On Fri, Jan 3, 2014 at 11:34 AM, Eric Rosen <erosen@xxxxxxxxx> wrote: > Let's face it, the draft is nothing but a political manifesto, and the IETF > has no business even considering it. If so, what politics? If you look closely at the draft and not so much at what people are assuming about it, it is straightforward: pervasive monitoring, for whatever cause, is indistinguishable from an attack; the ease of such attacks is increasing; the IETF is behind the curve; so we're going to do more to make it possible to resist such attacks. Is there something in that that you disagree with? > It is also clear from this discussion > that there is no consensus, even rough consensus, in favor. The problem with consensus is that people thought this draft either should recommend specific actions, or was recommending specific actions. Either would be wrong - the specific actions need to be considered in specific contexts. I hope that has been made clear by discussion. > Note the tone taken by proponents of the draft. It has been suggested that > critics are at best wasting everyone's time, and at worst unethical. There's a great deal of noise and confusion. Ignore statements that you know are just wrong unless they come from those behind the draft, as opposed to those claiming to represent their views (like me) or those just commenting on it. > When > it is pointed out that one cannot determine from the draft what the actual > impact on IETF process is, the proponents yell "there's no time to consider > the details, Rome is burning, we can't afford the time to listen to people > who disagree with us". The claim that we have to act immediately, even > though we don't know what we need to do, is particularly ridiculous. This > is all typical political discourse: ratchet up the volume of the sound > bites, claim the support of a "silent majority", and yell that the > dissenters are bad people who shouldn't be listened to. This should not be > considered to be an acceptable mode of discourse in the IETF. I didn't see any of that from people who are actually responsible for the draft. > Well, here's a particularly egregious example of poor reasoning: "since it > is already possible for the Security ADs to abuse their power, giving them > more tools and more excuses for doing so will have no effect." An obvious > non-sequitur, but a good sound bite. Yes, that was too casual. Personally, I don't think making a general statement about pervasive monitoring is going to give ADs any more power than they have now. Think about when Jeff Schiller was AD and how he used the power of the security audit (aside: I thought it was a good thing), and think about how the flow is now. No powers have been taken away and yet somehow we have a balance, and our protocols are better for the security considerations. In terms of drafts you might produce, this is another (major) facet to be considered, it's not granting a new power. Scott