Hi there Audit Fans - Lets look at NoteWell and figure out how it interacts with Corporate Governance and Compliance Policies... let me make a couple of observations: NOTEWELL http://www.ietf.org/NOTEWELL.html has some hidden requirements that make it broken. Let me illustrate... 1) All the major players who sponsor people in the IETF have an iron-clad email policy which EVERYONE is aware of that says that they OWN the IP emanating from their Email System. This is generally not negotiable here in the US either. This means that they WILL NOT allow any releases against IP sent from their Email Systems or Domain. The cannot - lest they lose the control they have over the internal use of the servers which might seem fun to this group - but its something that NO EXECUTIVE is going to allow. 2) The IETF however claims that any Email sent to it in any form constitutes NOTEWELL and becomes its property. The problem is that it has no agreements with the other email provider to make that true. 3) The IETF also tries to protect itself by requiring the Individual to represent that they have formal authorization to participate in the IETF through the Entity's resources, except that there is the issue of #1 which NO entity in its right mind would consider relaxing... So who actually owns the IP? Better yet - can ANY SOX constrained company with public controls in place on its internal services allow an Employee or Guest to use their infrastructure to participate in a process that directly violates their corporate operating guidelines? ??? Todd _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf