Harald,
Im my view, issues of liability (whether organizational or personal) are not really appropriate for widespread discussion on a public list. There are several ways in which liability can arise and not all would derive from actions of the IAOC. Quite apart from any trustee role, the IAOC should have insurance for its own activities in any event. This should not be an issue here. Having said that, I understood the basic objective of restructuring to be to put the IETF in charge of all aspects of its future evolution rather than to shift responsibility from one place to another. In no event is it possible to shield one from all liability. When insurance policies are held by one organization for another party, it may be quite helpful, but it is not a substitute for taking steps to protect oneself. You should get independent legal counsel on the sufficiency of third party coverage for IETF activities whether or not
I did not understand that the IASA was to be a part of ISOC, but rather the name of an IETF activity that has two components, one of which, the IAD, is to be an employee of ISOC, and the other, an oversight body operating under the auspices of the IETF, but otherwise independent. If we are to move towards self-sufficiency for the IETF, that argues for the IAOC taking charge of its own needs. There really isn't a good structural alternative to the current arrangement that doesn't have that attribute, which is why I suggested what I did.
If a trusted oversight body like the IAOC (operating independently of the body providing the administrative services it is intended to oversee) does not exist with the power to act as a trustee, something like it would have to be created. Else, CNRI could continue to provide the trustee role, as it has in the past, but given our stated intention to work with you to move toward a new administrative structure, we would prefer to find an alternate way to proceed with the transition and have proposed one very basic way to facilitiate this process.
If you think there is a concern about liability for the IAOC, then you should have similar concerns about the IETF leaderhship, since they would also need coverage for their activities. If you
bob
At 08:54 AM 2/3/2005, Harald Tveit Alvestrand wrote:
Bob,
neither your comment nor Patrice's comment reassure my stated concern that designating the IAOC as an entity that would be taking legal responsibility separate from ISOC would expose its members to personal liability.
I believe that letting the BCP task the IASA with this responsibility allows it to decide - if it concludes that this is the best course for the IETF - to establish a trust that may have the IAOC members as trustees, or may have some different group as trustees, after due consideration of the liability issues, and without exposing its members to any liability that is not covered under the D&O insurance that ISOC has contracted for, which covers all members of the IESG, IAB, Nomcom and WG chairs operating within the IETF process.
It seems precipitate to me to insist that this specific organizational form be mandated in this document, rather than let the IAOC decide on its own whether or not to create such an entity after due deliberation.
Could you explain why you think that the idea of a "trust" needs to be specified in the BCP, rather than assuming that the IASA will choose to establish one if it becomes clear that this is the best construct for the IETF?
I do agree that the term "belonging to the IETF" is not the best language to use, given the IETF's decision not to formalize its legal status at this time.
Harald
--On 3. februar 2005 07:45 -0500 Robert Kahn <rkahn@xxxxxxxxxxxxxxxxx> wrote:
I continue to remain concerned that the BCP is not flexible enough to allow the IAOC to assume administrative responsibilities for acting as a trustee for IETF-owned IP. There needs to be a specific task added to the IAOC responsibilities for this purpose. Specifically, the following words should be added to the list of IAOC responsibilities: "Serve as Trustee for IETF assets including, without limitation, intellectual property and domain names."
Patrice's comment below is particularly important where licensing and other management tasks related to "donated patents" are concerned. Simply designating IASA to be responsible has too many operational problems to be workable in practice. In light of the interrelationship between the administration of IETF assets and the potential impact on IETF Standards activities, the IAOC should retain the primary responsibility for managing IETF assets in the first instance, even if the IAOC were to delegate the day to day administrative tasks such as sublicensing to others (e.g. to the IAD).
Bob ------------------
From: "Patrice Lyons" <palyons@xxxxxxxxxxxxxxxx> To: "Robert Kahn" <rkahn@xxxxxxxxxxxxxxxxx> Subject: IP matters
Bob,
There is a recent discussion on the IETF list that raises certain questions. In particular, take a look at the statement: "The IASA is responsible for managing all intellectual property rights (IPR) . . . that belong to the IETF." Since the IETF is not incorporated, it is at best unclear whether the IETF is capable of owning copyrights, patents, trademarks or any other rights or interests. There are simple procedures that may be required to enable this such as filing appropriate documents with the Virginia state authorities.
Also, since the IASA does not appear to be a legal person, but rather an activity or process having two components: IAD and IAOC, where would the responsibility for managing the so-called IPR reside in the first instance and who would decide? For example, if the IAD is an employee of ISOC, a license agreement between the IETF and ISOC would be required to authorize the IAD to use the IETF marks and to sublicense the marks to IETF service providers. Who has signature authority for this purpose? From a CNRI perspective, it would appear prudent to task the IAOC with the responsibility for entering into such a license agreement with ISOC, and to oversee quality of service standards with respect to the activities of the IAD using the IETF marks.
Regards,
Patrice Lyons
_______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf
_______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf