Re: Future Handling of Blue Sheets

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Doug,

you are right in the end I can not prevent someone else from publishing this. Even today a party that subpoena'ed them might publish the data. (Or a person might just take a photo of the blue sheet in the room and publish that...)

Of course we can not control other people's actions, however the question remains whether we (as the IETF) do publish that data and how easy/fast we make it for others to publish that data.

Just to be clear, I agree basically with most of the proposal from the IESG.* But when it comes to privacy I think we must be extremely careful and conservative with information, only releasing information where it really adds benefit to transparency. Because once released, it's impossible to get it back. Thinking about how to thread the needle (as you put it), I don't agree that the current proposal is optimal, and I would reiterate my proposal to not publish the bluesheets in the proceedings but to make them available to an individual upon email request to the IETF secretariat, providing name and email of the requesting person (and with a disclaimer in the IETF answer that this information is not meant to be re-published to the public (note I intentionally say "public", i.e. sharing among groups would still be ok.)). If we are worried about high volumes of requests, I would like to ask for more information on current volumes of subpoenas and why we get high volumes in the future. And if it's really too cumbersome for a person to answer the requests, we could then still discuss to use an email account based request system (IETF tools login) as proposed by Ted yesterday.

Best regards, Tobias


Ps.: *just as a disclaimer regarding the scanning part of the IESG proposal: I like it, but IMHO I would be slightly more cautious than the IETF counsel with the admissibility of scanned documents in court compared to paper originals. I've experienced quite some cases and legal discussions around value of proof of scanned documents.... - what I basically learned there was: scanning is ok in most IP jurisdictions, but handling the scanned data must use well documented procedures and access controls to keep the same level of non-repudiation of integrity and authenticity later in court.


On 10/05/12 17:10, Doug Barton wrote:
On 5/10/2012 1:48 AM, Tobias Gondrom wrote:
What I dispute is that "make available to those who are interested"
necessarily leads to the need to broadcast the data (i.e. publish in the
proceedings).
What is the harm you are trying to guard against by requiring the request?

Or, to take a completely different tack, given that there are a non-zero
number of people who think the data should be published, how do you
intend to deal with someone who makes the request, and then puts it up
on their own website?

I don't hesitate to criticize when I think that the IESG gets it wrong,
but in this case I think they threaded the needle about as well as it
could be threaded.

Doug




[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]