Hi,
To add a tidbit. There has long been a notion of an umbrella of
confidentiality in Nomcom. Which means that anyone who has, or is
given access, to any of the confidential information has to agree to
keep the information confidential. While I have paid very little
attention t nomcom over the last few years, I assume this idea is
still relevant.
I agree with Harald that there is this common assumption of trust
given to system administrators. And in fact when as a Nomcom chair,
i kept info on my system, there was always the possibility that a
company system administrator could see the info and do something with
it. I assume the same is true of every nomcom members who receives
the email on a work owned computer. I would assume that in addition
it being implicit that the tools team folks be trusted to treat
things confidentially, that it be explicit that members of the tool
team and other administrators of the systems agree to keep nomcom
information confidential. I am not looking for an NDA, but perhaps
an explicit statement might be useful in assuring people.
a.
On 7 nov 2006, at 05.37, Harald Alvestrand wrote:
I think some of Laksminath's concern is valid.
But I think the solution to the problem is simple:
Make it publicly known who is on the technical staff that supports
the Nomcom, and make it clear that these people:
1) May learn Nomcom information as a side effect of their technical
work to support Nomcom
2) Have promised not to reveal that information to others, and have
promised not to take any other action based on that information
(apart from fixing technical problems)
This is analogous to the role of an email postmaster: He *can* read
any mail on the system, if he really wants to, but we trust him to
not *do* it - or, if he has to during debugging, we trust him to
"forget" what he's read.
I trust that Henrik thought this was "so obvious it didn't need
mentioning".
Harald
--On 7. november 2006 00:39 -0800 Lakshminath Dondeti
<ldondeti@xxxxxxxxxxxx> wrote:
Fred,
When I saw a non-nomcom member having access to what I thought was
nomcom-confidential, I was very concerned and now doubt the entire
process. I was told that it is secure, but it has not been
verified as
far as I can tell. At this point, no offense to the tools team, I
remain
unconvinced.
_______________________________________________
Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf
_______________________________________________
Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf