advancement in remote meeting technologies and
|
|
procedures, including an experiment that included remote attendance
|
|
procedures, including an experiment that included remote attendance
|
|
for NomCom eligibility. This document updates RFC8713 by defining a
|
|
for NomCom eligibility. This document updates RFC8713 by defining an
|
|
new set of eligibility criteria from first principles, with
|
|
updated set of eligibility criteria from first principles, with
|
|
consideration to the increased salience of remote attendance.
|
|
consideration to the increased salience of remote attendance.
|
|
|
|
|
|
Discussion Venues
|
|
Discussion Venues
|
|
|
|
|
|
This note is to be removed before publishing as an RFC.
|
|
This note is to be removed before publishing as an RFC.
|
|
|
|
|
|
Source for this draft and an issue tracker can be found at
|
|
Source for this draft and an issue tracker can be found at
|
|
https://github.com/ietf-wg-elegy/rfc8989bis.
|
|
https://github.com/ietf-wg-elegy/rfc8989bis.
|
|
|
|
|
|
Skipping
|
|
Skipping
|
|
|
|
|
|
|
|
|
|
A basic principle is that the community should govern itself, so
|
|
A basic principle is that the community should govern itself, so
|
|
volunteers must have a demonstrated commitment to the IETF. Limiting
|
|
volunteers must have a demonstrated commitment to the IETF. Limiting
|
|
the number of volunteers sponsored by any one organization avoids the
|
|
the number of volunteers sponsored by any one organization avoids the
|
|
potential for mischief that disrupts IETF operations or works against
|
|
potential for mischief that disrupts IETF operations or works against
|
|
the interests of the community as a whole.
|
|
the interests of the community as a whole.
|
|
|
|
|
|
However, attitudes to business travel evolve, and remote meeting
|
|
However, given that attitudes toward business travel evolve and
|
|
technology continues to improve, to the extent that many longstanding
|
|
remote meeting technology continues to improve, many longstanding
|
|
community members choose to participate remotely. A requirement for
|
|
community members choose to participate remotely. A requirement for
|
|
in-person attendance has always excluded some from qualification from
|
|
in-person attendance has always excluded some from qualification for
|
|
the NomCom, due to cost or personal reasons. Further, the NomCom has
|
|
the NomCom, due to cost or personal reasons. Further, the NomCom has
|
|
completed two cycles using entirely online tools.
|
|
completed two cycles using entirely online tools.
|
|
|
|
|
|
Counting remote attendance lowers the barriers to entry. As the IETF
|
|
Counting remote attendance lowers the barriers to entry. As the IETF
|
|
is committed to having a no-fee remote option
|
|
is committed to having a no-fee remote option
|
|
([I-D.ietf-shmoo-remote-fee]) the only required investment is to log
|
|
([I-D.ietf-shmoo-remote-fee]), the only required investment is to log
|
|
on once per meeting at a specific time (sometimes a locally
|
|
on once per meeting at a specific time (sometimes a locally
|
|
inconvenient hour). While this document does not formally impose a
|
|
inconvenient hour). While this document does not formally impose a
|
|
requirement for the NomCom to function entirely remotely, including
|
|
requirement for the NomCom to function entirely remotely, including
|
|
remote-only attendees in the pool is likely to effectively require a
|
|
remote-only attendees in the pool is likely to effectively require a
|
|
remote component to NomCom operations.
|
|
remote component to NomCom operations.
|
|
|
|
|
|
Finally, overly restrictive criteria work against getting a broad
|
|
Finally, overly restrictive criteria work against getting a broad
|
|
talent pool.
|
|
talent pool.
|
|
|
|
|
|
Skipping
|
|
Skipping
|
|
that to have even a 50% chance of controlling six or more NomCom
|
|
that to have even a 50% chance of controlling six or more NomCom
|
|
positions, an attacker needs roughly 60% of the volunteer pool. For
|
|
positions, an attacker needs roughly 60% of the volunteer pool. For
|
|
example, if there are 300 "legitimate" volunteers, an attacker must
|
|
example, if there are 300 "legitimate" volunteers, an attacker must
|
|
produce 365 volunteers to exceed a 50% chance of NomCom capture (see
|
|
produce 365 volunteers to exceed a 50% chance of NomCom capture (see
|
|
Appendix A).
|
|
Appendix A).
|
|
|
|
|
|
A sudden surge in the number of volunteers, particularly of people
|
|
A sudden surge in the number of volunteers, particularly of people
|
|
that no one recognizes as a part of the community, is an early-
|
|
that no one recognizes as a part of the community, is an early-
|
|
warning sign for the community, leadership and the IETF Secretariat
|
|
warning sign for the community, leadership, and the IETF Secretariat
|
|
to further investigate. The community should monitor and assess a
|
|
to further investigate. The community should monitor and assess a
|
|
sudden increase in the number of online registration fee waivers
|
|
sudden increase in the number of online registration fee waivers
|
|
awarded in accordance with Section 4 of [I-D.ietf-shmoo-remote-fee].
|
|
awarded in accordance with Section 4 of [I-D.ietf-shmoo-remote-fee].
