ELEGY working group, IETF 115
Wednesday, 9 Nov 2022, 15:00 UK time
Chairs: Barry Leiba, Michael Richardson
meetecho: https://wws.conf.meetecho.com/conference/?group=elegy
note takers: Michael Richardson
about 13 people present
Agenda:
No changes to agenda.
Discussion of draft (80 min)
a. Discussion stemming from Robert's message
https://mailarchive.ietf.org/arch/msg/eligibility-discuss/Z3wWpCXGOxIJyPXLJBllYOdhTRE/
about
Right now, the datatracker has a very poor idea of when
someone stops being a chair (or stops being in any other role).
It has to be inferred, and it can infer incorrectly.
(and also comments in:
https://mailarchive.ietf.org/arch/msg/eligibility-discuss/wK0_Em1Nu4cGeAx-P8O6o6TgirI/)
b. Discussion of Donald's comments
https://github.com/ietf-wg-elegy/rfc8989bis/issues/9
MikeStJohns: if this turns into a meme, and thousands of people start
attending virtually, then there will be notice to people.
Robert: we'll see this immediately after one meeting with the fee
waiver process, and we won't have to wait three meetings to see this. If
it is taxing our resources the we will have time to respond.
Martin: we could add some non-normative text to this effect to the
Security Considerations.
Resnick: this doesn't go on for longer than one meeting, and we have the
better part of a year to fix it, if it needs fixing. We could also play
with the criteria for remote attendance, maybe including some other Path
criteria, or....
Barry: suppose someone came in because of QUIC, ... spent three years
working on the QUIC documents? Would you want this person to become
nomcom eligible because of participating in the single working group?
Resnick: not sure
Robert: let's not consider the situation where we actually check if
people are actually present.
Resnick: it's not that amount of time is a good criteria, but rather
that the gameability of actually being physically present. But clicking
into a remote meeting and then clicking out is almost free.
Robert: think about all the software that has come into the world which
is to see if kids are in school...
Lars: nomcom process has a staggered set of defenses, including a
confirmation process... it's a PITA, and it causes delays, but...
Martin: 1) not long ago we didn't have remote participation fees, and
we might go back to that. 2) there is the actual threat model and
someone is trying to take over the nomcom, 3) what is a good nomcom
member?
Are people comfortable with the DoS problem, or can we go onto the
quality of member problem?
Dean: what about people who participate in one area? Was in OPS/MGMT,
and was a nomcom member. In participating in that area, I learnt about
the problems that the OPS/MGMT had, and wanted to deal with it. One WG
might be too limiting, but working across an area one can contribute
usefully.
With the new software/DT, we can know if a nomcom member participated
in multiple groups.
Rich: there are a number of challenge mechanisms that exists, and
corrective actions that can be taken. But, we could create some new
challenge criteria... "are all the people from org-X just
sock-puppets"... maybe we need a longer challenge period for the
volunteer list.
TedHardie: we are missing a bit of the thread model, which is
functionally related to a threat in a different SDO... a different
organization was sent to garner votes... a company volunteer to work in
the IETF and serve in the nomcom... what counts as "work"? The related
situation is "sock-puppets", for a single individual to sign up three
times in a row... such that nobody could figure out which one was the
real one.
MCR: could they occupy multiple seats?
TedHardie: No. Instead of 1-in-n, to 20-in-n. Some of it is a new
enough attack, and so our defenses might not be well enough tested
(yet).
Martin: that threat is less catastrophic, but perhaps more likely. That
situation is problem more easily surived. (ACTION: add to SC)
Mirja: our process isn't designed to make it more expensive, but rather
than make sure that people were familiar with the community. We should
rethink the criteria, and maybe we should have some people with some new
viewpoints/eyes. Well, we might get people who are all new, but that is
very unlikely, since people would not volunteer.
Ted: disruptive is more the issue than persuasive.
Dean: there is another problem where people show up for voting in the
nomcom, but do not participate in the process itself, and this has
occured for him in the past. If you don't work, it does not matter
Barry: that is out-of-scope for the WG.
Donald: we had a deadwood member, not even sure they voted,... and
nomcom can expel a member.
Dean: maybe in the criteria we would do more work to make sure that
they really willing to work.
MsJ: if we had to get rid of the deadwood member, we were already down
one, so that would be more difficult. Maybe the bandwidth affects the
ability of the nomcom to get its work done. Maybe only two remotes? Or
something like that.
Lars: the urgency comes from having two online-meetings in the past.
