Hi.
I find the way in which this BCP change, and presumably the IPR
Trust itself, very disturbing. This is not an appeal because I
suspect the action is the right one. However, I believe there
are issues that require some community discussion, perhaps
leading to some changes.
Part of my theory of the IETF is that our more fundamental,
policy-oriented, procedural documents are representations of a
social contract between the community and various of its
components, expressed as best we can in procedures. The debates
that spring up every time someone mentions the letters "IPR" are
representative of this: while there are some fundamental
disagreements about principles, each new document over the last
several years has been an attempt to "get it right" or "get it
more nearly right": to reflect a presumably-shared set of
community norms about what the right thing to do is and to do so
as accurately as feasible in a document or two.
After all of the debates and discussions of a year or so ago, I
think we reached a similar position and understanding with
regard to the IASA, its components, and its role. BCP 101 is
recognized as an approximation to that understanding. It does
not perfectly reflect it; there was rough consensus in the
community that making it more perfect was not worth the time and
investment. I suggest, however, that there are two key
doctrines that underlie the IETF's agreement create that new
entity and to turn administrative responsibilities over to it:
(1) The IAOC is not the maker of any fundamental
policies, although it can, like anyone else, suggest
such policies to the community.
(2) While it may be necessary for the IAD or IAOC to
carry out some negotiations in private, and to keep some
detailed information, such as salaries, confidential
even after agreements are reached, the IAOC does not
approve secret agreements, nor does it make sweeping
changes to administrative structures, without the
opportunity for IETF review and debate.
The function of the "IPR Trust", as I understand it, is to
replace ISOC's role as nominal holder of IETF intellectual
property, particularly the copyrights in RFCs. Some of us are
big fans of ISOC and others are not, some of us trust ISOC more
than others do, but the bottom line in this particular area is
that there have been no instances in which ISOC's role as holder
of those copyrights or other materials has acted to prevent any
of the things that we want to have happen under our social
contract with each other and with the Internet's users and
implementers. Whatever the ISOC arrangement may be, it isn't
broken. No evidence has been offered to the community to the
contrary, nor has anyone come forward and said "there is a
fundamental problem that cannot be solved within the current
framework and to which the 'IPR Trust' is the answer". When we
say "if it ain't broke, don't fix it", those sorts of assertions
are the thing we look for as evidence that something is, in
fact, in need of fixing.
To a large extent, I still trust the members of the IAOC and
whatever members of the IAB and IESG (if any) have been fully
briefed on what is going on here. If they believe that, despite
the above, there is a problem that needs solving and to which
the "IPR Trust" appears to be the solution, then I think it is
reasonable that they spend time, and even carry out private
negotiations, to see if that arrangement can be realized in a
way that will improve whatever situations need to be improved.
However, my understanding of the social contract between the
IASA and the IETF participants is that there need to be some
very significant limits on secrecy. Before anyone agrees to an
"IPR Trust", I expect that the draft Trust Agreement, and any
draft Operating Documents, will be made public along with the
reasons for going down this path and that the IETF community
will have the opportunity to review those documents, to examine
them in the same detail with which we examine the IPR policies
that may ultimately depend on them, and to reach consensus about
whether this is a direction we want to go in, with those
particular operating details.
Is this really important? I don't know, because I have no idea
what is in those documents other than the very little bit that
has been made public. Can the Trust make decisions that would
create encumbrances on IETF IPR, or constrain IETF actions, in
ways that don't reflect community consensus? Do its Trustees
become the final approval source for changes in IETF IPR
policies? Are we happy about that? If we are, are we happy
that the IAOC members, who, as I understand things, are supposed
to have no policy role, have apparently appointed themselves (or
agreed to be appointed) as the Trustees, thereby assigning what
might be a key policy role to themselves.
While I am uncomfortable with the IESG's approving this BCP
change, my problem is not with the IESG. The current (approved)
draft provides that it won't take effect until the Trust comes
into being and that should be a reasonable level of protection
-- if the Trust does not come into being, this change presumably
goes rapidly to Historic. But my impression is that the plan is
to approve the agreement itself without any opportunity for IETF
community review. If true, that is, IMO at least, completely
unacceptable.
I know this is a difficult situation. I share what I assume is
the IAOC's frustration that, nearly a year after BCP 101 and all
of the effort that went into it were completed and approved, we
apparently still don't have any of the contracts in place that
were supposed to bring on a better and more efficient world for
all of us. But, if the conditions for having an IASA requires
that the community accept a situation that permits the IAOC to
make fundamental policy changes in secret and to commit the IETF
to them, then I think we need to question whether we need an
IASA -- the price may just be too high. Put differently, I
think there need to be some limits to what the IAOC can
negotiate and how it does those negotiations. Those limits are
determined, not by creative reading of BCP 101, but by the
social contract I referred to above. If the IAOC members find
themselves in a position in which the only way to realize a
particular agreement or course of action requires violating that
social contract and, in particular, approving policy changes as
significant as alterations in how the IETF's IPR is held and
administered without consulting the community about the reasons
for doing so and the exact plans about what is to be done, then
I believe they are obligated to say "no, our relationship with
the IETF won't permit us to work that way, we have to do
something else". If that is insufficient, then I expect those
members of the IAOC who understand the IAOC's appropriate
relationship with the community to start resigning. Having
the IAOC turn into a secret legislature, able to make policy
decisions for the IETF without consulting the IETF is, IMO, that
serious and that intolerable.
So this note is a call for the IAOC to reassure the community
that no 'IPR Trust' agreement will be approved and set in motion
without publication of those documents that are relevant going
forward and a meaningful opportunity for the community to review
and comment on those documents. I stress "going forward": if
the IAOC concludes, in good conscience, that the agreements and
negotiations that led to the IPR Trust's design and founding
must remain secret, I think we should be willing to accept that,
although I believe some members of the community would disagree.
But any documentation or agreements that govern how the IPR
Trust is organized and structured for the long term, how it is
governed, what it does, and what powers and authorities it
expects to have must be subject to meaningful community review
before any final agreements are made.
I have no idea whether I'm the only one who feels this way, but
I thought I should at least raise the question.
john
_______________________________________________
Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf