Hacker News new | past | comments | ask | show | jobs | submit login

> The IRTF and IETF have always welcomed participation by all, […]

As I wrote previously¹: “We have a tacit assumption that all participants have realized that better standards (and strong crypto, more secure systems) will lead to the betterment of all. This is the default assumption.

However, now that the U.S. government, and the NSA and its collaborators in particular, have been shown to explicitly not have this goal – in fact, their goal has been to strive for less secure systems and more difficult standards ­– what should be done? The logical thing to do is to exclude any person or organization revealed to have an agenda explicitly contrary to the group.

Having an all-inclusionist policy is “Geek Social Fallacy #1”². This case illustrates why you cannot let an inclusionist policy be all-overriding. Toxic people and representatives of explicitly adversarial organizations cannot be allowed to participate in, and thereby sabotage, both the work and goodwill of a committee.

1) https://news.ycombinator.com/item?id=6945314

2) http://www.plausiblydeniable.com/opinion/gsf.html




There is a shadow of McCarthy's red scare in the suggestion that no NSA affiliated people be allowed to participate.

How would you determine if a participant had affiliation? How many degrees of separation must there be before a person is trustworthy in their neutrality?

As well, it would require an approval process for new participants, closing the working groups. Even should the folks decide to abandon the current model of participation, how would you determine someone new wasn't affiliated, and who has the right to decide who is trustworthy?

It's argued often here that extreme transparency is the cure for shadowy practices, and I don't think it gets much more transparent than group review of any changes to any specs.

To expect that excluding publicly aligned NSA folks would solve any problem is fool-hearty, given that it's an intelligence agency and I'm sure fully capable of installing clandestine participants.

Therefore, I would argue that exclusion is very much an illogical choice. The logical thing to do here would be to increase scrutiny on any changes.

(To note, this comment is not about removing the co-chair privileges from Igoe; if the position is really as powerful as some say, yeah let someone else do it. I'm just saying don't start suggesting people be banned from participating).


> There is a shadow of McCarthy's red scare in the suggestion that no NSA affiliated people be allowed to participate.

The analogy is so stretched as to be meaningless. At least as it refers to the McCarthy portion of the Red Scare, the objectionable portion were: targeting participation in purely domestic political groups, and falsely accusing people of affiliations they didn't have.

It wouldn't be at all objectionable to exclude from employment with the State Department or Army people who were actively openly affiliated with organizations directly sponsored by the Soviet Union. (Though acting in movies presents a different question.)

Likewise, it makes no sense for a standards group to be chaired by a person openly and actively affiliated with an organization which has as a goal subverting those very standards.


This really isn't that hard to understand:

1. Banning persons with open affiliations encourages people to hide their affiliation with those organizations. 2. Then, banning persons with supposed affiliations encourages abuse of the banning process.


Exactly. Comparing the excluding of openly hostile entities to McCarthyism is exactly Geek Social Fallacy #1: “Ostracizers Are Evil”.


I was simply proposing the obvious step of not allowing explicitly hostile forces into a group. If the hostile forces then choose to disguise themselves, so be it. But to let them in knowing they are hostile seems stupid.

I grant you that closing mere participation by having pre-screening is probably an unworkable and too costly a step; costly in more ways than one.

I still feel we ought not let them chair the committe, though. I mean, the NSA heading a committee working on publicly available crypto? It’s an oxymoron and a contradiction in terms. It’s the fox guarding the hen house.


It's a little early to be making a slippery slope argument. This is about employees of an organization that has actively worked to subvert similar related processes.


>There is a shadow of McCarthy's red scare in the suggestion that no NSA affiliated people be allowed to participate.

Umm .. there's more than a shadow of fascist totalitarianism in the NSA. I think there is ample evidence to demonstrate that this group is destroying USA. Really!


Maybe it's more like being wary of people wearing arm-bands with swastikas?


>However, now that the U.S. government, and the NSA and its collaborators in particular, have been shown to explicitly not have this goal – in fact, their goal has been to strive for less secure systems and more difficult standards ­– what should be done? The logical thing to do is to exclude any person or organization revealed to have an agenda explicitly contrary to the group.”

it should be an obvious and routine matter for any organization/group that have a conflict of interests policy.


The usual way for conflict-of-interest policies to work is for the one whose interests are in conflict to simply recuse themselves from voting.

It is not so simple for the IETF and IRTF, since they traditionally have eschewed voting and instead opt for “rough consensus and running code”. Also, the position of the NSA is fundamentally opposed to what the CFRG is supposed to achieve, so I don’t see how a normal conflict-of-interest policy is going to help.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: