Skip to main content

Appeal to the IESG of PR-Action against Dean Anderson (Dean Anderson; 2006-03-08) - 2006-03-08
Appeal - 2006-03-08

IAB Appeal of IESG PR-Action Against Dean Anderson

The Problem

The PR-Action against Dean Anderson approved by the IESG has a great number of problems. It makes a number of false allegations. There are procedural irregularities and numerous other problems. Among the most serious problems, IETF and ISOC officials are found to be acting contrary to the ISOC charter, with serious conflicts of interest involving financial benefits. Professional dishonestis uncovered and substantiated. Integrity of IETF documents and IETF Officials is found lacking. Allegations of corruption are substantiated. And the specific claims of the PR-Action are refuted, found false and often found taken absurdly out of context.. Some preliminaries are in order before we get to the specific PR claims. Effort has been made to write in 3rd person so as to make absolutely clear who said what.

  • biographical background,
  • definitions,
  • obligations,
  • organization charters,
  • policies and responsibilities,
  • requirements of RFC 3683,
  • procedural irregularites,
  • unreported conflicts of interest,
  • incitement against Av8 Internet and Anderson
  • specific PR claims

Biographical Background on Anderson

Dean Anderson has participated in the IETF main list and the DNSEXT group for many years. Anderson has not been subjected to any previous suspensions, such as that contemplated by RFC 3934. Anderson has 20 years experience in the industry, is founder of several companies, including a successful internet service provider, Av8 Internet with facilities in New England. Anderson has became active in the League for Programming Freedom(LPF) during the late 80s, and has served in its leadership as its corporate secretary and as its president. The LPF was founded by Richard Stallman (founder of GNU) and is a 503(c)(3) non-profit dedicated to fighting software patents and user interface copyrights. Anderson led the LPF to a 1996 victory in the US Supreme Court on the subject of user interface copyrights in Lotus V. Borland, and organized Amicus briefs including one signed by 81 prominent computer scientists including Harold Abelson, Peter Deutsch, John McCarthy, Gerald Sussman, and many others. As a result, there are no user interface copyrights. Though 20 years of industry work, Anderson has experience running large and small datacenters including running computer systems from IBM and Hitachi mainframes to KSR supercomputers to networks hundreds of unix workstations. Anderson has proficiency in several programming languages including C, C++, Java, and several assemblers, and scripting languages. Anderson has contributed to large projects such as OSF/1, Motif, DCE, as well as many in-house software projects. Anderson has worked for companies including the Charles Stark Draper Laboratory (formerly the MIT Instrumentation Lab), the Open Software Foundation, Kendall Square Research, and Hitachi Computer Products. Anderson (through a consultancy he founded), has consulted to the Open Environment Corporation, The Open Group, GTE Internetworking, Genuity (the big Genuity, as distinguished from the little Genuity), and many other companies on IT and VOIP infrastracture, engineering, and software development. Anderson attended the University of South Dakota and took coursework in computer science. Anderson also attended the Massachussetts Institute of Technology as a special student and took coursework in mathematics and computer sciences.


Legal Disclaimer: In places this document refers to legal obligations and demands on certain organizations and individuals. It should be noted that this document is not submitted as a complete or final description of any legal demands which might be made by Anderson or Av8 Internet or others, but is submitted only for due process consideration by the IAB. No limitation on rights is accepted nor are any specific legal theories offered. These references are to be taken only as preliminary notices of infringements and preliminary demands to cease and desist, according to our prudent duties to make such notices and demands known.

Definitions -- Black's Law Dictionary

Charitable Trust.

One in which property held by a trustee must be used for charitable purposes (advancement of health, religion, etc.). Fiduciary relationship with respect to property arising as a result of a manifestation of an intention to create it, and subjecting the person by whom the property is held to equitable duties to deal with the property for a charitable purpose.


As used in statutes prescribing the qualifications of public officers, trustees, etc., this term means soundness or moral principle and character, as shown by one person dealing with others in the making and performance of contracts, and fidelity and honesty in the discharge of trusts; it is snyonymous with "probity," "honesty," and "uprightness."

Fiduciary duty

A duty to act for someone else's benefit, while subordinating
one's personal interests to that of the other person. It is the highest standard of
duty implied by law (e.g. trustee, guardian).


Founded on a fiction; having the character of a fiction; pretended;
counterfeit; Feigned, imaginay, not real, false, not genuine, nonexistant. Arbitrarilly invented
and set up, to accomplish an ulterior object.

Definitions -- Oxford English Dictionary


  1. The condition of having no part or element taken away or wanting; undivided or unbroken state; material wholeness, completeness, entirety. >
  2. The condition of not being marred or violated; unimparired or uncorrupted condition; original perfect state; soundness.

  3. In a moral sense. a. Unimpaired moral state; freedom from moral corruption; innocence, sinlessness; b. Soundness of moral principle; the character of uncorrupted virtue, esp. in relation to truth and fair dealing; uprightness, honesty, sincerity.

IETF, IAB are Activities of the Internet Society (ISOC)

The ISOC is a professional society. The IETF and IAB are activities of the ISOC.

<>: (emphasis added)

The Internet SOCiety (ISOC) is a professional membership society with more than 100 organization and over 20,000 individual members in over 180 countries. It provides leadership in addressing issues that confront the future of the Internet, and is the organization home for the groups responsible for Internet infrastructure standards, including the Internet Engineering Task Force (IETF) and the Internet Architecture Board (IAB).

Since 1992, the Internet Society has served as the international organization for global coordination and cooperation on the Internet, promoting and maintaining a broad spectrum of activities focused on the Internet's development, availability, and associated technologies.

The Internet Society acts not only as a global clearinghouse for Internet information and education but also as a facilitator and coordinator of Internet-related initiatives around the world. Through its annual International Networking (INET) conference and other sponsored events, developing-country training workshops, tutorials, statistical and market research, publications, public policy and trade activities, regional and local chapters, standardization activities, committees and an international secretariat, the Internet Society serves the needs of the growing global Internet community. From commerce to education to social issues, our goal is to enhance the availability and utility of the Internet on the widest possible scale.

Obligations of the Internet Society (ISOC)

It should be kept firmly at the forefront that the ISOC is not a private club with entirely arbitrary, capricous and whimsical rules which may benefit whomever and whatever private interests it so pleases.

Section 3 of the ISOC Articles of Incorporation:

  1. The purpose or purposes for which the corporation is organized are as follows: To be a non-profit corporation (without capital stock), which shall be operated exclusively for educational, charitable and scientific purposes. Such educational, charitable, and scientific purposes shall include carrying on activities:

    a. To facilitate and support the technical evolution of the Internet as a research and education infrastructure, and to stimulate the involvement of the scientific community, industry, government and others in the evolution of the Internet;

    b. To educate the scientific community, industry and the public at large concerning the technology, use and application of the Internet;

    c. To promote educational applications of Internet technology for the benefit of government, colleges and universities, industry, and the public at large;

    d. To provide a forum for exploration of new Internet applications, and to stimulate collaboration among organizations in their operational use of the global Internet.

    To exercise all the powers conferred upon corporations formed under the District of Columbia Non-Profit Corporation Act in order to accomplish the corporation's educational, charitable and scientific purposes; and to take other actions necessary or convenient to effect any or all of the purposes for which the corporation is organized.

The ISOC is a 501(c)(3) Tax Exempt Charitable Organization,,id=96099,00.html:

  • "An organization will be regarded as "operated exclusively" for one or more exempt purposes only if it engages primarily in activities which accomplish one or more of the exempt purposes specified in IRC Section 501(c)(3). An organization will not be so regarded if more than an insubstantial part of its activities is not in furtherance of an exempt purpose."
  • "The organization must not be organized or operated for the benefit of private interests, such as the creator or the creator's family, shareholders of the organization, other designated individuals, or persons controlled directly or indirectly by such private interests."

Serve the public trust: ISOC Fiduciary responsibilities

(Emphasis added)

  1. Fiduciary Responsibilities. Members of the Board, officers, and employees of ISOC serve the public trust and have a clear obligation to fulfill their responsibilities in a manner consistent with this fact. All decisions of the Board and officers of the administration and faculty are to be made solely on the basis of a desire to promote the best interests of the institution and the public good. ISOC's integrity must be protected and advanced at all times.

IETF Policies and Responsibilities

Besides acting consistently with the ISOC policies and responsibilities, the IETF must comply with its own internal policies. Of particular relevence to this docuement are the following rules and policies of the IETF.

  1. WG Chair responsibilities RFC 2418, section 6.1 of RFC 2418: (emphasis added)

The Chair has the responsibility and the authority to make decisions, on behalf of the working group, regarding all matters of working group process and staffing, in conformance with the rules of the IETF. The AD [Area Director -ed] has the authority and the responsibility to assist in making those decisions at the request of the Chair or when circumstances warrant such an intervention.

  1. Working Group Disputes RFC 2026 Section 6.5.1 (emphasis added)

6.5.1 Working Group Disputes

An individual (whether a participant in the relevant Working Group or not) may disagree with a Working Group recommendation based on his or her belief that either (a) his or her own views have not been adequately considered by the Working Group, or (b) the Working Group has made an incorrect technical choice which places the quality and/or integrity of the Working Group's product(s) in significant jeopardy. The first issue is a difficulty with Working Group process; the latter is an assertion of technical error. These two types of disagreement are quite different, but both are handled by the same process of review.

A person who disagrees with a Working Group recommendation shall always first discuss the matter with the Working Group's chair(s), who may involve other members of the Working Group (or the Working Group as a whole) in the discussion.

Each Working Group has a charter page which lists an email address for the Working Group Chair(s), The Area Director(s), and the Area Advisor(s), as well as any discussion group email lists.

Requirements for RFC 3683

  1. A Revocation Practice

A PR-action identifies one or more individuals, citing messages posted by those individuals to an IETF mailing list, that appear to be abusive of the consensus-driven process.

RFC 3683 is meant to prevent disruption of IETF activities. Meetings might be disrupted by hecklers who interrupt the speaker. Mailing lists might be similarly disrupted. However, "Disruption" implies that the IETF and DNSEXT lists couldn't conduct its proper business. No disruption has occurred, and none is evidenced in the messages given in the instant PR-Action. Dean Anderson has not heckled anyone. But in fact, it is Anderson who has been heckled and abused, including including being defamed by, among others, representatives of the IETF who have inappropriately used the auspices of their IETF roles to do so.

RFC 3683 Procedure:

Regardless of whether the PR-action revokes or restores posting rights, the IESG follows the same algorithm as with its other actions:

  1. it is introduced by an IESG Area Director (AD), who, prior to doing so, may choose to inform the interested parties;

  2. it is published as an IESG last call on the IETF general discussion list;

  3. it is discussed by the community;

  4. it is discussed by the IESG; and, finally,

  5. using the usual consensus-based process, it is decided upon by the IESG.

Procedural Irregularities in the PR-Action

  1. Step 1 was not followed. Only an AD can initiate a PR-Action.

"The IESG received a request from Dave Crocker to take action under RFC 3683 against Dean Anderson. Mr Crocker alleged disruption of the IETF and DNSEXT lists and provided sample emails "

In this case, it is reported that Dave Crocker initiated the PR-Action. Dave Crocker is not an Area Director. While Crocker can provide the text, and can be acknowledged as an author, the action must be initiated by an Area Director.. The IESG Teleconference minutes suggest (statement by Kessens) that Brian Carpenter initiated the Action: From the September 29 IESG Teleconference minutes (emphasis added)

6.2 Request to remove Dean Anderson posting privileges to the IETF & dnsop mail lists (David Kessens)

David Kessens said that Brian Carpenter took the first initiative there, after the request from Dave Crocker under RFC 3683. Brian Carpenter said that an AD was needed to shepherd this, and noted that Dean Anderson could continue to post for 4 weeks during the last call.

David Kessens was appointed to shepherd this request.

The claim that Carpenter took first initiative is not supported by the record of the IETF list, nor of the minutes themselves. Kessens made the threat offlist, then again on-list, and is recorded as adding the agenda item for the teleconference. The effect seems to be to obscure conflict of interest. However, both Carpenter and Kessens have conflicts of interest in the form of personal relationships and neither has reported or avoided these conflicts of interest as required.

  1. Step 2 of the procedure was not followed. RFC 3683 requires the action to be announced on the General IETF list. It wasn't. Instead it was "re-announced" after substantial discussion took place. This may seem like a minor issue, however the "re-issuance" subsequently disrupted discussion as required in step 3.
  2. Step 3 was not heeded. 133 messages were posted on the subject of RFC 3683 as of February 8, 2006. Nearly all comments regarding RFC 3683 have been negative.
  3. Step 4 of the procedure was not followed. The minutes of the IESG do not reflect the discussion. RFC 2026 Section 8 requires publicly accessible records:

Each of the organizations involved in the development and approval of Internet Standards shall publicly announce, and shall maintain a publicly accessible record of, every activity in which it engages, to the extent that the activity represents the prosecution of any part of the Internet Standards Process. For purposes of this section, the organizations involved in the development and approval of Internet Standards includes the IETF, the IESG, the IAB, all IETF Working Groups, and the Internet Society Board of Trustees.

  1. Step 5 of the procedure was not followed. No vote was held in accordance with the "usual, consenus based process", which requires publicly accessible records in Section 8 of RFC 2026. No discussion is recorded. No vote is recorded.

6.3 Approval of text for PR-Action decision (Brian Carpenter)

< discussion here was not minuted >

Unreported Conflicts of Interest in the PR-Action

Following is a summary of unreported conflicts of interest. Many of these will be addressed in more detail elsewhere in this document.
* PR claim that Dave Crocker is sole author of PR-Action is false. (see below)
+ Crocker doesn't participate in dnsop working group.
+ September 23, 2005 Kessens threatened revenge on Anycast subject of this complaint.
+ September 29, 2005 IESG Minutes indicate Kessens added agenda item. Suspicious correction in minutes by Kessens that it was Carpenter who initiated this action.
* Kessens involvement with Woolf (see below)
+ Woolf and Kessens worked together at ISI
+ Woolf is ISC program manager for ISC Anycast, related to this complaint
+ ISC promotion of Anycast
* Kessens Previous employment with RIPE (see below)
+ RIPE promotion of Anycast
+ Daniel Karrenberg supervised Kessens at RIPE. Karrenberg has been involved in Anycast controversy.

Previous Conflict with Crocker

This is somewhat complicated. However, one can see a pattern that indicates that Crocker is trying to abuse the IETF process to suppress valid criticism of the quality and integrity of his SpamOps document. It is plain that Crocker has fairly extreme views on Open Relay use, and extreme views on spam, and has associations with anti-spam personalities of Court-proven questionable integrity. Anderson has had conflict with such extreme anti-spam personalities personally, and has found that they typically degenerate into attacks (ad hominems as well as DDOS on email servers). Most people do not engage in discussions with such people as a result. However, Anderson has found that when forced by their lawyers to act civilly, that their arguments do not stand up to critical analysis. (see <>, see <>) In light of this, it is easy to see that Crocker is just trying to suppress valid criticism of his insuffiiciently supported views on spam control. If Crocker was right, and Anderson was "crazy", there would be little need to ban Anderson few posts.

This message by Nick Staff seems to sum things up (emphasis added) :

In the last six months approximately 65%-75% of email generated by or about Dean to this list have been in response to messages that complained about the relevancy of his comments. In fact roughly 20% of all mail this list has received either by or relating to Dean has been from this thread alone. If you remove those messages from the count then over the last six months Dean averages around one email every 4-6 days. (all figures are rough "at-a-glance" calculations as opposed to pen and paper).

Without getting into the discussion of whether an email every 5 days is a DOS I would certainly like to state for the record that without question the pettiness has taken far more thought than the productivity, and so if Dean's posts are a DOS then the posts trying to protect us from them have been an atom bomb.

This "atom bomb" is the reaction of zealots who can't stand civil discussion of the cherished false assumptions.

Now is a good time to review the IETF and ISOC responsibilities, and the definitions of the words "integrity", and particularly the OED version of

  1. In a moral sense. a. Unimpaired moral state; freedom from moral corruption; innocence, sinlessness; b. Soundness of moral principle; the character of uncorrupted virtue, esp. in relation to truth and fair dealing; uprightness, honesty, sincerity.

Do these acts remind one of "truth and fair dealing"? "Uprightness"? "Honesty?", or even "Sincerity"?

Do these acts reflect well on the ISOC and IETF?

Incitement Against Anderson and Av8 Internet

At first glance, this may seem external to the IETF however, many of the messages attacking Anderson are on the IETF lists, and includes IETF officials. Because these abuses are conducted on IETF lists, sometimes by IETF officials, the causes and motives of this spiteful and malicious behavior needs to be considered in context. Persons reviewing this appeal have noted an that there is a lot of vitriol directed at Mr. Anderson. Some explanation of that vitriol sheds a great deal of light on these abuses.

For years, some anti-spammers have promoted incitement against Anderson and Av8 Internet by claiming that Anderson or Av8 Internet has engaged in lawsuits against anti-spammers. They do this because they cannot argue civilly, and the abuse escalates over time. First they start with calling one "troll" or "spammer". Consider for example this exchange between Paul Vixie and Anthony Atkeilsky: Vixie writes

warning, i'm answering an obvious troll from an obvious spammer. [...]

In other words, you disagree with me, but for reasons I won't go into, you cannot resist the urge to reply.

actually, i can speak for myself, there's no need to interpret for me.

i'm calling you a troll because you're urging people to pay no attention to the costs, to just hit delete, and to avoid filtering since you claim that the costs of false positives are too high. that's three for three.

Atkeilsky merely disagrees with Vixie's assertions and is prepared to discuss the reasons for disagreement. For this, he is called an "obvious troll" and "obvious spammer". Neither are obvious. But questioning cherished notions however ill-conceived, irrational, and exaggerated results in escalating verbal and physical abuse.

Rather than a complete history, the following exchange between Anderson and a network administrator serves to exemplify the level of incitement. This particular discussion involved SORBS false claims. Anderson writes:

"Misplaced" suggests a lack of malice. Malice is present with SORBS.

To which the network administrator replies:

Your lawsuits may have given rise to that malice.

In fact, neither Anderson nor Av8 Internet has ever been a participant in any such lawsuit. Anderson predicted and correctly analyzed several activities by over-zealous anti-spammers that were later found to be illegal or otherwise unlawful in lawsuits. Av8 Internet did have a conflict with Savvis Communications involving attorneys, but AV8 Internet's position prevailed after the issues in the matter were specified, and so it did not result in litigation. The Savvis employee subsequently made false statements against Av8 Internet. (see

At other times, Anderson has been called "lawsuit-happy", in efforts to demonize and villify Anderson. Again, neither Anderson nor Av8 Internet has ever been a participant in any such lawsuit.

Given the great number of reports about abuse by blacklists, and including court cases establishing their dishonesty, it seems well established that some anti-spammers are dishonest. Some are unethical. And some are spitefully unhappy to get thorough analysis, detailed research, and good answers as Anderson did regarding Anti-trust and the Electronic Communications Privacy Act years before cases such as Exactis V. MAPS and Konop V. Hawaiian Airlines vindicated Anderson. As Moltke said: "success determines reputation", and it is Anderson's success at analysis, research, and good answers that is the source of this spiteful behavior. When Nanog'ers (including the ASRG's own John Levine) asserted that the ECPA didn't apply to ISPs, Anderson went to the library and researched the congressional reports to find out what the law meant and whether Congress intended the law to apply to email. (it did). Indeed, it is Anderson's analysis and fact-finding that is disruptive of plans based on deception. Anderson has not engaged in any nefarious behavior.

The false claims made as a result of this malice and spite are not limited to SORBS false claims of hijacked address space, even though even these particularly incredible claims are repeated by IETF offical staff in their official IETF capacities. A professional organization such as the ISOC and its IETF activity has an obligation to act on true facts, not on a series of maliciously false claims made out of spite.

RFC 3005 "IETF Guidelines for Conduct"

  1. IETF participants extend respect and courtesy to their colleagues at all times.

We will see that this principle has not been enforced or even encouraged with respect to Dean Anderson, Dan Bernstein, JFC Morfin, and others who have systematically abused by the same small group of people, associated with and confidants of Kessens/Crocker/Carpenter. We seek to apply the definition of "integrity" given by the Oxford English Dictionary to the dealings of these current and former IETF officials with Anderson.

RFC 3005 goes on to say

  1. IETF participants develop and test ideas impartially, without finding fault with the colleague proposing the idea.

We dispute ideas by using reasoned argument, rather than through intimidation or ad hominem attack.

We will see that Anderson raises 3 separate issues, in which ISOC/IETF assets are either improperly used or improperly prevented from use to inure substantial benefits to private individuals and private organizations. The documents produced by the ISOC are assets of the ISOC. A great deal of money is at stake in each of these areas:

  1. Patent Policy Compliance. Patent holders stand to gain a great deal of money if the IETF standardizes their technology. IETF Policy is to prefer non-patented technology. Anderson has reported on instances where this policy is not being followed.
  2. Root DNS Operations. Root DNS operators are selling DNS Anycast services to dozens of ISPs. Anderson and others have reported on the problems with this technology. Information developed to date has substantiated Anderson's claims. The IETF has an influential and proper role to play in development of engineering standards for Root DNS server operators, including standards that indicate this is unusable technology for Root DNS Operators.
  3. SPAM Operations. Authors/backers of the SPAMOPS document, Crocker/Hutzler/AOL stand to earn a great deal of money.

Rather than attempting to refute Anderson on these issues by reasoned argument, Anderson has been threatened, harassed and intimidated. We will show that this PR-Action carries out an improper threat against Anderson. This incitement and intimidation is directed against valid civil disagreement and recently against valid, well-substantiated questions of integrity.

Anderson has not done anything by nefarious or abusive means to disrupt any consensus. Rather, certain parties have attempted either to develop consensus by or to prevent development of consensus by deception, false statements, ad hominem attacks and threats on Anderson and others.In some cases these threats have been executed RFC 2026 Section 6.5.1 states that one can disagree with a working group recommendation for 2 basic reasons:

(a) his or her own views have not been adequately considered by the Working Group, or (b) the Working Group has made an incorrect technical choice which places the quality and/or integrity of the Working Group's product(s) in significant jeopardy.

In order to adequately consider views, those views must be put forward. If views can't be put forward, they can't be adequately considered.

Second is the quality and integrity of the Working Group's product. Persons at the IETF, particularly Dave Crocker, Brian Carpenter, and David Kessens as well as others have made false statements, associated with persons of questionable honesty and integrity, and accepted false statements from such persons, thereby placing the quality and integrity of the documents into serious question. Rather than properly investigate serious charges of failures of integrity, Crocker/Carpenter/Kessens et al have instead threatened Anderson and have carried out threats. This had the effect of covering up and preventing investigation of these charges, some of which have been substantiated in Court of Law. IETF officials have engaged in professional dishonesty and unfair dealing. These infractions are multiplied by the attempts of senior staff at the IETF to cover up these integrity failures, and to silence Anderson and others. Added to this scandal are 3 issues involving substantial sums of money improperly inured to private individuals and organizations. This seem contrary to the missions and principles of the IETF and ISOC, as well being contrary to the affirmations made regarding the ISOC 503(c)(3) status. These 3 issues are a substantial part of the IETF and ISOC activities.

Casual Remarks vs Professional Honesty and Integrity

Harald Alvestrand claims that he "can't toss of a casual remark without getting virtually crucified" Alvestrand seems here to be asserting that Anderson makes accusations of professional dishonesty lightly. Simply considering the definition of "casual" versus "professional" reveals that plainly "official remarks" are distinguished from "casual remarks" by being held to a professional standard of honesty and integrity. A casual remark is a made in an unofficial capacity. There are many acts or omissions that constitute professional dishonesty, and this section is not a taxomony. But one type of professional dishonesty arises where reasonable people cannot differ. Such as for example, the number of lawsuits filed against someone--that is a matter of public record and reasonable people cannot differ in the number; certainly not without some sort of extenuating circumstance supporting the alternate number.

There is a great gulf between a mere differnce of opinion, and something about which reasonable people cannot differ. Anderson has provided substantial evidence of the validity of allegations when there have been made (see for an example). Remarks in official capacity are by definition not casual remarks. T'so was acting in his official role as IETF Sergeant at Arms, and thus his statements are held to a higher standard than "casual remarks". In the case of the SpamOps integrity issue, the questioned source was brought into Court of Law on three different occassions and found to have intentionally made false statements including regarding open relays. And the Court held that their statements weren't false in any way that could be a mere difference of opinion. That fact makes the integrity of that source extremely questionable.

Associated with this Court proven liar is the SORBS/ISC group, which is making additional absurdly false claims about Av8 Internet's and The Open Group's netblocks being hijacked. This is another fabrication about which reasonable people cannot differ, that reflects on the integrity of the organizations and their associates. As sources of data in the SpamOps document, they discredit the integrity of the SpamOps document of which Mr. Crocker is an author. As associates of Mr. Crocker, they potentially discredit Mr. Crocker. Crocker has not taken any steps to disassociate himself with this group, or their statements. A recent news article ("M.I.T. Dismisses a Researcher, Saying He Fabricated Some Data" NY Times 10/28/05) stated "M.I.T. is taking steps to retract the published paper and to make clear how the fraud occurred, so as to preserve the reputations of Dr. Van Parijs's colleagues".

It should be noted that the IETF officials are repeating false statements from the same group in defamation of Anderson and Av8 Internet. This is addressed in more detail below. The IETF is deeply involved with the tainted group, and strenously maintains that association in spite of complaints. This is not simple mistake, nor a casual remark, nor a casual "slip of the tongue". Complaints have been made, but the IETF appears content to publish the tainted draft, and has instead taken steps to silence the person reporting the fabrications, making even more fabrications in the process of doing so. RFCs are official publications of a professional society, and are not merely casual remarks, any more than publication in other professional journals are casual remarks.

Specific PR Claims

It is perhaps telling that the PR-Action notes afterward that:

While these messages alone might not suffice to justify action,

Even though the PR-Action admits they are insufficient to justify action, it seems incumbent that we disprove each of the assertions. We begin with the claims of disruption.

### I. Carpenter/Crocker/Kessens claim of disruption

"Mr Crocker alleged disruption of the IETF and DNSEXT lists and provided sample emails [4]."

Very few samples were provided, and of those, many were taken out of context and all are refuted as evidence of disruption. Remember that RFC 3683 is meant to prevent disruption of IETF activities. Some nefarious activity should be demonstrated. Instead, we will see IETF officials and others who have abused their roles to disregard IETF and ISOC policies, possibly for personal and financial gain and/or for the personal and financial gain of their associates and confidants who may stand to gain, or for the protection of certain "cherished notions" which benefit private interests. We offer no specific motivations for these violations, but instead assert they are violations of policy in spite of clear obligations to serve the public trust. This PR-Action is travesty of the IETF and ISOC policies that these same officials are supposed to uphold and implement.

Lets consider the disruption asserted in footnote 4. Examination of these examples reveals much:

  1. Claim of Offtopic posts

    Dean continues to discuss topic that was declared off-topic by working group chair:

    RFC 3005 specifies the IETF discussion list charter:

    "It also hosts discussions of IETF direction, policy, meetings, and procedures. As this is the most general IETF mailing list, considerable latitude is allowed."

    In fact, the message referenced in the PR Action is a well documented, substantiated, and ON-TOPIC complaint to the IETF main list that the DNSEXT WG is not in compliance with IETF IPR policy as described in RFC 3979. In the cited message Anderson writes:

    The statement of the WG chair (included below) is not consistent with the IETF rules on IPR disclosure and consideration.

    This is plainly about IETF policy, and is within the charter of the IETF main list per RFC 3005. Anderson's message is relevant to the DNSEXT list, even though Kessens and the IETF Chair have been inconsistent on whether complaints should be sent to the WG lists. However, the entire discussion was only 9 total messages (number 8 was from the Chair, number 9 was the complaint about the chair referenced above) and only 7 on the question of patents. Hardly anything for the IESG to complain about.

    Far short of a voluminous discussion in which progress cannot be made. Lets consider the substance of Anderson's message. We will see that Anderson's complaint is also well substantiated by facts sufficient to prove its claims:

    Anderson's message clearly and validly objects that the WG Chair has acted improperly in asking that the WG cease discussion of IPR issues relating to drafts in the DNSEXT WG. There were only 7 (seven) total messages in the thread including 4 from Anderson prior to the WG Chair asked for the discussion to stop, citing 'rat-hole'. Sometimes discussions do go on for a hundred messages and it is plain that the discussion is not productive, and the group should move on to something else. However, this plainly wasn't the case.

    Discussion of IPR encumbrance in WG technology is ON-TOPIC for every IETF working group, according to RFC 3979:

    6.2. The Timing of Providing Disclosure
    Timely IPR disclosure is important because working groups need to have as much information as they can while they are evaluating alternative solutions.

    Declaring discussion of IPR "off-topic" after only 7 messages is to deny valid discussion and is contrary to RFC3979, and so Anderson's message is a well-founded administrative complaint to the IETF main list. The IETF main list and the DNSEXT list are the proper forums for this complaint. Failure to implement the Official IETF policy contained in RFC 3979 inures substantial financial benefits to the patent holder(s). Anderson's message isn't nefariously disuptive of consensus. It may however disrupt the plans of the undisclosed patent holder to avoid compliance with IETF policy and procedures.

    The charge is also literally false, since Anderson stopped discussing the specific patent issue, and complained to the IETF about the Chair's improper halting of discussion. Anderson has done nothing wrong in lodging that complaint. It is hard to imagine that this charge in the PR-Action is an innocent mis-characterization. Its quite a stretch to portray Anderson's message as disrupting consensus. The charge seems to be a fabrication in order to threaten and intimidate Anderson.

  2. Dave Crocker's message

    "Dave's response on part of Dean's mail:

    Crocker's message is sent in response to the just cited message from Anderson. We just showed that Anderson's message was ON-TOPIC and substantiated. By contrast, Crocker's message has no relevance to the original message posted by Anderson. In fact, THIS message by Crocker is abusive, disparaging, and professionally dishonest. Crocker's message is disruptive--it distracts the IETF from addressing the serious issue of RFC3979 policy compliance. Crocker's message does not discuss the WG Patent Policy issue raised in Anderson's original message, but rather serves to disparage Anderson's involvement in Software Patent Policy Issues in his role as President of the League for Programming Freedom, and in other forums including the IETF. Anderson was elected to that position, and has persuaded people to reach rational compromise. Anderson's work in the LPF is a credit. More on this message in section's d. and e. following.

  3. Two messages by other people are strangely cited by the PR-Action as proof of Anderson's disruption:

    Two messages by other participants who continue to discuss Dean's point:

    These messages by other senders do not provide any evidence of disruption by Anderson. These messages serve only to make it possible for the PR-Action writers to take Crocker's and Bellovin's message out of context. Before we get into that, lets look at these two messages.

    The first message, by William Leibzon, supports Anderson's claims:

    What Dean wrote makes lots of sense to me, so I primarily agree with him, except for his typical dnsext chair bashing - I'm not sure there is really a case there that chair is blocking discussion. I do agree that some list members there don't like the discussion of patents

    Leibzon writes "dnsext chair bashing". Perhaps this is the "smoking gun" of disruption that Kessens and Crocker meant to show. But
    the term "bashing" means complaint. [The IESG and other groups regularly have "Agenda Bashing" as part of the agenda. This agenda item means it is time to air complaints about the agenda.] Of course, Leibzon's message is no evidence of disruption. In fact, Anderson has raised only two complaints about DNSEXT chairs. One complaint is the instant RFC3979 non-compliance complaint, and one should note that Leibzon indicates his agreement with Anderson on that particular complaint. The other complaint involved an ad hominem attack made by the (former) DNSEXT chair Randy Bush on June 7, 2003: "Complaint on Inappropriate behavior by the Namedroppers Administrator" This complaint is well formed and substantiated. And Bush made other such attacks and in particularly engaged in repeated abuse of Dr. Dan Bernstein as documented at The Bernstein episodes are a disgrace to the IETF. Anderson has called for an apology to Dr. Bernstein, but this very simple request for honest civil behavior from the IETF has been rebuffed.

    The second message listed, while abusive, wasn't written by Anderson. The second message offers no evidence that Anderson is disruptive. This message was actually written by Steven Bellovin and will be addressed in more detail in another part of this response.

    It seems difficult to imagine that reasonable people would see these messages as evidence of nefarious disruption by Anderson. It seems
    these two messages are merely further proof of Kessens/Carpenter/Crocker's attempt to fabricate charges against Anderson.

  4. Claim of Personal Attack on Dave Crocker and Paul Vixie

    Personal attack on Dave Crocker (and attack on Paul Vixie) by Dean. In addition his message does not substantiate his earlier claims about IPR:

    This assertion of the PR-Action is a good example of the absurdityof Carpenter, Crocker, and Kessens' fatuous claims, and a rather transparent attempt to take a message out of context. Let's put it in context:

    Anderson's first message:

    Anderson's message is a well-formed, well-founded complaint about failure of the DNSEXT chairs to comply with RFC3979, as analyzed in section a above

    Then Crocker's message:

    Then we have Anderson's message which is listed in the complaint:

    As already noted, and plain when in context, Crocker's message has no relevance to the topic in first Anderson's message. It in merely an attack on Anderson. Crocker quotes a portion of parenthetical comment in Anderson's first message that introduces Anderson's credentials as a moderate on this issue:

    [Note: Not very long ago, I argued persuasively to a large and broad movement within the IETF seeking to have the IETF adopt an anti-patent position

    To which Crocker attacks

    i don't recall seeing evidence of the community's being persuaded.

    This is simply mean-spirited, spiteful remark that has no relevance to the topic of Anderson's message. Its an attempt to attack Anderson's credibility. Anderson has argued many times for moderate patent positions. Anderson has also argued to give proper credit to people who hold opposing positions, such as when Hadmut Danisch was denied proper credit on his RMX work. See Danisch's complaint of August 30, 2004:

    Even though Anderson disagreed with Danisch on the merit of the proposal, Anderson still sought to see that Danisch was properly credited: (this is a credit to Anderson's integrity.)

    While Spam issues don't seem to interest Kessens, Crocker is deeply involved in the subject of spam. Yet, Crocker did not offer Danisch any support nor assistance, nor even any criticism of those denying credit to Danisch. Crocker was completely silent. See also Anderson's messages: See for example Anderson work to accomodate pro-patent and anti-patent group at the IETF:

    Eric Raymond:

    Dean Anderson:

    Dean Anderson: Accomodate pro-patent groups: Or this next case where we find Anderson explaining what the Patent Office does right and wrong. While an extreme anti-patent view might argue that everything the Patent Office does is wrong, Anderson presents a moderate view:

    Anderson has a long and extensive reputation as a moderate as the President of the LPF, and in other roles. Crocker's message disrupts the germane discussion of a genuine complaint about IETF IPR policy and procedural compliance. There is nothing in Crocker's message besides spite. Anderson rather civilly refutes the claim (if taken seriously) that Anderson has not been persuasive on software patent issues.

    And furthermore, in actual fact, Anderson's claims about IPR policy and procedure are substantiated by RFC3979, as noted both in the original message by Anderson and the analysis in section a above. Crockers' message contains nothing of substance or relevance to that discussion. This is yet another example of the dishonesty contained in this PR-Action. The PR-Action description of this message is taken completely out of context. It is Crocker's message that is a personal attack and meant to be disruptive.

    Anderson's comments are strong, but relevant to the attack made by Crocker. Importantly, Anderson's message refutes Crocker's attack. The record shows that Crocker made no effort to assist Danisch nor any effort to correct the improper citations in the draft. Yet Crocker is deeply involved in this draft and IETF spam issues in general. These dealings with Danisch reflect on the integrity and honesty of Crocker, Vixie, the draft authors, and certain officials of the IETF.

    Regarding the assertion of a Personal Attack on Vixie. The cited message explains the plagarism complaint about Vixie in a footnote. The plagarism issue was substantiated at the time, and partially fixed. More is said about this below.

  5. Claim of Personal Attack on Steven Bellovin

    Dean launches a personal attack on Steven Bellovin:

    This assertion of the PR-Action is a yet another monument to the absurdity of Crocker/Carpenter/Kessens' claims. Again, it is a transparent attempt to take a message out of context. Let's put it in context:

    Anderson's first message:

    Anderson's message is a well-formed, well-founded complaint about failure of the DNSEXT chairs to comply with RFC3979.

    Then Crocker's message:

    As shown above, Crocker's message is an ad hominem attack on Anderson.

    Then we have Bellovin's message:

    Then we have Anderson's message which is listed in the complaint:

    Anderson's message is strong, but not unnecessarily offensive. Bellovin has an opportunity to correct his mistake. In the proper context, Anderson's message seems pretty self explanatory, and it is plain that Bellovin's message is at minimum an ad hominem by being disparaging and irrelevant. Bellovin's message says Anderson is wrong, but there is no explanation. Bellovin says "he [Anderson] is in his [Bellovins] kill file", which is also irrelevant and disparaging, and therefore an ad hominem. Bellovin's message, in context, is about as plain an example of a nasty, spiteful, and inappropriate message as one will ever see. And it is not a casual remark, but an official remark. It is absurd that Kessens/Carpenter/Crocker would have the nerve to complain about its criticism.

    The PR-Action asserts Anderson is "twisting Steven Bellovin's own words and smearing Steven Bellovin's reputation:" That is a very strong charge. Lets examine what it means to be professionally dishonest:

    Making a false, professional report to a professional society on the contents of a document that one hasn't read is professionally dishonest.

    We can ask several questions to establish whether Bellovin's message is professionally dishonest:

    1. Is is a professional report to a professional society? Or is it a casual remark? Bellovin says in his message:

      "Wearing my IPR WG hat and citing a product of that WG..."

      Bellovin essentially dons his "professional robes" as
      it were. It is an official message, in Bellovin's official role
      as a Working Group Chair, as a member of a professional society.
      It would seem to be a Professional Act. Its not a casual remark.

    2. Was the subject document read by the person reporting on its contents?

      Bellovin says:

      "I didn't see the original note -- if it was from whom I think it was, my killfile took care of that"

      Bellovin didn't read the note. The subject document wasn't read by Bellovin.

    3. Was the professional report to the professional society actually true?

      Bellovin writes in his message:

      "It wasn't -- he's wrong."

      Bellovin is referring to Anderson when he says "he's wrong". Bellovin means "Anderson's wrong". Bellovin means to agree with Crocker's ad hominem (above). So Bellovin is just as wrong as Crocker was.

      Later in the message Bellovin says:

      "but for a more authoritative description of the situation, see the first two paragraphs of Section 2 of RFC 3669."

      Below are the first two paragraphs of RFC 3669:

      This memo lays out a conceptual framework and rules of thumb to assist working groups dealing with IPR issues. The goal is to achieve a balance between the needs of IPR claimants and the implementers of IETF standards which is appropriate to current times. As part of trying to distill out principles for dealing with IPR in IETF working groups, it provides case studies of working group IPR treatment. In other words, it documents the running code of the IETF process.

      This memo does not describe IPR procedures for document authors or IPR claimants. Those are covered in two other memos, on submission rights [5] and IPR in the IETF [6]. Rather, this memo is for working groups that are trying to decide what to do about technology contributions which have associated IPR claims.

      RFC 3669 does not document the procedures which Anderson's quotes in his complaint. Footnote 6 of RFC 3669 indicates that RFC 3668 contains the procedures:

      [6] Bradner, S., Ed., "Intellectual Property Rights in IETF Technology", BCP 79, RFC 3668, February 2004.

      RFC3668 is is obsolete. It was superceded by RFC3979, which Anderson correctly quoted.

      RFC 3669 does not describe the situation in Anderson's complaint, and RFC 3668 is obsoleced by RFC 3979, which Anderson cited in his original message. If Bellovin had actually read Anderson's message, and checked his facts, he would have known that Anderson was right. So Bellovin's report was wrong about that as well.

    4. Was it an honest mistake?

      Honest people apologize for honest mistakes. This is especially expected when the "mistake" is disparaging. An honest person apologizes and says something like: "I'm sorry. I was wrong". Bellovin did not apologize nor make any effort to correct his mistake, despite several opportunities to do so. Further, the spiteful elements of the message suggest the message wasn't a civil, honest message in conception. Bellovin's message doesn't seem to be an honest mistake.

The analysis of Bellovin's statements reveals that Bellovin was professionally dishonest. And therefore, we can conclude that Anderson's criticism of Bellovin's professional honesty was correct and well-founded, and relevant to Bellovin's role as WG Chair in the IETF. So the charge of "twisting Steven Vellovin's own words and smearing Steven Bellovin's reputation" is incorrect. Anderson posted this message on the main IETF list, so Anderson's message was in the proper forum, and therefore ON-TOPIC. Anderson's message was not disruptive.

At this point, one might argue that Bellovin only meant to be disparaging, and didn't mean to dishonestly mislead the IETF. Indeed, Bellovin undoubtedly meant to be disparaging. Without question, Bellovin's dishonesty isn't on the same scale as, say, lying about 11 new stem cell lines. However, even so, Bellovin still used his official IETF position for disparagement and that is also official misconduct. Bellovin's misconduct is magnified and multiplied greatly by the attempts of senior IETF officials to cover up the misconduct, and attempt to use it to intimidate, threaten, and harass Anderson. Yet, that isn't all. Bellovin's action still the effect of preventing the proper application of IETF policy. Since September, 2005, the DNSEXT Working Group has not discussed the patent issues on the drafts identified in Anderson's complaint. Discussion of patent issues in compliance with IETF policy and working group procedures defined in RFC 3979 has been effectively suppressed through the misconduct of IETF officials. No IPR disclosure has yet (February 2006) been made with respect to the dnsext-ecc-key draft.

Anderson's message refutes Bellovin's claim that Anderson was wrong about IETF patent policy. So Anderson's message is relevant and ON-TOPIC. Likewise, Anderson's message about Bellovin's professional dishonesty is both substantiated, and relevant to the IETF, Anderson's message is therefore a valid complaint about bad behavior by Bellovin. Bellovin's behavior is serious official misconduct that violates numerous IETF and ISOC policies. Carpenter/Crocker/Kessen's charges in this matter amount to efforts to cover up Bellovin's misconduct and silence a valid complaint about non-compliance with IETF patent procedures and policies, which is even more serious official misconduct by even more senior IETF officials.

II. Offtopic Message Claim

This is really about discussing Root Server Operations on DNSOP. This is the most frivolous and fatous of the claims in this PR-Action, since it is explicitly refuted in the very first item of the DNSOP Working Group Charter.

This is the principle conflict with Kessens. Carpenter/Crocker/Kessens claims:

"Many of them are off topic for the IETF, since the IETF can only produce general technical recommendations for operators; it may not criticise individual operators or tell them how to conduct their business."

This statement is commonly true for most standards the IETF produces. But it is not true for Root DNS Operations and is false on several counts, to the point of being dishonestly misleading. In fact, the IETF can produce standards that address problem practices by DNS Root Server operators, and such standards can tell them how to correctly operate those root zone nameservers, particularly on the subject of Root DNS Anycast.

First, RFC 2870 explains the special relationship between Root DNS Server Operators and the IETF. In particular section 1.1 says:

1.1 The Internet Corporation for Assigned Names and Numbers (ICANN) has become responsible for the operation of the root servers. The ICANN has appointed a Root Server System Advisory Committee (RSSAC) to give technical and operational advice to the ICANN board. The ICANN and the RSSAC look to the IETF to provide engineering standards.

In order to "provide engineering standards", Root DNS Server operations have to be discussed by the IETF, somehow. RFC 2870 is further clarified, and its provisions given legal weight, by ICANN's Memorandum of Understanding (MoU). The MoU is a formalized agreement between ICANN and Root DNS Server Operators, as indicated by the model document found at The MoU is a definitive statement of responsibilities and obligations of ICANN and the Root DNS Server Operators. Together, RFC 2870 and the MoU give substantial influence to the IETF DNS-related working groups to specify engineering standards.

Second, the discussions on DNSOP frequently lead to technical specifications or standards for DNS operators. But engineering standards don't appear out of thin air. Plainly, before enginering standards can be produced, a problem must first be discussed. And so we arrive at the question of what IETF working group is appropriate for discussion correct operation of root zone name servers?. The DNSOP Working Group Charter provides the all-important clue. The charter of the DNSOP Working Group specifies the purpose and topic of the DNSOP Working Group. Its very first element specifies that Root DNS Server operation is a topic of the DNSOP Working Group:

"1. Define the processes by which Domain Name System (DNS) software may be efficiently and correctly administered, configured, and operated on Internet networks. This will include root zone name servers,"


  1. Publish documents concerning DNSSEC operational procedures

So, the DNSOP Working Group is indeed the appropriate forum in which to discuss the issue of DNS Root Anycast. Kessens is aware, or is expected to be aware, of both documents. Kessens' assertion above is plainly, and knowingly wrong. There is no language in which Kessens assertion could be true. In fact, the DNSOP Working Group can criticize Root DNS operations, and it can and has produced specifications that tell Root DNS Server Operators how to operate Root DNS Servers. And ICANN has even compelled Root DNS Server Operators to follow certain IETF standards. Not every member of the IETF or even the IESG members would necessarilly be aware of the extent to which the IETF can influence DNS Root Server Operations in the form of guidance and engineering standards. Why would Kessens mislead them? In light of the actual facts, Kessens/Carpenter/Crocker's statements are nothing less than untruthful in the most dishonest way possible. And the PR-Action is not a casual remark. It should be held to a high standard.

Detailed Analysis of "off-topic" claims in PR-Action:

Dean Anderson attacks a well known root name server operator and talks about uncontrolled corruption in the IETF:

There are two issues here. The issue of corruption will be addressed at the end of Section II. First we will address the assertion of "attacks [on] a well known root name server operator". As we have already reviewed the topic of the DNSOP Working Group, we can see that Anderson's message is ON-TOPIC, footnoted, and technically relevant criticism of Root DNS Anycast operation as it applies to DNSSEC.

Pattern of Deception about Root DNS Anycast Stability

Anderson's analysis of Root DNS Anycast flaws has been substantiated by data collection. Information on the flaws continues to be developed. The history of the Anycast controversy is being documented at We have developed information that shows that ISC and RIPE began selling services in 2002 and that ISC and RIPE-associated persons have made exaggerated and false claims about Anycast reliability. For example, we have discovered that Verisign (J root operator) found evidence that supported Anderson's claims, and recommended strongly in October 2004 that Anycast should not be used for stateful transport. (emphasis added. Capitalization of "DO NOT RUN" in original)

+ Expected to see a saw tooth distribution – instead have a noisy distribution in many cases + **Does not affect UDP** + **DO NOT RUN Anycast with Stateful Transport**

Kosters et al also noted that "3.69% of all traffic over three days was seen at two or more sites". This is a symptom load balancing described by Anderson. At the November 2004 RSSAC Meeting, the TCP problem is noted again: (emphasis added)

Anycast: - Paul Vixie

No new features, there is incremental growth with much the same architecture

Mark Kosters presents data from nanog on the "J" instance. Highights are:
unexplained jitter

TCP concerns - does not seem to affect UDP

Stay the course.

Mark Kosters: - still doing analysis to understand events

David Conrad: - any similar data from others?

Paul Vixie:- no - but may be due to the nature of the way we do anycast.

Lars Liman: - no - but we have not done the analysis.

Daniel Karrenberg: - our measurements for "K" do not see what "J"
has found.
- may be where we are looking from?

Akira Kato: - M is still evolving - no data as of yet

Bill Manning: - v6 anycast is an open issue, per previous agenda item

Daniel Karrenberg is participating in the RSSAC meeting where TCP concerns are again explicitly noted, and is explicitly noted that does not seem to affect UDP. Karrenberg does not reveal what kind of testing he performs when he asserts that "K [does] not see what "J" has found".

In February 2005, Randy Bush (the same Bush who attacked Anderson and Bernstein) disputed Verisign, claiming (incredibly) that (emphasis added)

"for almost a decade, there have been reports of successful
delivery of stateful services over anycast"

Bush does not cite any actual examples of stateful use. Searching for such use revealed that Patrick Gilmore responded to a question about "Anycast web servers" on Nanog in February 2004, but seems to have confused Anycast with a clustering failover method. In May 2005, Gilmore says on Nanog that Akamai doesn't do Http anycast. But Gilmore seems convinced it would work, if they tried it. Many such assurances made on Nanog have turned out to be baseless. For example, Nanog members made strong, confident assurances that Cisco GSR routers were architecturally incapable of Per Packet Load Balancing(PPLB), as described in RFC 1812 and Cisco documents. PPLB is a technology implementing RFC 1812 behavior that affects stateful Anycast, and in particularly, makes stateful Anycast globally unworkable. This cisco architecture claim was not only false, but in the GSR E2 series cards, PPLB is "all interfaces or none". It seems the "reports of successful delivery of stateful [anycast] services" are greatly exaggerated. But, plainly, the controversy is over stateful vs stateless Anycast. We note that RFC 1546 notes on page 5 that (emphasis added) "It is important to remember that anycasting is a stateless service." We found also Karrenberg (ISOC Trustee) reported information to RSSAC March 6, 2005: (emphasis added)

Randy Bush was invited to workshop at APNIC, and he had some comments about anycast DNS. Daniel Karrenberg has not been able to replicate what he has observed, but it could be because of where on the net it is happening. It's really mostly about routing, not dns. Still get answers, but get them from rapidly changing instances. There may be more data presented at the CAIDA/WIDE workshop.

In May 2005, Karrenberg makes a presentation to Nanog, citing DNSMON results. Karrenberg cites and links to Mark Koster's Verisign presentation, and Bush's APNIC presentation. Remember that Kosters cited problems with stateful services, and explicity stated that the problem didn't affect UDP. This was repeated at the RSSAC meeting. Yet Karrenberg apparently overlooks the fact that DNSMON only tests UDP.Karrenberg does not mention that only UDP testing has been performed in either the RSSAC meeting or the Nanog presentation, in spite of the explicit assertions of stateful controversy in 3 prior reports. Karrenberg specifically refutes that there is any problem whatsoever with DNS Anycast. Karrenberg writes: (emphasis in original)

This does not mean that anycast for DNS root service is unstable or broken.

Please do not spread this false rumor!

"False rumor" is very strong and significant claim. Karrenberg makes a very authoritative statement seemingly backed by research. But the presentation makes no mention of whether stateful or stateless testing was performed, and doesn't provide any specific description of what type of testing was performed. The presentation doesn't include data sufficient to make the claim that DNS root Anycast is safe. Nor is there sufficient data presented to prove that stateful Anycast flaws are false rumors. If stateful testing was performed, the presentation doesn't make it clear, and the most deferential statement is that the conclusion is overstated and unsupported. Even deferrentially, this is a significant criticism for a professional presentation. It appears from preliminary analysis of source code that the reason Karrenberg can't see Verisign's J-root data is because Karrenberg's DNSMON doesn't perform stateful tests. Anderson is awaiting follow-up information from RIPE, and has asked Karrenberg for clarification. If it is the case that DNSMON doesn't do stateful testing, then that fact would be very serious omission that completely changes the import of Karrenbergs research to the question of stateful anycast DNS root stability. More investigation is needed to resolve this question and that investigation is proceeding.

In summary, here is a roadmap:

  1. Kessens was formerly an employee of Karrenberg at RIPE. (see below)
  2. Along with ISC, RIPE is an early advocate of Anycast. Karrenberg notes the financial benefits in Section 4.
  3. July 7, 2004 Kessens reverses position to promote defamation of Anderson by ISC. (see below)
  4. September 30, 2004 John Brown attacks Anderson when Anderson raises Anycast concerns. Brown deceptively claims to have no association with ISC. Later, it is learned that Brown is a business partner of Suzanne Woolf. Brown also associated with RIPE, attending several RIPE meetings.(see below).
  5. October 2, 2004 Vixie makes a Personal Attack on Anderson. Wants Anycast discussion to stop.
  6. October 17, 2004 Kosters et al reports collecting actual data from Anycasted DNS Root Servers that indicates problems with stateful DNS Anycast.
  7. November 7, 2004 Karrenberg tells RSSAC that he doesn't see what Verisign sees.
  8. February 2005, Bush says stateful services delivered for years.
  9. May 2005 Karrenberg then jumps into this controversy about Stateful (TCP) vs Stateless (UDP) DNS. Makes claims of "false rumors", and asserts no stability issues with Anycast. Karrenberg does not present data that conclusive stateful testing was performed. Overstates his conclusions
  10. September 23, 2005 Kessens demands no discussion of Anycast problems (see below)
  11. September 23, 2005 Kessens threatens Anderson (see below)
  12. September 24, 2005 Kessens overlooks attacks on Anderson. (see below)

Given the actions of Kessens and his associates on the subject, there is a concerted effort to suppress discussion of the Anycast problem, and to personally attack anyone who tries to discuss the subject. The records, analysis, and data substantiate the legitimacy of Anderson's concerns about Root DNS Anycast and illuminate the illegitimate means employed to suppress that valid technical topic. Kessens misconduct is scrutinized in more detail.

September 23, 2005 Anderson notes that DNSSEC deployment is threatened by DNS Root Anycast. This is the cited off-topic message. As previously shown, this message isn't off-topic.

September 23, 2005, Kessens stridently threatens Anderson with PR-Action for talking about DNS Root Anycast problems.

Message by David Kessens to Dean Anderson that warns him not to bring up any issues he apparently has with a well known root name server operator:

As demonstrated at the beginning of this section, the discussion of DNS Root Server operation is ON-TOPIC for the DNSOP working group. Kessens has no authority to suppress discussion of topics that are specified in the DNSOP charter. This is an abuse of his authority. This is not a casual remark. It is an official message, and therefore should be held to a high standard.

Dean's response in which he reaffirms his accusations towards the well known root name server operator:

Kessens' mis-characterizes Anderson's message. Nothing is "reaffirmed". Rather, Anderson disputes that the subject is actually off-topic for this list. Anderson plainly has a right to contest Kessens' especially absurd assertion, and did so. There is nothing unreasonable in disputing Kessens assertion. Kessens' assertion has been plainly shown to be wrong. Absurdly wrong, in fact. Dishonestly wrong. But what is Kessens motivation for such mis-characterization in the PR-Action? There is a pattern here December 18, 2005, Anderson requests DNSMON Source code from RIPE. (private message to Henk Uijterwaal)

January 17, 2006, RIPE provides the source code to Anderson. (private message from Francesco Vivoli)

Let's look closer at Kessens message threatenng to remove Anderson's posting privileges. The full text is at


To avoid any misunderstandings: My message is an official warning to you that I will propose to the IESG to remove your posting privileges if I see one more abusive mail from you.


