Dean, How is any of this relevant to an EXPERIMENT ??? Ole Ole J. Jacobsen Editor and Publisher, The Internet Protocol Journal Cisco Systems Tel: +1 408-527-8972 Mobile: +1 415-370-4628 E-mail: ole@xxxxxxxxx URL: http://www.cisco.com/ipj On Sun, 13 Sep 2009, Dean Willis wrote: > > On Sep 12, 2009, at 2:31 PM, Doug Ewell wrote: > > >Ole Jacobsen <ole at cisco dot com> wrote: > > > > >I am also not sure what value there is in knowing that 3478273983421 spent > > >10 minutes in trill and then moved on to behave (pun intended). > > > >To amplify, I'm not sure why the security risks of being tracked while > >attending these meetings are considered so much greater than the risks of > >posting messages on mailing lists, signed with one's real name, and having > >those messages archived for years on publicly accessible Web sites. > > Well, I for one don't want people to know that I'm actually showing up for the > first ten minutes of each meeting I chair, replacing myself with an inflatable > dummy, and then going off to the bar. It would be revealing that I'm too > stupid to remove my RFID tag and attach it to the dummy, and that would be a > blow to my professional credibility. > > Seriously, it does have major implications for intellectual property lawsuits. > > Let's say JoeBob attends a meeting of the FRILL working group, then goes home > to patent a nifty new innovation in FRILL, which is then bought for $1 by a > patent troll when JoeBob's company goes broke because his board of directors > blew their investment capital on stocking their break room with headcheese. > Said patent troll then sues some defendant, whose legal team later notices > that said FRILL-enhancement had been discussed at IETF 211 while JoeBob, the > inventor, was in the room, thereby invalidating the patent (and making JoeBob > look like a doofus). > > Okay, so that's not an example with too many negatives, unless JoeBob decides > to sue us for making him look like a doofus. > > Now let's presume that some people remember (and that some other people don't > remember) JoeBob being in the room during the discussion, but IETF"s RFID > tracker log shows that JoeBob was hanging out with me in the bar. Does IETF's > failure to maintain the record that invalidates the patent make us liable to > the defendant? > > Or worse yet, IETF can't produce the RFID logs in response to a court order, > because somebody goofed and deleted them. Was this a conspiracy to protect the > patent troll? Who got bribed to make it happen? How many hundreds of thousands > of euros we would like to spend on the paperwork related to the various > discovery motions we might have to endure? > > In other words, any retained information increases liability, both for the > accuracy of the retained information and for the preservation of the retained > information. That's why we must both have a policy about how that information > is obtained and preserved, and we must live up to that policy, whatever it > says. > > Of course, the easiest policy is to retain no information. But even that has > its consequences. For example, is deliberate ignorance consistent with > industry best-practices? How does this interact with the Sarbanes-Oxley > requirements of our sponsors? And why would a startup company stock its break > room with headcheese anyhow? > > > -- > Dean > > > _______________________________________________ > Ietf mailing list > Ietf@xxxxxxxx > https://www.ietf.org/mailman/listinfo/ietf > _______________________________________________ Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf