See Section 12 and other parts of RFC 4144. Thanks, Donald =============================== Donald E. Eastlake 3rd +1-508-333-2270 (cell) 2386 Panoramic Circle, Apopka, FL 32703 USA d3e3e3@xxxxxxxxx On Sun, Jul 30, 2023 at 5:27 PM John C Klensin <john-ietf@xxxxxxx> wrote: > > John and others, > > My apologies for not being able to follow this thread during the > week. Two observations from someone with some claim to a social > science background: > > * If a researcher starts to examine almost any standards body, > engineering design group, or scientific collaboration or study > with the assumption that people without the requisite > educational or experiential background should be able to walk in > the virtual door and fully participate as peers with those who > have such a background, bad results are almost certain to > follow. If that starting assumption is strong enough, those bad > results will often include the conclusion that the body being > examined is being exclusionary or elitist. Much the same > problem occurs when someone comes to a meeting conducted in a > language they don't understand and where the subject matter of > the meeting is sufficiently specialized that conventional > translation and translators don't work well even if they are > available. At least in some countries, jokes and comments about > whether some topic or task is about rocket science, or requires > the skills of rockets scientists often stem from the same > problem. > > This type of research, carried out on that style, may also be a > faint echo of the times when European and US-based > anthropologists did work in indigenous societies in various > parts of the world with the assumptions of inherent superiority > of European cultures and backwardness of those indigenous ones. > That analogy, IMO, should not be pushed too hard but, as I said, > echoes. > > Of course, none of that proves that participants in the > standards (or other body) are not being exclusionary or that > they have the right to treat the researcher badly. We need to > understand that the problem is complicated and the researcher(s) > need to understand that, if we spent as much time and energy as > needed to bring them up to speed on the conversations to the > point that they can understand them and participate usefully, it > is likely that no actual work work get done. > > When those understandings do not exist (or are resisted) what > follows, no matter how presented, often ends up much closer to > polemics and name-calling than meaningful research. > > * As John Levine more or less pointed out below, getting > encryption right means finding mutual understandings and > understanding what will inevitably be a somewhat delicate > balance. While, like him, I see the advantages of encryption as > greater than the disadvantages, it seems to me that it is very > much in our interests --and very much in the interest of > preserving access to encryption-- if we recognize that there are > tradeoffs and help people understand them, we are all likely to > be better off in the long term than if we work ourselves into > "encryption good; anyone who questions that is inherently evil > or stupid" positions like a sister organization of ours seems to > be doing. > > best, > john > > > --On Wednesday, 26 July, 2023 16:45 -0700 John Levine > <johnl@xxxxxxxxx> wrote: > > > I know people who work on CSAM and while they are uniformly > > working hard to fight it, they do tend to a degree of tunnel > > vision and unfortunate assumptions that anyone who makes it > > harder for them to do their jobs is ignorant or malicious. And > > then there's the "nerd harder and give us a back door only > > good people can use" stuff. > > > > But that can cut both ways. There is absolutely a lot of bad > > stuff that is passed through encrypted channels, and shrugging > > and saying too bad, can't do anything is not going to make us > > any friends. I agree that on balance the benefits of > > encryption outweigh the costs, but the costs are real.
