Publicly Verifiable Nomcom Random Selection
RFC 2777
| Document | Type |
RFC - Informational
(February 2000; No errata)
Obsoleted by RFC 3797
|
|
|---|---|---|---|
| Author | Donald Eastlake | ||
| Last updated | 2013-03-02 | ||
| Stream | IETF | ||
| Formats | plain text html pdf htmlized bibtex | ||
| Stream | WG state | (None) | |
| Document shepherd | No shepherd assigned | ||
| IESG | IESG state | RFC 2777 (Informational) | |
| Consensus Boilerplate | Unknown | ||
| Telechat date | |||
| Responsible AD | (None) | ||
| Send notices to | (None) | ||
Network Working Group D. Eastlake 3rd
Request for Comments: 2777 Motorola
Category: Informational February 2000
Publicly Verifiable Nomcom Random Selection
Status of this Memo
This memo provides information for the Internet community. It does
not specify an Internet standard of any kind. Distribution of this
memo is unlimited.
Copyright Notice
Copyright (C) The Internet Society (2000). All Rights Reserved.
Abstract
This document describes a method for making random selections in such
a way that the unbiased nature of the choice is publicly verifiable.
As an example, the selection of the voting members of the IETF
Nominations Committee from the pool of eligible volunteers is used.
Similar techniques would be applicable to other cases.
Acknowledgement
Matt Crawford made major contributions to this document.
Table of Contents
1. Introduction............................................2
2. General Flow of a Publicly Verifiable Process...........2
2.1 Determination of the Pool..............................2
2.2 Publication of the Algorithm...........................2
2.3 Publication of Selection...............................3
3. Randomness..............................................3
3.1 Sources of Randomness..................................3
3.2 Skew...................................................4
3.3 Entropy Needed.........................................4
4. A Suggested Precise Algorithm...........................5
5. Fully Worked Example....................................6
6. Security Considerations.................................7
7. Reference Code.........................................8
Appendix: History of NomCom Member Selection..............14
References................................................15
Author's Address..........................................15
Full Copyright Statement..................................16
Eastlake Informational [Page 1]
RFC 2777 Verifiable Random Selection February 2000
1. Introduction
Under the IETF rules, each year 10 persons are randomly selected from
among the eligible persons who volunteer to be the voting members of
the nominations committee (NomCom) to nominate members of the
Internet Engineering Steering Group (IESG) and the Internet
Architecture Board (IAB) [RFC 2727]. The number of eligible
volunteers in recent years has varied in the approximate range of 40
to 60.
It is highly desireable that the random selection of the voting
NomCom be done in a unimpeachable fashion so that no reasonable
charges of bias or favoritism can be brought. This is for the
protection of the IETF from bias and protection of the administrator
of the selection (currently, the appointed non-voting NomCom chair)
from suspicion of bias.
A method such that public information will enable any person to
verify the randomness of the selection meets this criterion. This
document gives an example of such a method.
2. General Flow of a Publicly Verifiable Process
In general, a selection of NomCom members publicly verifiable as
unbiased or similar selection could follow the three steps given
below.
2.1 Determination of the Pool
First, you need to determine the pool from which the selection is to
be made.
Volunteers are solicited by the appointed (non-voting) NomCom chair.
Their names are then passed through the IETF Secretariat to check
eligibility. (Current eligibility criteria relate to IETF meeting
attendance, records of which are maintained by the Secretariat.) The
full list of eligible volunteers is made public early enough that
there is a reasonable time to resolve any disputes as to who should
be in the pool, probably a week to ten days before the selection.
2.2 Publication of the Algorithm
The exact algorithm to be used, including the public future sources
of randomness, is made public. For example, the members of the final
list of eligible volunteers are ordered by publicly numbering them,
several public future sources of randomness such as government run
Eastlake Informational [Page 2]
RFC 2777 Verifiable Random Selection February 2000
lotteries are specified, and an exact algorithm is specified whereby
eligible volunteers are selected based on a strong hash function [RFC
1750] of these future sources of randomness.
2.3 Publication of Selection
When the prespecified sources of randomness produce their output,
those values plus a summary of the execution of the algorithm for
selection should be announced so that anyone can verify that the
correct randomness source values were used and the algorithm properly
Show full document text