[IETF-IDRM] Re: [IDRM] Disband or recharter IDRM?

Lisa Rein lisarein@finetuning.com
Wed, 11 Dec 2002 17:38:18 -0800


I meant by the IRTF "Guidelines and Procedures", as written by A. 
Weinrib and J. Postel:
ftp://ftp.rfc-editor.org/in-notes/rfc2014.txt

didn't mean to confuse things referring to it as a "charter".

"Even more than the IETF, the work of the IRSG is expected to be
  marked by informality.  The goal is to encourage and foster valuable
   research, not to add burdensome bureaucracy to the endeavor."


Thanks,

lisa



Lisa Rein wrote:
> If I understand IETF procedures correctly, it is a common practice to 
> reopen a irtf list for the purposes of discussing whether or not there 
> should be a re-charter.
> 
>  plus it would appear discussions of this sort are encouraged by the 
> IRTF charter (ftp://ftp.rfc-editor.org/in-notes/rfc2014.txt):
> 
>> Even more than the IETF, the work of the IRSG is expected to be
>>    marked by informality.  The goal is to encourage and foster valuable
>>    research, not to add burdensome bureaucracy to the endeavor.
> 
> 
> 
> Thanks,
> 
> lisa
> 
> 
> 
> Paul Lambert wrote:
> 
>>> Just so we are all on the same page, a stated "business  reason" is 
>>> not among the criteria used to establish and guide an Internet 
>>> Research Task Force (IRTF) Research Group such as IDRM 
>>
>>
>>
>> There needs to be some reason for the community at large to participate. 
>>
>>> Force (IRTF) Research Group such as IDRM 
>>> (ftp://ftp.rfc-editor.org/in-notes/rfc2014.txt)
>>
>>
>>
>>
>> Which says:
>>
>>    The products of a Research Group are research
>>    results that may be disseminated by publication in scholarly journals
>>    and conferences, as white papers for the community, as Informational
>>    RFCs, and so on.  In addition, it is expected that technologies
>>    developed in a Research Group will be brought to the IETF as input to
>>    IETF Working Group(s) for possible standardization.
>>
>> It does not say 'discussion forum'.  What are the specific work 
>> products for this group?
>>
>>
>> Paul
>>
>>
>>> -----Original Message-----
>>> From: Mark Baugher [mailto:mbaugher@cisco.com]
>>> Sent: Wednesday, December 11, 2002 3:22 PM
>>> To: Paul Lambert
>>> Cc: ietf-idrm@lists.elistx.com
>>> Subject: RE: [IDRM] Disband or recharter IDRM?
>>>
>>>
>>> At 02:57 PM 12/11/2002 -0800, Paul Lambert wrote:
>>>
>>>
>>>>> Please, I do not have a business need for these emails.
>>>>
>>>>
>>>> Perhaps no one has a business reason for this committee and 
>>>
>>>
>>> it should be
>>>
>>>> disbanded.
>>>
>>>
>>> Just so we are all on the same page, a stated "business reason" is 
>>> not among the criteria used to establish and guide an Internet 
>>> Research Task Force (IRTF) Research Group such as IDRM 
>>> (ftp://ftp.rfc-editor.org/in-notes/rfc2014.txt)
>>>
>>> Mark
>>>
>>>
>>>
>>>> Business reasons for a specific technology does not 
>>>
>>>
>>> guarentee that there
>>>
>>>> is any reason for an open interoperable standard.
>>>>
>>>>
>>>> Paul
>>>>
>>>>
>>>>> -----Original Message-----
>>>>> From: Theisen, Isabelle [mailto:Isabelle.Theisen@unistudios.com]
>>>>> Sent: Wednesday, December 11, 2002 2:48 PM
>>>>> To: 'Thomas Hardjono'; 'ietf-idrm@lists.elistx.com';
>>>>> 'glarose@info-mech.com'; 'mbaugher@cisco.com'
>>>>> Subject: RE: [IDRM] Disband or recharter IDRM?
>>>>>
>>>>>
>>>>> Please, I do not have a business need for these emails.
>>>>> Please, remove from the list.
>>>>>
>>>>>
>>>>> -----Original Message-----
>>>>> From: Thomas Hardjono [mailto:thardjono@yahoo.com]
>>>>> Sent: Wednesday, December 11, 2002 2:09 PM
>>>>> To: Gord Larose
>>>>> Cc: ietf-idrm@lists.elistx.com
>>>>> Subject: Re: [IDRM] Disband or recharter IDRM?
>>>>>
>>>>>
>>>>> At 12/11/2002||03:16 PM, Gord Larose wrote:
>>>>>
>>>>>> Hi Thomas,
>>>>>> Thanks for the feedback and update. At a high level I 
>>>
>>>
>>> agree with you
>>>
>>>>>> completely.
>>>>>>
>>>>>> However, at a technical level, "Open source DRM" makes my
>>>>>
>>>>>
>>>>> brain hurt.  It's
>>>>>
>>>>>> hard enough hide anything in BINARY inside a PC; but like it
>>>>>
>>>>>
>>>>> or not, that's
>>>>>
>>>>>> one thing  DRM has to do.  I should know... the NetActive
>>>>>
>>>>>
>>>>> technology I was
>>>>>
>>>>>> largely responsible for addresses exactly that problem. That
>>>>>
>>>>>
>>>>> technology has
>>>>>
>>>>>> never, to my knowledge, been publicly cracked... but I doubt
>>>>>
>>>>>
>>>>> that would have
>>>>>
>>>>>> been true if we'd published the source !
>>>>>
>>>>>
>>>>> Yes, I agree: "open source DRM" makes my brain hurt too :)
>>>>> However, this
>>>>> seems to be the only way to provide an alternative to proprietary
>>>>> technology.  In many cases, perhaps the mom-and-pop
>>>>> "publisher" does not
>>>>> need 100% hack-proof DRM (maybe not even 90% hack-proof), but
>>>>> enough to
>>>>> discourage non-technical people from trying to break it.
>>>>>
>>>>>
>>>>>
>>>>>> And from a business perspective, Mom & Pop businesses 
>>>
>>>
>>> already have
>>>
>>>>>> inexpensive,  low-end protection technologies available e.g. from
>>>>>> third-party software TBYB wrappers, or via, say, Windows
>>>>>
>>>>>
>>>>> Media Player DRM.
>>>>>
>>>>>> The obstacles are more about complexity, churn,  supplier
>>>>>
>>>>>
>>>>> viability, trust,
>>>>>
>>>>>> and branding, than about cost or availability.
>>>>>
>>>>>
>>>>> Hmm, I'm not sure I follow here.  WMP is only for certain
>>>>> types of contents
>>>>> (e.g. not books, newspapers, newletters, etc).
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>> So we'd have to be careful about what the values of such a
>>>>>
>>>>>
>>>>> system were... if
>>>>>
>>>>>> we could figure out how it would work !
>>>>>>
>>>>>> Here's an entertaining thought: suppose we emphasize TRUST
>>>>>
>>>>>
>>>>> and CONTINUITY.
>>>>>
>>>>>> Maybe we could even subvert Palladium and the Fritz Chip to
>>>>>
>>>>>
>>>>> nobler ends ?
>>>>>
>>>>>> i.e. a system that WILL, in some sense, robustly protect
>>>>>
>>>>>
>>>>> content, but WILL
>>>>>
>>>>>> NOT - as a matter of the supplier's policy  - do any of  the
>>>>>
>>>>>
>>>>> things that
>>>>>
>>>>>> consumers and libertarians rightly fear ? And a further 
>>>
>>>
>>> benefit of an
>>>
>>>>>> open-source (that may not be the right term, maybe
>>>>>
>>>>>
>>>>> "distributed ownership"
>>>>>
>>>>>> is better) model could be the continuing availability of the
>>>>>
>>>>>
>>>>> solution e.g.
>>>>>
>>>>>> Red Hat may die, but Linux won't.
>>>>>
>>>>>
>>>>>
>>>>> OK, so this is a *very* interesting question.  These are 
>>>
>>>
>>> the types of
>>>
>>>>> questions that needs to be discussed in a open forum and
>>>>> where pieces of it
>>>>> can be standardized (the way many pieces of Linux has been
>>>>> standardized).
>>>>>
>>>>> cheers,
>>>>>
>>>>> thomas
>>>>> ------
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>> I'm not sure how to do this, but maybe we could figure it out !
>>>>>>
>>>>>> Cheers,
>>>>>>   Gord 8-)
>>>>>>
>>>>>>
>>>>>>
>>>>>> ----- Original Message -----
>>>>>> From: "Thomas Hardjono" <thardjono@verisign.com>
>>>>>> To: <glarose@info-mech.com>; <ietf-idrm@lists.elistx.com>
>>>>>> Sent: Wednesday, December 11, 2002 12:55 PM
>>>>>> Subject: Re: [IDRM] Disband or recharter IDRM?
>>>>>>
>>>>>>
>>>>>>
>>>>>>> Gord,
>>>>>>>
>>>>>>> I agree with most of your comments. Judging from the
>>>>>
>>>>>
>>>>> "emotional outcry" we
>>>>>
>>>>>>> received at the last IDRM meeting (Salt Lake City IETF,
>>>>>
>>>>>
>>>>> end of 2001), DRM
>>>>>
>>>>>>> seems to mean different things to different people.
>>>>>>>
>>>>>>>
>>>>>>> At 12/11/2002||09:23 AM, Gord Larose wrote:
>>>>>>>
>>>>>>>> Hello:
>>>>>>>>  Most of you on the list will not know me, as I came
>>>>>
>>>>>
>>>>> in during your
>>>>>
>>>>>> period
>>>>>>
>>>>>>>> of dormancy. I too have been mulling these issues, as
>>>>>
>>>>>
>>>>> the DRM company
>>>>>
>>>>>> that
>>>>>>
>>>>>>>> I helped found (NetActive) struggled like most others in
>>>>>
>>>>>
>>>>> the space.
>>>>>
>>>>>>>> I think there are two classes of issues here - the
>>>>>
>>>>>
>>>>> social-advocacy ones
>>>>>
>>>>>>>> and the technical ones.
>>>>>>>>
>>>>>>>> The social-advocacy issues are horribly subjective. The
>>>>>
>>>>>
>>>>> concerns were
>>>>>
>>>>>>>> well expressed in Mark's email, and we could spend
>>>>>
>>>>>
>>>>> thousands of words
>>>>>
>>>>>>>> debating them.  For what it
>>>>>>>> is worth, I believe that DRM is not philosophically
>>>>>
>>>>>
>>>>> wrong, and further,
>>>>>
>>>>>> that
>>>>>>
>>>>>>>> it is commercially necessary. However, I do not believe
>>>>>
>>>>>
>>>>> that the current
>>>>>
>>>>>>>> "axis of greed" between Hollywood and Washington 
>>>
>>>
>>> serves the best
>>>
>>>>>> interests
>>>>>>
>>>>>>>> of American citizens and, as a Canadian, I am very
>>>>>
>>>>>
>>>>> concerned about the
>>>>>
>>>>>>>> United States' efforts to impose its draconian views 
>>>
>>>
>>> of copyright
>>>
>>>>>>>> enforcement on the rest of the world.
>>>>>>>> Good DRM does not have to put Big Brother on your hard
>>>>>
>>>>>
>>>>> drive. If it
>>>>>
>>>>>> does,
>>>>>>
>>>>>>>> then the price is too high.
>>>>>>>
>>>>>>>
>>>>>>> Right. So one of the notions we put forward in the IETF
>>>>>
>>>>>
>>>>> was:  is it at all
>>>>>
>>>>>>> possible to create "open-source DRM technologies", so 
>>>
>>>
>>> that small
>>>
>>>>>>> mom-and-pop publishers need not pay $$$ for proprietary
>>>>>
>>>>>
>>>>> solutions.  The
>>>>>
>>>>>>> analogy is that with Linux and the Apache webserver,
>>>>>
>>>>>
>>>>> which are available
>>>>>
>>>>>>> for around $30.
>>>>>>> Another useful comparison in the RSA encryption
>>>>>
>>>>>
>>>>> algorithm, which is good
>>>>>
>>>>>>> technology, well understood, standardized and now finally
>>>>>
>>>>>
>>>>> over the patent
>>>>>
>>>>>>> hurdle.
>>>>>>>
>>>>>>> I realize that some folks take the (radical) position of
>>>>>
>>>>>
>>>>> being against any
>>>>>
>>>>>>> development of DRM technology whatsoever.  The best way
>>>>>
>>>>>
>>>>> to ensure Big
>>>>>
>>>>>>> Brother does not happen is to go against any work
>>>>>
>>>>>
>>>>> relating to DRM. The
>>>>>
>>>>>>> reality is that DRM Technology is here to stay
>>>>>
>>>>>
>>>>> (proprietary), whether we
>>>>>
>>>>>>> like it or not.  It will ship inside PCs and in consumer
>>>>>
>>>>>
>>>>> electronics
>>>>>
>>>>>>> devices.  I think such a position actually helps the Big
>>>>>
>>>>>
>>>>> Brother syndrome,
>>>>>
>>>>>>> as it does not provide an option to the general public as
>>>>>
>>>>>
>>>>> to alternative
>>>>>
>>>>>>> sources of technology.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>> On a philosophical level then, I say there is a need for
>>>>>
>>>>>
>>>>> smart people to
>>>>>
>>>>>>>> build workable DRM that citizens can live with.
>>>>>>>>
>>>>>>>> The point issue of this technical group's mandate is
>>>>>
>>>>>
>>>>> much clearer IMO.
>>>>>
>>>>>> The
>>>>>>
>>>>>>>> core
>>>>>>>> technology challenges for DRM are terminal node
>>>>>
>>>>>
>>>>> challenges, not network
>>>>>
>>>>>>>> challenges. Sure, a network is usually involved, but DRM
>>>>>
>>>>>
>>>>> is nothing
>>>>>
>>>>>> special
>>>>>>
>>>>>>>> for the network. DRM's basic network needs are nothing
>>>>>
>>>>>
>>>>> harder than
>>>>>
>>>>>>>> http/https over tcp/ip. And the terminal mode challenges
>>>>>
>>>>>
>>>>> are largely
>>>>>
>>>>>> about
>>>>>>
>>>>>>>> things like tamper-resistance, which are proprietary 
>>>
>>>
>>> and not very
>>>
>>>>>> amenable
>>>>>>
>>>>>>>> to
>>>>>>>> standardization. It's not something where an IETF group
>>>>>
>>>>>
>>>>> adds much value.
>>>>>
>>>>>>> Right.  This is where the word "DRM" is I think a
>>>>>
>>>>>
>>>>> misnomer for the IETF
>>>>>
>>>>>>> efforts.  You are absolutely right, that DRM is indeed
>>>>>
>>>>>
>>>>> "terminal node
>>>>>
>>>>>>> challenges" (ie. development of rights-enforcing
>>>>>
>>>>>
>>>>> terminals), which is not
>>>>>
>>>>>>> the traditional area of work for the IETF.
>>>>>>>
>>>>>>> However, there some network issues that is part of what I
>>>>>
>>>>>
>>>>> call the "DRM
>>>>>
>>>>>>> macrocosm", which included functions relating to
>>>>>
>>>>>
>>>>> look-ups, secure network
>>>>>
>>>>>>> storage, transaction clearinghouse, etc.  These would 
>>>
>>>
>>> appear to be
>>>
>>>>>> suitable
>>>>>>
>>>>>>> for work items in the IETF.
>>>>>>>
>>>>>>> Thus, one possible change to IDRM is a new name that is
>>>>>
>>>>>
>>>>> less likely to be
>>>>>
>>>>>>> controversial.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>> So where does that leave the group ? Seems to me the
>>>>>
>>>>>
>>>>> options include:
>>>>>
>>>>>>>> 1) disband
>>>>>>>> 2) generalize the focus to a multidisciplinary one,
>>>>>
>>>>>
>>>>> along the lines of
>>>>>
>>>>>>>> http://www.bcdforum.org . (Though I have to confess 
>>>
>>>
>>> I find that
>>>
>>>>>> organization
>>>>>>
>>>>>>>> lacking substance.)
>>>>>>>> 3) Find specific technical problems that are obstacles
>>>>>
>>>>>
>>>>> to good (i.e.
>>>>>
>>>>>>>> effective but not Orwellian) DRM, which are going
>>>>>
>>>>>
>>>>> begging, and in scope,
>>>>>
>>>>>>>> and work on solutions.
>>>>>>>>
>>>>>>>> I don't have a top-of-mind suggestion for #3, but it
>>>>>
>>>>>
>>>>> sounds like the most
>>>>>
>>>>>>>> fun!
>>>>>>>
>>>>>>>
>>>>>>> Yes, the keyword is "fun".  Perhaps others on the list
>>>>>
>>>>>
>>>>> may have specific
>>>>>
>>>>>>> suggestions?
>>>>>>>
>>>>>>> cheers,
>>>>>>>
>>>>>>> thomas
>>>>>>> ------
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>> Other thoughts ???
>>>>>>>>
>>>>>>>> Best Regards,
>>>>>>>>   Gord Larose
>>>>>>>>
>>>>>>>> ----- Original Message -----
>>>>>>>> From: "Mark Baugher" <mbaugher@cisco.com>
>>>>>>>> To: <ietf-idrm@lists.elistx.com>
>>>>>>>> Cc: <thardjono@yahoo.com>; "Vern Paxson" <vern@icir.org>
>>>>>>>> Sent: Tuesday, December 10, 2002 6:43 PM
>>>>>>>> Subject: [IDRM] Disband or recharter IDRM?
>>>>>>>>
>>>>>>>>
>>>>>>>>> IDRM has obviously been dormant for about a year.
>>>>>>>>> SNIP<
>>>>>>>
>>>>>>>
>>
>>
> 
>