On 6/11/20 12:47 PM, STARK, BARBARA H wrote:
On 6/11/20 12:07 PM, Russ Housley wrote:
Not to be a wet blanket but what happens if corpro bean counters find
out
that they can game the system for the cost of a checkbox?
Mike
A system as large as the IETF can handle a few who do this. When large numbers do this, the trust model breaks down, and creates a dysfunctional organization/society (because trust breaks down in more than just this area). This is not new. This is all understood and well-studied by economists, psychologists, etc. But there is a real advantage to groups that *can* operate with this level of trust. The org is more efficient and effective. Such organizations are more successful.
What needs to be done is to have appropriate mitigations to limit the effects of possible failure and have policies that discourage gaming. To mitigate, it's good to make sure there are sufficient funds in the bank to cover 1 or 2 massive failures of trust. Some policies could be that there is a public list of companies who commit to not gaming the system. The names of people who register with an affiliation or email address domain of one of these companies and requests a fee waiver could be made public. With this, there would be peer pressure and public perception that would discourage gaming.
Barbara
PHB is probably right: bureaucracy > peephole optimization.
Mike