David Kessens

There is nothing abusive about Anderson's email. Kessens' message is plainly intimidation in violation of IETF policy. Note that it is David Kessens who made this threat. Yet recall that the PR-Action lists a different author: Dave Crocker. Why would Kessens/Crocker/Carpenter mis-lead the IESG and the IETF about who authored the PR-Action? The September 29, 2005 IESG teleconference minutes indicate that Kessens added the Agenda item, but then notes that Kessens asserts in the conference that it was Carpenter, not Kessens, who initiated the action. Carpenter then says an A.D. is needed to "shepherd this", and appoints Kessens. This presumably allows Kessens to attack Anderson during the IESG discussion, while Anderson does not see and cannot respond to these attacks. This is undue influence. This plainly doesn't qualify as 'Fair and Open Process', since Anderson's messages cited above are ON-TOPIC, the Kessens threat was unjustified, inappropriate, and a violation of Kessens' authority under RFC 2418. It is threat to use undue influence to intimidate Anderson. Why would Kessens conduct such an abuse? Only 2 hours later, after Anderson brought a complaint to the IETF about Kessens' threat, Kessens began to carry out his threat.

Kessens ignores an ad hominem attack by Bert Hubert even though Kessens is responsible A.D.:

[It might be well to note that "net-kooks" aren't generally well-documented, supported by facts and, and substantiated by both theory and actual test data that confirms theoretical analysis. This attack is very similar to the attacks launched by John Brown, who was later found associated with ISC and RIPE.]

So, in spite of Kessens' strident claims to the contrary, in fact, Anderson's messages are"ON-TOPIC" for the DNSOP list.Therefore, Kessens acted inappropriately in demanding that the ON-TOPIC discussion end.

Kessens abused his privileges as AD in first threatening, and then filing, a PR-Action.. None of these are casual remarks. These should be held to a high standard of professional honesty and integrity.

The preceeding has established that Kessens/Crocker/Carpenter are unreasonably wrong in fact about their claims of "off-topic" posting. But what sort of wrong have they committed? These are official statements, not casual remarks. Why does David Kessens so stridently make such an absurd claim several times? Next, we consider whether this an honest mistake.

Honest Mistake?

The absurdity of Kessens' claims suggests the answer is no. But lets consider the alternatives.

Is it possible that Kessens was ignorant of the DNSOP Working Group Charter? Is it possible Kessens was ignorant of the of the ICANN MoU? Or is Kessens deliberately trying to influence the discussion of important and relevant aspects of DNS Root Server operations for the financial gain of his associates?

Let us first consider if Kessens could be ignorant of the relevant RFCs and MoU: Kessens was employed by RIPE, as a "junior administrative staff member" from 1994 for at least several years. RIPE is a Root DNS Server Operator. Kessens has maintained his participation in RIPE, and DNS Root Server Operations. For example, in 2002, Kessens advocated to RIPE that RIR's "walk away" from ICANN during discussion of ICANN reform It is therefore fair to conclude that Kessens is or ought to be aware of the DNSOP charter and is or ought to be aware of the ICANN MoU. So Kessens is aware that discussion of Root DNS Server operations practice and DNSSEC are ;explicitly ON-TOPIC to the DNSOP Working Group and list. Further, Kessens continued this absurd claim even after his attention was explicitly directed to the DNSOP charter. Therefore, ignorance is not a defense that Kessens can use. Yet Kessens makes repeated and strident claims contrary to the DNSOP Charter. More illumination is found in Kessens' confidants and associates:

  1. Suzanne Woolf of ISC

    Kessens and Woolf attended the University of Southern California Information Sciences Institute. Both are listed as alumni of the Computer Networks Division. Woolf is the program manager at ISC promoting DNS Root Anycast. In 2003, she gave a presentation entitled "BGP4 Anycast for Root Name Service -- Threat or Menace?".

    Woolf is also the RSSAC liason to the ICANN board. The RSSAC is described in the ICANN bylaws: Woolf has a lot at stake in Root DNS Anycast, and as its most active promoter, significant interest in covering up any defects or flaws in Root DNS Anycast.

  2. John Brown, of Chagres Technologies, Inc.

    Brown founded Chagres Technologies with Suzanne Woolf. Brown and Woolf worked together at ICANN. Brown also attends RIPE meetings with Kessens and Karrenberg. Brown is found advocating ISC: Brown's involvement in the IETF is slight, and frequently involves ad hominems on those who oppose ISC, such as Anderson and Bernstein. Brown's other frequent topic is Root DNS Anycast.. Incidentally, during the entire year of 2002, Brown sent only 6 (six) messages to the DNSEXT WG: 2 messages attacked Dr. Bernstein. 3 messages advocated Anycast. Between 2002 and 2006, Brown posted a grand total of 8 (eight) messages to DNSOP: 3 messages involved Anycast, 4 involved an ad hominem attack on Anderson. This is an abuse rate of 50%. In September, 2004, Brown posted a message to the DNSOP list containing an ad hominem attack on Anderson regarding Root DNS Anycast.

    A Complaint was made:

    Although responsible, Kessens ignored this complaint.

    Brown also made the point of describing himself as a disinterested person. Brown wrote:

    I felt it important to reply as someone thats NOT in any shape fashion or form, ISC or its staff. I am somone that has done the engineering work to make a different letter work better via Anycast. Which letter, well that doesn't matter.

    This was another deception. It turned out that Brown was closely associated with Woolf. Woolf was a business partner in Brown's company Chagres Technologies and Brown worked with Woolf on the L root server.

It seems that Woolf/ISC/RIPE orchestrates the attacks by both Brown and Kessens. Recall that Kessens very first response to Anderson's complaint about email abuse by WG co-chair Rob Austein was positive. This first postive reaction was then reversed by Kessens. Almost like Kessens was caught "off guard of ISC/RIPE ". All subsequent messages by Kessens involving Anderson have been hostile to Anderson. Austein is employeed by ISC, along with Woolf.

Simultaneously, ISC has been advocating that DNS Root Anycast is both safe and uncontroversial. ISC is selling DNS Root Anycast services to ISPs. RIPE is also making such sales.Brown seems to be looking for work. Kessens is joined by RIPE and ISC associates and confidants in making false statements to protect this unsafe practice, and to prevent criticism of this practice. The coordination of attacks seems to preclude an honest mistake.

Corruption Allegations

The "talk" about corruption at the IETF is only disturbing because it is substantiated and because it is uncontrolled, even after it has been exposed. To be precise, lets review some defintions:

Definitions -- Black's Law Dictionary

Charitable Trust.

  • One in which property held by a trustee must be used for charitable purposes (advancement of health, religion, etc.). Fiduciary relationship with respect to property arising as a result of a manifestation of an intention to create it, and subjecting the person by whom the property is held to equitable duties to deal with the property for a charitable purpose.


  • As used in statutes prescribing the qualifications of public officers, trustees, etc., this term means soundness or moral principle and character, as shown by one person dealing with others in the making and performance of contracts, and fidelity and honesty in the discharge of trusts; it is snyonymous with "probity," "honesty," and "uprightness."

Fiduciary duty

  • A duty to act for someone else's benefit, while subordinating one's personal interests to that of the other person. It is the highest standard of duty implied by law (e.g. trustee, guardian).


  • Founded on a fiction; having the character of a fiction; pretended; counterfeit; Feigned, imaginay, not real, false, not genuine, nonexistant. Arbitrarilly invented and set up, to accomplish an ulterior object.


  • ... "a course of conduct directed at a specific person that causes substantial emotional distress in such person and serves no legitimate purpose" ...

Definitions -- Oxford English Dictionary


  1. The condition of having no part or element taken away or wanting; undivided or unbroken state; material wholeness, completeness, entirety.

  2. The condition of not being marred or violated; unimparired or uncorrupted condition; original perfect state; soundness.

  3. In a moral sense. a. Unimpaired moral state; freedom from moral corruption; innocence, sinlessness; b. Soundness of moral principle; the character of uncorrupted virtue, esp. in relation to truth and fair dealing; uprightness, honesty, sincerity.

We recall that the IETF is an activity of the ISOC, and that the ISOC is incorporated as a 503(c)(3) Tax Exempt Charitable Organization, with the purpose that it "shall be operated exclusively for educational, charitable and scientific purposes".

The preceeding portions of this document have provided substantial evidence of a recent pattern involving a failure of integrity including professional dishonesty and a lack of fair dealing that indicates corruption of integrity. However there are some additional incidents that serve to illustrate that this activity dates back several years. This is unfortunately not an exhaustive list.

DOS Attack on Dr. Bernstein

One particularly offensive incident involves Dan Bernstein. Dr. Bernstein is a well respected professor in the Mathematics Department at the University of Illinois at Chicago. Dr. Bernstein wrote a widely used DNS Nameserver implementation and is a prolific author of other software, and is otherwise a well respected academic and professional contributor. Yet he was attacked and abused by Paul Vixie on numerous occasions, and was abused by Randy Bush when Bush was in the IESG and system administrator of the DNSEXT WG mailing list. Bernstein documents this series of incidents at

Bernstein describes a number of abuses. Particularly disturbing are incidents that occurred in 2002. Dr. Bernstein uses a non-public subscription address that assists spam filtering and prevents forged unsubscriptions. Many email list software, including the one used by Bush, permit multiple post addresses. Dr. Bernsteins messages to the DNSEXT list are prefaced with this header:

[ post by non-subscriber. with the massive amount of spam, it is easy to miss and therefore delete mis-posts. your subscription address is, please post from it or fix subscription your subscription address! ]

Other non-subscriber messages to the DNSEXT list are prefaced with this header:

[ post by non-subscriber. with the massive amount of spam, it is easy to miss and therefore delete mis-posts. so fix subscription addresses! ]

By publishing the private subscription address, Bush makes it possible for Bernstein to be unsubsribed through a forged unsubscription, a known flaw to which the PSG software is vulnerable, if the private subscription address is known. Bush subsequently leaves the IESG and WG Chair positions without explanation.

Anderson mistakenly thought that Bush was removed as punishment. Harald Alvestrand, acting as IETF Chair, is almost proud that no official punishment or criticism is made of Randy Bush. Alvestrand writes in relation to a complaint made by Anderson:

I am sorry, but if you think your complaints had one iota of effect on Randy Bush's decision to leave the IESG, I think you are dreaming.

This also just a small sample of abuse by IETF officials against Dan Bernstein, and represents a failure of professional honesty and and indicates corruption of integrity .


After a complaint to the IESG, the citations were mostly but not completely fixed. However, it took a complaint to the IESG to achieve this resolution. The draft authors, the Working Group chair, and the A.D. failed to address the problem. This indicates an atmosphere where professional dishonesty is accepted and a lack of integrity is inconsequential. A draft is an official document. It is not a casual remark. It should be held to a high standard of honesty and integrity.

August 30, 2004 Hadmut Danisch: Plagarism complaint

August 30, 2004 Ted Hardie: Defends Vixie attribution Says earliest known work is Vixie. Hardie subsequently goes to work for Nominum, a company associated with Vixie. Hardie is the Area Director responsible for the draft.

August 30, 2004 Vixie: No complaints about SPF attribution

August 30, 2004 Anderson: Analyzes authorship claims by Vixie Record shows that Green's submission pre-dates Vixie's submission.

August 30, 2004 Nick Carter: Agrees with Anderson. Says Vixie is not contributor to SPF

August 31, 2004 Vixie: personal attack on Anderson and Bernstein Vixie supplies original message from Jim Miller. Message shows that Vixie did not write draft, but copied it from Miller. Vixie credits Miller for idea, but Miller submits entire manuscript that Vixie merely edits and then calls his own. If this were submitted as a University writing project, it would probably be grounds for expulsion. Vixie says idea did not come from Green, and "apologizes for the confusion". [in fact, it was said that Green's submission was prior to Vixie's.]

August 31, 2004 Vixie: says who he would trust about what can be done with DNS and SMTP This is seems to be an attack on Anderson and Carter.

September 1, 2004 Anderson: Jim Miller not Vixie orgination

September 1, 2004 Alvestrand: Plagarism of Hadmut Danish in SPF draft

Follow up: Green and Danisch were added to citations in the draft. But Miller is still not cited in Vixie is still cited as an originator instead of Miller. Ted Hardie is the Shepherding A.D. for this draft.

False Claims of Personal Attacks

Definition of "Ad Hominem"

"Ad Hominem" literally means "against the person". It is not acceptable in civil debate because it is a usually a fallacy. The fallacy is that some characteristic of the person has some logical relevance to the issue being debated. To qualify as an "ad hominem", two conditions are necessary:

  1. It must be personal.
  2. It must be irrelevant.

What isn't a personal attack:

  • Valid criticism is not a personal attack.
  • Valid complaint is not a personal attack. Rob Austein claims ad homina. Falsely mis-characterizes Andersons contributions. In the thread, Anderson points out flaws in assertions. In response to Anderson's criticism, advocates suggest trivial word substiutions and redefinitions which do not overcome the original flaws. Anderson points this out, and patiently analyzes every proposed change. Anderson does not repeat anything beyond that necessary to show the new proposal is insufficiently changed. Alvestrand objects to description of Personal Attack as "infantile", etc. Warns Anderson, but doesn't address abuse by Vixie.

Unfair Dealing

One of the most frequent abusers is Paul Vixie. A reveiw of email to the IETF main list revealed 14 attacks out of 147 messages total between March 27, 2003 and September 1, 2005 sent to the IETF main list. That's almost 10% of Vixies' messages are personal attacks. Vixie was not chastised once during this time. Vixie says response is to an "obvious troll from obvious spammer". Vixie present no evidence that either is true. Atkeilsky has merely (politely) disputed Vixie's assertions. Asserts that "troll" is appropriate because Atkeilsky disagrees with Vixie. IETF made up of "self-selected rabble and trolls" Personal Attack on Phillip Hallam-Baker Personal Attack on Dr. Dan Bernstein Personal Attack on JFC Morfin Personal Attack on Anderson Another Personal Attack on Anderson Another Person Attack on JFC Morfin Yet another unprofessional message Calls Av8 Internet "dv8", talks about SORBS. Says there are "irregularities in trust record". Says Av8 won't sue. Personal Attack on Anderson and Bernstein Personal Attack on Anderson and Carter. Disparages their advice on SMTP and DNS Another Personal Attack on Anderson. Wants to stop discussion of DNS Root Anycast.

Vixie is not the only abuser. There are more. This dishonestly unfair dealing that has been noticed by others:

III. External Disputes

We wish to make it clear that quarrels and disagreements between software suppliers, operators and the like have no place in the IETF and must be discussed and settled elsewhere.

While this seems like a reasonable statement, it is a rather disingenous statement of the actual facts. Suppose the Olympic Committee had said "The dealings of the French Judge are external." This wouldn't be credible. Similarly, there is absolutely no credibility to this claim because the abuse involves the violation of IETF rules on IETF lists by IETF participants and by IETF Officials. The assertion of "external disputes" is used as an excuse not to enforce RFC 3005, RFC 2026, and RFC 2418 and not to address disparagement and defamation of Anderson and others by particpants according to the policies of the IETF specified in RFC 3005 et al. It is also used as an excuse not to address disparagement and defamation of Anderson by IETF Officials, acting in their official IETF capacities. While perhaps some of the underlying issues are external to the IETF, many of the issues (Anycast DNS Root Server Operation, DNSEXT IPR disclosure, SpamOps draft) are absolutely not external to the IETF. The defamation and disparagement involves and is conducted by IETF officials, and takes place on IETF lists, in violation of IETF policies. Plainly, as this PR-Action demonstrates, the IETF is possessed of the means necessary to prevent abuse of participants by other participants according to IETF policy, and the IETF is also easily able to prevent defamation by IETF officials in their Offical IETF capacities.

No effort whatsoever has been made by the IETF to prevent damage to Anderson and Av8 Internet.

We've so far seen that

  • Disparagement by Vixie OK
  • More disparagement by Vixie OK
  • Attacks and abuse of Dr. Bernstein OK
  • Official, yet false, defamatory statements by WG Chair Austein OK (see below)
  • Disparagement by Crocker OK
  • Disparagement by Bellovin OK

Defamation by WG Chair Austein et al

The "external disputes" claim is strangely out of place in a PR-Action, and is yet another example of the absurdity with which Kessens and Crocker (and their associates) justify their own abuse of the IETF for the advancement of private interests. The IETF is being used by ISC et al for disparagement.

March 28, 2003 Alan Brown (the 3 time court-proven liar) says Anderson Stole IP blocks.

March 31, 2003 DNSOP WG Chair Rob Austein makes false charge of ad hominem: Austein is later employed by ISC/Vixie. It is unclear when Austein began employment with ISC.

May 21, 2003 SORBS/ISC repeats the claim:

The full listing is:

Netblock / 16
Summary The OSF doesn't exist anymore, making this hijacked.
Announced By [1784] Global NAPs Networks
Entry Created Wed May 21 11:51:29 2003 AEST
Record Updated Wed May 21 11:52:38 2003 AEST
Currently active and flagged to be published in DNS
Spam has not been received from this netblock.

SORBS is supported by ISC/Vixie et al, which provides hosting and nameservice.

``` 3600 IN A 3600 IN A
OrgName: Internet Systems Consortium, Inc.
OrgID: ISC-94


June 6, 2003, Paul Vixie starts trying to defame Av8 Internet to its customers. A complaint is made to the Namedroppers administrator. WG Chair Randy Bush responds with and ad hominem against Anderson.

May 10, 2004 A Complaint is made about the DNSOP WG Chair Rob Austein. Austein has changed his IETF contact address so that it sends email that says IP address blocks belonging to Av8 Internet and the Open Software Foundation is hijacked.

June 18, 2004 Kessens at first supports the use of IETF-administered email addresses to prevent email abuse:

Then, Kessens apparently changes his mind. Kessens dissembles, says Anderson/Av8 is not blocked from contacting Austein using email address on the DNSOP page. This is an entirely dishonest statement. Austein is still blocking Av8.

Anderson patiently corrects Kessens.

Kessens again says there is contact address for Austein that doesn't block Av8 Internet on the DNSOP WG page. In fact the page lsts, which blocks Av8 Internet. In fact, no change had taken place, either on the DNSOP WG page, or otherwise. Kessens assertion is blatantly false: Anderson has provided email bounces, ISC employee Joe Abley acknowldged the bounces and implied they served no purpose. While Kessens mistake might be merely corrected if made in a casual remark, Kessens is acting in his role as A.D. responding to a compliant. Kessens has a professional responsiblity to make a diligent effort to find out if mail is being rejected. Kessens plainly has made no such effort, and doesn't cite any evidence for his mistaken belief..

Rob Austein in his role as IETF WG Chair still tells Av8 Internet Customers falsely that Av8 Internet has stolen IP Address space. This is a provably false assertion in IETF role which the IETF and the ISOC have the ability to prevent through several means, including simply by requiring Mr. Austein to stop making this claim on his official IETF email accounts. Using the IETF role adds credibility to the false claims, and increases the damage to Anderson and Av8 Internet. Customers of Av8 Internet who receive such claims from IETF officials are much more likely to accept them as true.

The ISOC and IETF Activity possess the means to easilly prevent this damaging behavior and can disassociate itself from these statements if it were to choose to do so. While Mr. Kessens seemed at first to take a positive view of a reasonable solution to serious and well-founded complaint, Mr. Kessens' quickly reversed himself, began to dissemble, and from thereon was hostile to Mr. Anderson and Av8 Internet. The IETF and the ISOC have a legal duty to protect Dean Anderson and Av8 Internet from harm by IETF staff, and a duty to make true statements and to disassociate itself from false statements

Austein's statements are made on behalf of the IETF, in his official duties as WG co-chair. The officials of the ISOC IETF activity has previously been made aware of these false claims by its WG co-chair, yet the IETF refuses to cease and desist or dissociate itself from these false statements. Senior IETF officials responsible for halting this behavior have exhibited hostility and malice towards Anderson and Av8 Internet multiplying the distress and damages suffered as a result.

Dean Anderson and Av8 Internet now place the demand to halt this defamatory activity to stop before the IAB. We believe that the following summary of facts is true and easilly verified:

  1. Any person can obtain an Av8 Internet email account.
  2. Such a customer can go to the IETF web site, select the DNSOP WG page
  3. Click on the DNSOP WG Chair Rob Austein link to send email to the IETF DNSOP WG Chair.
  4. They will get a message back from the IETF DNSOP WG Chair (Mr. Austein) that the message sent to the IETF WG Chair was rejected because Av8 Internet's IP Addresses are hijacked. This is a provably false fact made by Mr. Austein on behalf of the IETF, in the course of IETF business
  5. Dean Anderson and Av8 Internet has become aware of this defamation and have made complaint to the supervisors of Mr. Austein at the IETF.
  6. The IETF activity of the ISOC has the means to prevent this defamation, as first noted by Mr. Kessens when the complaint came to him as the AD in Charge of Mr. Austein.
  7. Mr.Kessens, in his official role as Area Director for the IETF Operations Area, has shown hostility on several occasions towards Mr. Anderson and Av8 Internet, and this hostility is evidence of malice by the ISOC in defamation towards Dean Anderson and Av8 Internet.
  8. We believe that Mr. Austein has offices or residency in the State of Massachussetts, so therefore the ISOC conducts at least part of its business in Massachussetts, and that both Austein and ISOC are therefore subject to the laws of the State of Massachussetts.

IV. Offensiveness claim

Mr Anderson has repeatedly posted, before and since, on these and other IETF lists, messages that refer offensively to individuals or organizations [1].

RFC 3683 does not refer to "Offensiveness". Individuals differ on what is offensive. Many would find much of the behavior by Mr. Kessens, Mr. Crocker, Mr. Carpenter and their associates to be offensive. Many would find association with court-proven liars to be offensive. Many find plagarism offensive. Many find professional dishonesty offensive. However, there seems to be no procedure in the IETF to remove participants for such behavior. Further, perception of offensive tone over email is frequently wrong. RFC3683 does not provide for consideration . This is a technical point, as there is no basis for considering Anderson's messages offensive.

Offensive Behavior

Is it offensive to complain about someone else's bad behavior?

Is it offensive to report relevant facts established by a court?

IETF officials have duties and obligations, the failure of which is grounds for their removal. The ISOC ultimately controls the $2million dollar budget of the IETF. However, neither facts, nor procedures, nor rules, nor duties have prevented Kessens, Crocker, Carpenter et al from just making things up.

Response to claims in footnote 1 of the PR Action:

  1. Assertion of Attack on Bill Strahm, complaint of defamatory statements by Rob Austein

    "Personal attack on Bill Strahm and alleges that Rob Austein defames av8 Internet:"

    It seems we have already substantiated the allegation that Austein defames Av8 Internet. It is Kessens responsiblity and obligation to investigate allegations of wrongdoing by his subordinate WG chairs. It is up to Kessens to ensure that the integrity of the IETF and ISOC is advanced and not damaged. Rather than fullfill that obligation, Kessen merely complains that such complaints about bad bahaviors by WG Chairs are somehow inappropriate. Strahm is not directly under Kessens authority as Area Director.Stephen Sprunk supports the notion of email addresses

    IETF Policy: WG Chairs have to read offlist email

    RFC 2026 Section 6.5.1 says

    >  "A person who disagrees with a Working 
    >  Group recommendation shall always 
    >  **first discuss the matter with the 
    >  Working Group's chair(s)**, who may 
    >  involve other members of the Working 
    >  Group (or the Working Group as a whole) 
    >  in the discussion."

    Each Working Group page identifies the official off-list email addresses for the purpose of contacting the WG Chairs under RFC 2026 section 6.5.1.

    1. Austein has to follow this policy. Austein's failure to follow this policy is purely defamatory, and has not bonafide anti-spam concern.
    2. Strahm claims in defense of Austein that a WG Chair doesn't have to follow any rules on email. This message was quoted by Anderson. Strahm's position is contrary to RFC2026 Section 6.5.1, and RFC 2418 Section 6.1. Plainly, one cannot have an "open and fair process" if WG chairs are free to reject email from people they don't like.Anderson's message is a valid complaint about Strahm's performance .
    3. Austein in his role as DNSEXT WG Chair falsely claims that Av8 Internet has stolen IP Address Space. Messages from Austein in his official IETF mail account, on IETF business have been shown to the IETF management. These messages show intentionally, knowingly willfully false claims about Av8 Internet having hijacked IP address space. This claim is defamatory, and the IETF has repeatedly been made aware of the issue through a complaint process, and has been asked to cease and desist. Kessens' has ignored this complaint, and instead has falsely asserted that Austein isn't blocking Av8 Internet. This defamation and disparagement has caused harm to Anderson and Av8 Internet. The IETF officials and the ISOC bear legal responsibility is responsible for this damage.
    4. Strahm's involvement with abuse of Dr. Bernstein

    Anderson's message is "ON-TOPIC" for the IETF main list.

    Strahm's assertion that he doesn't have to read email is a violation of the policy in RFC 2026 section 6.5.1. Strahm view that he can act on his own terms is contrary to the clear obligation to serve the public trust. This episode demonstrates that there is no regard for serving the public trust. Recall the Black's Law Dictionary definitions:

    Charitable Trust

    >  One in which property held by a trustee must be used for charitable 
    >  purposes (advancement of health, religion, etc.). **Fiduciary 
    >  relationship** with respect to property arising as a result 
    >  of a manifestation of an intention to create it, and subjecting 
    >  the person by whom the property is held to **equitable duties** to deal with the property for a **charitable purpose**.

    Fiduciary duty

    >  A **duty to act for someone else's benefit**, while **subordinating
    >  one's personal interests** to that of the other person. It is the
    >  highest standard of duty implied by law (e.g. trustee, guardian).

    Compare with Strahm's claim:

    >  As a working group chair - I would refuse an e-mail account 
    >  that I am not allowed to spam control **on my own terms**.

    Strahm doesn't seem to think he has to act in anyone elses interests. Technically, the ISOC Trustee's have this duty, but to perform, they have to institute and enforce policies consistent with the ISOC corporate charter. They have a duty to make sure IETF officials comply with these policies.

    We see from RFC 2026 section 6.5.1 that WG chairs have to receive email. The email address on the WG page is there for a reason. The 'spam filtering' is a red-herring. Spam to personal addresses would not be any worse than it is for the email lists that the IETF already runs. The IETF email lists and other WG Chairs have no serious problems. Austein's SORBS blocking isn't a legitimate anti-spam activity, as evidenced by the lack of integrity of that site and its contributors. "Spam Control" is merely a code phrase that means they will only deal with the people they want for their own interests. Strahm, Austein, Kessens et al don't acknowledge that they have any duties whatsoever to deal with the property of the ISOC (that is, the drafts produced by the IETF Working Groups which are copyright ISOC) for any purpose other than their own terms or interests, and say just that.

    The ISOC trustees have a fiduciary duty to make sure that these policies are followed.

  2. IETF Harassment? Stephen Sprunk untrustworthy? Kessens in charge of DNSEXT?

IETF management is accused of harassment and it is stated that Stephen Sprunk is untrustworthy (end of message). In addition, the message implies that David Kessens is the responsible Area Director for dnsext, while this working group is part of the INT area:

  1. IETF Harassment

    The allegation of harassment by the IETF management has been substantiated in previous sections of this document.
  2. Stephen Sprunk

    Sprunk writes:
    > It appears that Dean is alleging that DNSSEC will cause queries 
    >  to the roots to be fragmented or to be transmitted over TCP, 
    >  thus invalidating the exception which allows root server operators 
    >  to use anycast. While I admit to not having followed the DNSOP 
    >  list, I've seen no substantiated claims so far that indicate 
    >  DNSSEC will cause queries to exceed the minimum MTUs for IPv4 
    >  and/or for IPv6 [2].
    >  [...]
    >  [2] I have seen misguided operators set **MTUs below 
    >  200 bytes**, but **my position is** that 
    >  these people deserve what they get in such cases. **We 
    >  cannot cater to deliberately broken implementations.**
    Anderson write back:
    > Your opinion of "deliberately broken" may not be shared by 
    >  everyone. This is why we have standards that set things like 
    >  minimum MTU. But your attitude and disregard for standards reveals 
    >  a lot.
    > Fortunately, we realized long ago that people like Stephen 
    >  Sprunk couldn't be trusted to run root DNS servers however they 
    >  thought right, to the detriment of those they thought "broken". 
    >  So we've had standards (RFC2870) for operation of root DNS servers. 
    >  This may be the only IETF RFC that someone actually MUST comply 
    >  with, and can't ignore if they please.
    Anderson's message seems perfectly straightforward. But lets analyze it in more detail: Sprunk says that MTU's below 200 are misguided, and that its his position that "we can't cater to deliberately broken implementations". Sprunk says this in the context of DNS Root Server Operators behavior. So, are MTUs below 200 "deliberately broken"?
    RFC791 states on page 25:
    >  Every internet module must be able to forward a datagram 
    >  of 68 octets without further fragmentation. This is because an 
    >  internet header may be up to 60 octets, and the minimum fragment 
    >  is 8 octets.
    The answer is no: they are not "deliberately broken". Such MTUs are perfectly valid, if you intend to conform to RFC791, which is presently the standard definition of IPV4. How does this relate to DNS Root Server operators? Root Server Operators have an obligation to provide services to everyone: RFC 2870 Section 2.2 says
    >  2.2 Each server **MUST run software which correctly 
    >  implements the IETF standards for the DNS,** currently 
    >  [RFC1035] [RFC2181]. While there are no formal test suites for 
    >  standards compliance, the maintainers of software used on root 
    >  servers are expected to take all reasonable actions to **conform 
    >  to the IETF's then current documented expectations**.
    Ordinary people can ignore RFC's if they want to. But Root Server Operators can't. They signed an agreement that says they will comply with RFC 2870, and that the IETF will oversee the technical requirements.
    >  2.6 **Root servers MUST answer queries from any 
    >  internet host**, i.e. may not block root name resolution 
    >  from any valid IP address, except in the case of queries causing 
    >  operational problems, in which case the blocking SHOULD last only 
    >  as long as the problem, and be as specific as reasonably possible.
    So DNS Root Server operators cannot take the opinion Sprunk has that 68 byte MTUs are "deliberately broken". Nor can they capricously decide on their own opinion that something that complies with IETF standards "deliberately broken". But Sprunk fails to appreciate this fact. Therefore, he is unsuitable as a root server operator because it is likely that he might take rash action on issues that are in his opinion "deliberately broken", but in fact are standardized behavior. This makes Sprunk untrustworthy to be a root server operator. [It is not Anderson's position that 68 byte MTUs (which are rare) cause the Anycast problems. Any size fragment requires reassemblly state similar to TCP. If one fragment is delivered to a different server, the request is lost, and reassembly resources consumed on the server, affecting performance. . DNSSEC also causes servers to send larger packets, which might be subject to PMTU Discovery.]
  3. Kessens and DNSEXT

    Anderson wrote:
    >  Back to controversies: Just recently, the DNSEXT chairs 
    >  also tried to violate the patent policy of the IETF by suppressing 
    >  discussion, and failing to obtain disclosure statements. This 
    >  is another valid complaint, which is also under the supervision 
    >  of David Kessens. Plainly, the DNSEXT WG Chair doesn't really 
    >  appreciate my contribution to adhering to IETF policy. Kessens' 
    >  has so far ignored the complaint, except to try to prevent me 
    >  from posting, on a frivolous claim.
    True: Kessens isn't in charge of DNSEXT. Anderson made a mistake. Mark Townsley and Margaret Wasserman are the Area Directors in charge of DNSEXT WG. Unlike many others, Anderson admits and corrects mistakes. Of course, as an IESG member, Kessens has an inherent obligation to see that IETF policies are adhered and applied. Kessens at minimum, still failed his obligations to ensure that IETF policies were followed.


The ISOC has serious problems with its IETF Activity. Serious questions are raised regarding the professional integrity and conduct of several IETF officials as well as the integrity of IETF Drafts. The IETF, IAB, and ISOC need to take steps to find out how this happened and take corrective action so as to preserve the reputations of others who are involved in the IETF. The first step is to annul the IESG action against Dean Anderson.


IESG Minutes September 29, 2005 found at

PR Action found at

IESG Minutes found at

IESG Evaluation found at

RFC 3683, "A Practice for Revoking Posting Rights to IETF Mailing Lists"
March 2004

RFC 2418, "IETF Working Group Guidelines and Procedures", September

RFC 3005 "IETF Discussion List Charter", November 2000

RFC 2026 "The Internet Standards Process -- Revision 3", October

RFC 3184 "IETF Guidelines for Conduct", October 2001

RFC 3934 "Updates to RFC 2418 Regarding the Management of IETF Mailing

Internet Society (ISOC) Articles of Incorporation

Internet Society Bylaws

Internet Society Conflict of Interest Statement