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Skipping
|
|
Skipping
|
|
<https://www.rfc-editor.org/rfc/rfc8989>.
|
|
<https://www.rfc-editor.org/rfc/rfc8989>.
|
|
|
|
|
|
Appendix A. NomCom Capture Calculations
|
|
Appendix A. NomCom Capture Calculations
|
|
|
|
|
|
Section 4 offers some mathematical results for the probability of
|
|
Section 4 offers some mathematical results for the probability of
|
|
NomCom capture. This appendix shows the work.
|
|
NomCom capture. This appendix shows the work.
|
|
|
|
|
|
Note that the number of combinations of b items chosen from a
|
|
Note that the number of combinations of b items chosen from a
|
|
population of a item is often expressed as
|
|
population of a item is often expressed as:
|
|
|
|
|
|
a !
|
|
a !
|
|
binom{a}{b} = {--------------}
|
|
binom{a}{b} = {--------------}
|
|
(a - b) ! b !
|
|
(a - b) ! b !
|
|
|
|
|
|
Figure 1
|
|
Figure 1
|
|
|
|
|
|
A.1. No per-organization limit
|
|
A.1. No per-organization limit
|
|
|
|
|
|
The first computation assumes there is no limit of two per
|
|
The first computation assumes there is no limit of two per
|
|
organization, or equivalently, no organization produces more than two
|
|
organization, or equivalently, no organization produces more than two
|
|
volunteers.
|
|
volunteers.
|
|
|
|
|
|
Let L be the number of "legitimate" volunteers (i.e. those not allied
|
|
Let L be the number of "legitimate" volunteers (i.e., those not allied
|
|
with an attacker" and A be the number of attacking volunteers. Then
|
|
with an attacker) and A be the number of attacking volunteers. Then
|
|
there are
|
|
there are
|
|
|
|
|
|
binom{L + A}{10}
|
|
binom{L + A}{10}
|
|
|
|
|
|
ways to select a NomCom. The number of outcomes where attackers
|
|
ways to select a NomCom. The number of outcomes where attackers
|
|
capture the NomCom is
|
|
capture the NomCom is:
|
|
__ 10
|
|
__ 10
|
|
\ [binom{A}{i}binom{L}{10 - i}]
|
|
\ [binom{A}{i}binom{L}{10 - i}]
|
|
/__ i = 6
|
|
/__ i = 6
|
|
|
|
|
|
Figure 2
|
|
Figure 2
|
|
and the probability of capture is therefore
|
|
and the probability of capture is therefore:
|
|
|
|
|
|
__ 10 binom{A}{i}binom{L}{10 - i}
|
|
__ 10 binom{A}{i}binom{L}{10 - i}
|
|
\ {---------------------------}
|
|
\ {---------------------------}
|
|
/__ i = 6 binom{L + A}{10}
|
|
/__ i = 6 binom{L + A}{10}
|
|
|
|
|
|
Figure 3
|
|
Figure 3
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Skipping
|
|
Skipping
|
|
Assume that the population of L is drawn from L different
|
|
Assume that the population of L is drawn from L different
|
|
organizations (this assumption is unfavorable to the attacker).
|
|
organizations (this assumption is unfavorable to the attacker).
|
|
Assume also that there are three conspiring organizations. Then no
|
|
Assume also that there are three conspiring organizations. Then no
|
|
more than 6 members can be drawn from A.
|
|
more than 6 members can be drawn from A.
|
|
|
|
|
|
Let B be the number of nominees per attacking organization, so that A
|
|
Let B be the number of nominees per attacking organization, so that A
|
|
= 3B.
|
|
= 3B.
|
|
|
|
|
|
The number of combinations to pick exactly N attackers, N <= 6, is
|
|
The number of combinations to pick exactly N attackers, N <= 6, is:
|
|
|
|
|
|
C(N) =
|
|
|
|
_ _
|
|
_ _
|
|
|
|
__ min(N, 2)|
|
|
|
|
C(N) = binom{L}{10 - N}\ | binom{B}{i}
|
|
|
|
/__ i = 0 |_
|
|
|
|
_
|
|
__ min(N, 2)| __ min(2, N - i) |
|
|
__ min(2, N - i) |
|
|
binom{L}{10 - N}\ | binom{B}{i}\ (binom{B}{j}binom{B}{min(2, N - i - j)}) |
|
|
\ (binom{B}{j}binom{B}{min(2, N - i - j)}) |
|
|
/__ i = 0 |_ /__ j = 0 _|
|
|
/__ j = 0 _|
|
|
Figure 4
|
|
Figure 4
|
|
|
|
|
|
And the probability of capture is
|
|
And the probability of capture is:
|
|
|
|
|
|
C(6)
|
|
C(6)
|
|
{-------------}
|
|
{-------------}
|
|
__ 6
|
|
__ 6
|
|
\ C(i)
|
|
\ C(i)
|
|
/__ i = 0
|
|
/__ i = 0
|
|
|
|
|
|
Figure 5
|
|
Figure 5
|