ELEGY working group, IETF 115 Wednesday, 9 Nov 2022, 15:00 UK time Chairs: Barry Leiba, Michael Richardson meetecho: https://wws.conf.meetecho.com/conference/?group=elegy note takers: Michael Richardson about 13 people present Agenda: 1. Administrative / status review (5 min) https://www.ietf.org/about/note-well/ Be nice to each other. No changes to agenda. 1. Discussion of draft (80 min) a. Discussion stemming from Robert's message https://mailarchive.ietf.org/arch/msg/eligibility-discuss/Z3wWpCXGOxIJyPXLJBllYOdhTRE/ about Right now, the datatracker has a very poor idea of when someone *stops* being a chair (or stops being in any other role). It has to be inferred, and it can infer incorrectly. (and also comments in: https://mailarchive.ietf.org/arch/msg/eligibility-discuss/wK0\_Em1Nu4cGeAx-P8O6o6TgirI/) b. Discussion of Donald's comments https://github.com/ietf-wg-elegy/rfc8989bis/issues/9 MikeStJohns: if this turns into a meme, and thousands of people start attending virtually, then there will be notice to people. Robert: we'll see this immediately after one meeting with the fee waiver process, and we won't have to wait three meetings to see this. If it is taxing our resources the we will have time to respond. Martin: we could add some non-normative text to this effect to the Security Considerations. Resnick: this doesn't go on for longer than one meeting, and we have the better part of a year to fix it, if it needs fixing. We could also play with the criteria for remote attendance, maybe including some other Path criteria, or.... Barry: suppose someone came in because of QUIC, ... spent three years working on the QUIC documents? Would you want this person to become nomcom eligible because of participating in the single working group? Resnick: *not sure* Robert: let's not consider the situation where we actually check if people are actually present. Resnick: it's not that amount of time is a good criteria, but rather that the gameability of actually being physically present. But clicking into a remote meeting and then clicking out is almost free. Robert: think about all the software that has come into the world which is to see if kids are in school... Lars: nomcom process has a staggered set of defenses, including a confirmation process... it's a PITA, and it causes delays, but... Martin: 1) not long ago we didn't have remote participation fees, and we might go back to that. 2) there is the actual threat model and someone is trying to take over the nomcom, 3) what is a good nomcom member? Are people comfortable with the DoS problem, or can we go onto the quality of member problem? Dean: what about people who participate in one area? Was in OPS/MGMT, and was a nomcom member. In participating in that area, I learnt about the problems that the OPS/MGMT had, and wanted to deal with it. One WG might be too limiting, but working across an area one can contribute usefully. With the new software/DT, we can know if a nomcom member participated in multiple groups. Rich: there are a number of challenge mechanisms that exists, and corrective actions that can be taken. But, we could create some new challenge criteria... "are all the people from org-X just sock-puppets"... maybe we need a longer challenge period for the volunteer list. TedHardie: we are missing a bit of the thread model, which is functionally related to a threat in a different SDO... a different organization was sent to garner votes... a company volunteer to work in the IETF and serve in the nomcom... what counts as "work"? The related situation is "sock-puppets", for a single individual to sign up three times in a row... such that nobody could figure out which one was the real one. MCR: could they occupy multiple seats? TedHardie: No. Instead of 1-in-n, to 20-in-n. Some of it is a new enough attack, and so our defenses might not be well enough tested (yet). Martin: that threat is less catastrophic, but perhaps more likely. That situation is problem more easily surived. (ACTION: add to SC) Mirja: our process isn't designed to make it more expensive, but rather than make sure that people were familiar with the community. We should rethink the criteria, and maybe we should have some people with some new viewpoints/eyes. Well, we might get people who are all new, but that is very unlikely, since people would not volunteer. Ted: disruptive is more the issue than persuasive. Dean: there is another problem where people show up for voting in the nomcom, but do not participate in the process itself, and this has occured for him in the past. *If you don't work, it does not matter* Barry: that is out-of-scope for the WG. Donald: we had a deadwood member, not even sure they voted,... and nomcom can expel a member. Dean: maybe in the criteria we would do more work to make sure that they really willing to work. MsJ: if we had to get rid of the deadwood member, we were already down one, so that would be more difficult. Maybe the bandwidth affects the ability of the nomcom to get its work done. Maybe only two remotes? Or something like that. Lars: the urgency comes from having two online-meetings in the past. The nomcom will have a small pool... but it's a option to retreat to the absolute minimum bug fix. If the cheap remote participation changes things.... that's a different kind of problem. Robert: I don't think we want another patch... only if we are really stuck. It's within our grasp to do something that will be long-lasting. MsJ: how many voting members of this nomcom are actually at IETF115? Rich: we have four that are not present... they are all in China, and they are being accomodating with video... the video tool is amazing. TedHardie: believes the benefit outweigh the risks... anything we can do to keep this to be an open process. Then participation is encouraged. Give the timeline issue, that we go ahead with this, and we say that there is some additional defense in depth are required, and then ask re-charter. That gives us a nomcom cycle in which we have to endure the risks. Donald: it seems that it is not common that we have to have virtual meetings because of pandemic. Consider that in this attendance requirement that if there were physical meetings, you have to have attended one. Barry: one of the long-term effects of pandemic is that people regard remote participation as a normal thing. Robert: there are large companies that have sent many people to the IETF, and those companies are not going to be sending them anymore. It's big, and it's real... and our remote participants need to be empowered as much as the people who are in the room. Eliot: our (Cisco) participation is down in person, but we have people attending remotely.... there are value to the people participating in person that was discussed on a walk... Tend to agree with Ted that we need to do this in two stages... I see tension between Robert and Lars, and concern about how many times we iterate on tooling... Robert: robert was not talking about tooling, thinks we can solve things. Eliot: will be remote more often and we have to be a little easier on the planet. Resnick: there are participants... not just open and fair, but for getting a better quality of pool member, ... as our community ages and becomes infirm, it would be nice if they could participate in the nomcom. Lars: the key word is participant... not worried about remote participants who are doing work. Lars: The threat is outsiders stuffing without intention to participate in good faith. How do we exclude that risk? Martin: cost/benefit of bigger and smaller pools... if the volunteer pool is too small, then the math breaks down.... and it's possible to capture with a smaller number of people. Has a bunch of notes to file as issues for SC. Regarding ... "path 1", is there an instrumental and reasonable criteria that we could add? Barry: lets leave that question open for now. Dean: want to check with Pete, would like Ned to participate even though he is no longer with us? (clarified that we wished that he could have, before he passed away) Suggests that the criteria for nomcom chair should be changed... to people who can really lead it. (Not in charter) Barry: too wrapped in concern about wrong people on the nomcom, but things have changed... the nomcom is not expected to know everyone. The concern that we might pick nomcom voting members that do not know eeryone is longer as big a concern. THere have even be non-nomcom eligible people who wanted to serve, and the nomcom has seen through them. Martin: is it true that we can't insert a challenge step? Barry: if we can figure out how to insert it into 4.4, then we cna do it. Klensin: that we include people who really represent the community, so people who only attend one WG should be excluded. (joke about dead people on nomcom)... concerned that if we spend too long worry about attacks, that we might not get the people we weant.... The datatracker expects all authors to be alive. Martin: no consensus to change path 1, no alternatives to path 1 https://github.com/ietf-wg-elegy/rfc8989bis/issues/10 path2: WG chairs. Dean: asks about nomcom chair's secretary... (not in scope) Rich: secretaries are like bigfoot, you rarely see them... so not worth seeing MCR speaks about secretaries being no longer able to travel. Barry would we imagine that anyone would be appointed would not be people who we want on the nomcom? Klensin: observe the opposite that secretaries are learning, and we don't want them. Lars: disagree, but sometimes we hire secretaries because we can't fire the chairs. *the chair can't do it in the DT, so the AD has to be involved* Donald: there are secretaries who are great, but others who will not, and they will qualify via other paths. Not sure gaming the system is supposed to matter. Resnick: worry about overanalyzing what makes a good quality nomcom member. Lots of people who qualify otherwise and were lousy nomcom member. Michael says that does not want to consider "otherwise qualify" Eliot: suggestion was made to look at the term of service.... that's something to start on an issue list for a next document. ... doesn't seem that hard. Think about for next document. Lars we don't need so many details... does 5 secretaries count 5x? Eliot says, "like a month" MARTIN's major work is to work on the Security Considerations. Path 1 concerns could be mitigated by SC changes. Robert: Consider setting a deadline c. Other issues? 1. Are we ready for last call? / AOB (5 min)