The nomcom will have a small pool... but it's a option to retreat to the
absolute minimum bug fix. If the cheap remote participation changes
things.... that's a different kind of problem.
Robert: I don't think we want another patch... only if we are really
stuck. It's within our grasp to do something that will be long-lasting.
MsJ: how many voting members of this nomcom are actually at IETF115?
Rich: we have four that are not present... they are all in China, and
they are being accomodating with video... the video tool is amazing.
TedHardie: believes the benefit outweigh the risks... anything we can do
to keep this to be an open process. Then participation is encouraged.
Give the timeline issue, that we go ahead with this, and we say that
there is some additional defense in depth are required, and then ask
re-charter. That gives us a nomcom cycle in which we have to endure the
risks.
Donald: it seems that it is not common that we have to have virtual
meetings because of pandemic.
Consider that in this attendance requirement that if there were physical
meetings, you have to have attended one.
Barry: one of the long-term effects of pandemic is that people regard
remote participation as a normal thing.
Robert: there are large companies that have sent many people to the
IETF, and those companies are not going to be sending them anymore. It's
big, and it's real... and our remote participants need to be empowered
as much as the people who are in the room.
Eliot: our (Cisco) participation is down in person, but we have people
attending remotely.... there are value to the people participating in
person that was discussed on a walk... Tend to agree with Ted that we
need to do this in two stages... I see tension between Robert and Lars,
and concern about how many times we iterate on tooling...
Robert: robert was not talking about tooling, thinks we can solve
things.
Eliot: will be remote more often and we have to be a little easier on
the planet.
Resnick: there are participants... not just open and fair, but for
getting a better quality of pool member, ... as our community ages and
becomes infirm, it would be nice if they could participate in the
nomcom.
Lars: the key word is participant... not worried about remote
participants who are doing work.
Lars: The threat is outsiders stuffing without intention to participate
in good faith. How do we exclude that risk?
Martin: cost/benefit of bigger and smaller pools... if the volunteer
pool is too small, then the math breaks down.... and it's possible to
capture with a smaller number of people.
Has a bunch of notes to file as issues for SC.
Regarding ... "path 1", is there an instrumental and reasonable
criteria that we could add?
Barry: lets leave that question open for now.
Dean: want to check with Pete, would like Ned to participate even
though he is no longer with us?
(clarified that we wished that he could have, before he passed away)
Suggests that the criteria for nomcom chair should be changed... to
people who can really lead it. (Not in charter)
Barry: too wrapped in concern about wrong people on the nomcom, but
things have changed... the nomcom is not expected to know everyone. The
concern that we might pick nomcom voting members that do not know
eeryone is longer as big a concern.
THere have even be non-nomcom eligible people who wanted to serve, and
the nomcom has seen through them.
Martin: is it true that we can't insert a challenge step?
Barry: if we can figure out how to insert it into 4.4, then we cna do
it.
Klensin: that we include people who really represent the community, so
people who only attend one WG should be excluded. (joke about dead
people on nomcom)... concerned that if we spend too long worry about
attacks, that we might not get the people we weant.... The datatracker
expects all authors to be alive.
Martin: no consensus to change path 1, no alternatives to path 1
https://github.com/ietf-wg-elegy/rfc8989bis/issues/10
path2: WG chairs.
Dean: asks about nomcom chair's secretary... (not in scope)
Rich: secretaries are like bigfoot, you rarely see them... so not worth
seeing
MCR speaks about secretaries being no longer able to travel.
Barry would we imagine that anyone would be appointed would not be
people who we want on the nomcom?
Klensin: observe the opposite that secretaries are learning, and we
don't want them.
Lars: disagree, but sometimes we hire secretaries because we can't fire
the chairs.
the chair can't do it in the DT, so the AD has to be involved
Donald: there are secretaries who are great, but others who will not,
and they will qualify via other paths. Not sure gaming the system is
supposed to matter.
Resnick: worry about overanalyzing what makes a good quality nomcom
member. Lots of people who qualify otherwise and were lousy nomcom
member.
Michael says that does not want to consider "otherwise qualify"
Eliot: suggestion was made to look at the term of service.... that's
something to start on an issue list for a next document. ... doesn't
seem that hard. Think about for next document.
Lars we don't need so many details... does 5 secretaries count 5x?
Eliot says, "like a month"
MARTIN's major work is to work on the Security Considerations.
Path 1 concerns could be mitigated by SC changes.
Robert: Consider setting a deadline
c. Other issues?