--On Wednesday, September 19, 2012 23:38 +0200 Carsten Bormann <cabo@xxxxxxx> wrote: >... > Until there is a court decision impacting this usefulness (or > one can be reasonably expected), the legal angle is simply > irrelevant. > > (Just keeping the thread alive so it doesn't seem that > everybody agrees with the strangely luddite position taken > here.) Carsten, Without completely agreeing with Joe (I don't), let me suggest that the above may be the wrong way to look at this. First of all, the "court decision impacting this..." argument should be approached like any other risk-benefit analysis. If things were to get into a court and we were to lose, the consequences could be nasty indeed. While it is possible that a judge might say "well, you were bad and shouldn't be doing this, but I won't punish you if you promise to clean up your act in the future", it isn't terribly likely. If things were to get to that point, prompted by a legal action by someone who could actually claim to have been damaged by the current policy, it is far more likely that the IETF would end up feeling significant pain, possibly accompanied by penalties severe enough to prevent us from keeping and getting the insurance on which we depend in the future. I personally don't consider it very likely that someone would actually sue or convince some appropriate prosecutor to come after us. But, however one assesses the likelihood of that happening and of that party winning, I think an attitude of "don't worry about it until that happens and we lose" would represent severely bad judgment. Perhaps more important from my point of view, the IETF depends on a social contract with its participants. For many years, participants had reason to believe that "expire after six months" meant that the IETF would not publicly facilitate, or directly provide public access to, expired I-Ds. They also had reason to believe that any rights they gave the IETF by posting a document as an I-D did not extend beyond the IETF especially after that six months -- that anyone else who wanted to make use of the material would have to come and discuss it with them. Whether that view was generally held or not is an almost meaningless question: I'm pretty sure that the vast majority of IETF participants, and even that of I-D authors, didn't give the issue a moment's thought. That same set of assumptions mostly applied even after that changes that led to the current BCP 78/79 language: the IETF Trust was granted (non-retroactively wrt earlier documents) the rights to do a number of things that the community might need, but there was no explicit assumption that all of those things _would_ be done unless the community necessity (not just convenience or wishes) were clear. Again, opinions differed about what was reasonable and appropriate in the normal case (an issue the IPR WG definitely did not reach a consensus conclusion about) and the evidence is (and was) that that vast majority of IETF participants still didn't care enough to pay attention. But that is precisely where the social contract becomes important. BCP 78 clearly gives the IETF the right to take a document you have written without asking you, remove your name from it, and publish it, possibly with modifications of which you might not approve, under someone else's name. That just doesn't happen, not because the written rules prohibit it (or because the IETF Trust is certain those provisions would hold up in court), but because there is general understanding that it would be in bad taste. Equally important, many of us would respond to such an action, at least one taken without a very good and clear reason, by deciding that the IETF is not a place where we care to do work any more. The "contributions", at least from those thus offended, would stop. And, to the extent that those contributions, and the credibility of the contributors as a group, were important, the IETF would be in serious, perhaps fatal trouble. So, like you, I'm really not concerned whether Joe's arguments are on firm legal ground or not even though I completely reject the idea of "let's keep doing it until court to which we have to pay attention tells us that we are wrong". But I am concerned that he and other authors of I-Ds, especially I-Ds that long predate RFC 5378, made good-faith assumption, based on practices at the time, about how their documents would be handled post-expiration. I think that, as a community, we ought to respect those assumptions more than saying, effectively, "we are going to maintain a public archive no matter what commitments you thought were made to you because we can and because we don't think you will actually sue us". The latter is just bad for the community, whether it "works" or not. best, john