Publicly Verifiable Nomcom Random Selection
RFC 2777

Document Type RFC - Informational (February 2000; No errata)
Obsoleted by RFC 3797
Last updated 2013-03-02
Stream IETF
Formats plain text pdf html bibtex
Stream WG state (None)
Document shepherd No shepherd assigned
IESG IESG state RFC 2777 (Informational)
Consensus Boilerplate Unknown
Telechat date
Responsible AD (None)
Send notices to (None)
Network Working Group                                    D. Eastlake 3rd
Request for Comments: 2777                                      Motorola
Category: Informational                                    February 2000

              Publicly Verifiable Nomcom Random Selection

Status of this Memo

   This memo provides information for the Internet community.  It does
   not specify an Internet standard of any kind.  Distribution of this
   memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2000).  All Rights Reserved.

Abstract

   This document describes a method for making random selections in such
   a way that the unbiased nature of the choice is publicly verifiable.
   As an example, the selection of the voting members of the IETF
   Nominations Committee from the pool of eligible volunteers is used.
   Similar techniques would be applicable to other cases.

Acknowledgement

   Matt Crawford made major contributions to this document.

Table of Contents

   1. Introduction............................................2
   2. General Flow of a Publicly Verifiable Process...........2
   2.1 Determination of the Pool..............................2
   2.2 Publication of the Algorithm...........................2
   2.3 Publication of Selection...............................3
   3. Randomness..............................................3
   3.1 Sources of Randomness..................................3
   3.2 Skew...................................................4
   3.3 Entropy Needed.........................................4
   4. A Suggested Precise Algorithm...........................5
   5. Fully Worked Example....................................6
   6. Security Considerations.................................7
   7.  Reference Code.........................................8
   Appendix: History of NomCom Member Selection..............14
   References................................................15
   Author's Address..........................................15
   Full Copyright Statement..................................16

Eastlake                     Informational                      [Page 1]
RFC 2777              Verifiable Random Selection          February 2000

1. Introduction

   Under the IETF rules, each year 10 persons are randomly selected from
   among the eligible persons who volunteer to be the voting members of
   the nominations committee (NomCom) to nominate members of the
   Internet Engineering Steering Group (IESG) and the Internet
   Architecture Board (IAB) [RFC 2727].  The number of eligible
   volunteers in recent years has varied in the approximate range of 40
   to 60.

   It is highly desireable that the random selection of the voting
   NomCom be done in a unimpeachable fashion so that no reasonable
   charges of bias or favoritism can be brought.  This is for the
   protection of the IETF from bias and protection of the administrator
   of the selection (currently, the appointed non-voting NomCom chair)
   from suspicion of bias.

   A method such that public information will enable any person to
   verify the randomness of the selection meets this criterion.  This
   document gives an example of such a method.

2. General Flow of a Publicly Verifiable Process

   In general, a selection of NomCom members publicly verifiable as
   unbiased or similar selection could follow the three steps given
   below.

2.1 Determination of the Pool

   First, you need to determine the pool from which the selection is to
   be made.

   Volunteers are solicited by the appointed (non-voting) NomCom chair.
   Their names are then passed through the IETF Secretariat to check
   eligibility.  (Current eligibility criteria relate to IETF meeting
   attendance, records of which are maintained by the Secretariat.)  The
   full list of eligible volunteers is made public early enough that
   there is a reasonable time to resolve any disputes as to who should
   be in the pool, probably a week to ten days before the selection.

2.2 Publication of the Algorithm

   The exact algorithm to be used, including the public future sources
   of randomness, is made public.  For example, the members of the final
   list of eligible volunteers are ordered by publicly numbering them,
   several public future sources of randomness such as government run

Eastlake                     Informational                      [Page 2]
RFC 2777              Verifiable Random Selection          February 2000

   lotteries are specified, and an exact algorithm is specified whereby
   eligible volunteers are selected based on a strong hash function [RFC
   1750] of these future sources of randomness.

2.3 Publication of Selection

   When the prespecified sources of randomness produce their output,
   those values plus a summary of the execution of the algorithm for
   selection should be announced so that anyone can verify that the
   correct randomness source values were used and the algorithm properly
Show full document text