On 10/28/20 9:20 AM, Eliot Lear wrote:
That hopefully is not universal, but not considering the tendency
toward the "i know this, who are you?" reaction is to my mind one of
the key problems here. The other problem is that somebody off the
street is not going to know arcane IETF process mechanisms which can
be wielded as another cudgel to make that reporter go away. That just
got used on me yesterday and is perfectly timely: why didn't i follow
process XYZ? because i don't know anything about process XYZ, and by
the time I understand process XYZ i've already lost interest because
i didn't sign up for a protracted bureaucratic fight. that and i have
no stake in the outcome beyond just being interested or a user; if
you make me have to fight for it, you've lost me.
Yes. And what I am getting at is a little bit of hand holding on our
side for, as I said, people who don’t want to play “Inside Baseball”
could be very useful to this community.
What I suggested elsewhere is that maybe some sort of independent
verification that there is a good likelihood that there is a flaw by
somebody who knows inside ball may be helpful for things that could be
high impact if true. The other part is that nobody but actual crackpots
wants to be labeled one. Finding a flaw in an existing protocol that's
been through extensive review is fraught with "am i reading this
right?". To be jumped on as being a crackpot by authors from the outset
is not very fun and definitely not an experience somebody who has no dog
in the fight looks forward to. Obviously this left a really bad taste in
my mouth but i doubt i'm the only one. Had somebody with known clue
from, say, the security area vouched that it is problem, the author
would have been a lot less likely to go ballistic (given that author,
that was no guarantee though).
Mike