[IETF-IDRM] Re: [IDRM] Disband or recharter IDRM?

Lisa Rein lisarein@finetuning.com
Wed, 11 Dec 2002 17:32:44 -0800


If I understand IETF procedures correctly, it is a common practice to 
reopen a irtf list for the purposes of discussing whether or not there 
should be a re-charter.

  plus it would appear discussions of this sort are encouraged by the 
IRTF charter (ftp://ftp.rfc-editor.org/in-notes/rfc2014.txt):

> Even more than the IETF, the work of the IRSG is expected to be
>    marked by informality.  The goal is to encourage and foster valuable
>    research, not to add burdensome bureaucracy to the endeavor.


Thanks,

lisa



Paul Lambert wrote:
>>Just so we are all on the same page, a stated "business  reason" is not 
>>among the criteria used to establish and guide an Internet Research Task 
>>Force (IRTF) Research Group such as IDRM 
> 
> 
> There needs to be some reason for the community at large to participate.  
> 
> 
>>Force (IRTF) Research Group such as IDRM 
>>(ftp://ftp.rfc-editor.org/in-notes/rfc2014.txt)
> 
> 
> 
> Which says:
> 
>    The products of a Research Group are research
>    results that may be disseminated by publication in scholarly journals
>    and conferences, as white papers for the community, as Informational
>    RFCs, and so on.  In addition, it is expected that technologies
>    developed in a Research Group will be brought to the IETF as input to
>    IETF Working Group(s) for possible standardization.
> 
> It does not say 'discussion forum'.  What are the specific work products for this group?
> 
> 
> Paul
> 
> 
>>-----Original Message-----
>>From: Mark Baugher [mailto:mbaugher@cisco.com]
>>Sent: Wednesday, December 11, 2002 3:22 PM
>>To: Paul Lambert
>>Cc: ietf-idrm@lists.elistx.com
>>Subject: RE: [IDRM] Disband or recharter IDRM?
>>
>>
>>At 02:57 PM 12/11/2002 -0800, Paul Lambert wrote:
>>
>>
>>>>Please, I do not have a business need for these emails.
>>>
>>>Perhaps no one has a business reason for this committee and 
>>
>>it should be 
>>
>>>disbanded.
>>
>>Just so we are all on the same page, a stated "business 
>>reason" is not 
>>among the criteria used to establish and guide an Internet 
>>Research Task 
>>Force (IRTF) Research Group such as IDRM 
>>(ftp://ftp.rfc-editor.org/in-notes/rfc2014.txt)
>>
>>Mark
>>
>>
>>
>>>Business reasons for a specific technology does not 
>>
>>guarentee that there 
>>
>>>is any reason for an open interoperable standard.
>>>
>>>
>>>Paul
>>>
>>>
>>>>-----Original Message-----
>>>>From: Theisen, Isabelle [mailto:Isabelle.Theisen@unistudios.com]
>>>>Sent: Wednesday, December 11, 2002 2:48 PM
>>>>To: 'Thomas Hardjono'; 'ietf-idrm@lists.elistx.com';
>>>>'glarose@info-mech.com'; 'mbaugher@cisco.com'
>>>>Subject: RE: [IDRM] Disband or recharter IDRM?
>>>>
>>>>
>>>>Please, I do not have a business need for these emails.
>>>>Please, remove from the list.
>>>>
>>>>
>>>>-----Original Message-----
>>>>From: Thomas Hardjono [mailto:thardjono@yahoo.com]
>>>>Sent: Wednesday, December 11, 2002 2:09 PM
>>>>To: Gord Larose
>>>>Cc: ietf-idrm@lists.elistx.com
>>>>Subject: Re: [IDRM] Disband or recharter IDRM?
>>>>
>>>>
>>>>At 12/11/2002||03:16 PM, Gord Larose wrote:
>>>>
>>>>>Hi Thomas,
>>>>>Thanks for the feedback and update. At a high level I 
>>
>>agree with you
>>
>>>>>completely.
>>>>>
>>>>>However, at a technical level, "Open source DRM" makes my
>>>>
>>>>brain hurt.  It's
>>>>
>>>>>hard enough hide anything in BINARY inside a PC; but like it
>>>>
>>>>or not, that's
>>>>
>>>>>one thing  DRM has to do.  I should know... the NetActive
>>>>
>>>>technology I was
>>>>
>>>>>largely responsible for addresses exactly that problem. That
>>>>
>>>>technology has
>>>>
>>>>>never, to my knowledge, been publicly cracked... but I doubt
>>>>
>>>>that would have
>>>>
>>>>>been true if we'd published the source !
>>>>
>>>>Yes, I agree: "open source DRM" makes my brain hurt too :)
>>>>However, this
>>>>seems to be the only way to provide an alternative to proprietary
>>>>technology.  In many cases, perhaps the mom-and-pop
>>>>"publisher" does not
>>>>need 100% hack-proof DRM (maybe not even 90% hack-proof), but
>>>>enough to
>>>>discourage non-technical people from trying to break it.
>>>>
>>>>
>>>>
>>>>>And from a business perspective, Mom & Pop businesses 
>>
>>already have
>>
>>>>>inexpensive,  low-end protection technologies available e.g. from
>>>>>third-party software TBYB wrappers, or via, say, Windows
>>>>
>>>>Media Player DRM.
>>>>
>>>>>The obstacles are more about complexity, churn,  supplier
>>>>
>>>>viability, trust,
>>>>
>>>>>and branding, than about cost or availability.
>>>>
>>>>Hmm, I'm not sure I follow here.  WMP is only for certain
>>>>types of contents
>>>>(e.g. not books, newspapers, newletters, etc).
>>>>
>>>>
>>>>
>>>>
>>>>>So we'd have to be careful about what the values of such a
>>>>
>>>>system were... if
>>>>
>>>>>we could figure out how it would work !
>>>>>
>>>>>Here's an entertaining thought: suppose we emphasize TRUST
>>>>
>>>>and CONTINUITY.
>>>>
>>>>>Maybe we could even subvert Palladium and the Fritz Chip to
>>>>
>>>>nobler ends ?
>>>>
>>>>>i.e. a system that WILL, in some sense, robustly protect
>>>>
>>>>content, but WILL
>>>>
>>>>>NOT - as a matter of the supplier's policy  - do any of  the
>>>>
>>>>things that
>>>>
>>>>>consumers and libertarians rightly fear ? And a further 
>>
>>benefit of an
>>
>>>>>open-source (that may not be the right term, maybe
>>>>
>>>>"distributed ownership"
>>>>
>>>>>is better) model could be the continuing availability of the
>>>>
>>>>solution e.g.
>>>>
>>>>>Red Hat may die, but Linux won't.
>>>>
>>>>
>>>>OK, so this is a *very* interesting question.  These are 
>>
>>the types of
>>
>>>>questions that needs to be discussed in a open forum and
>>>>where pieces of it
>>>>can be standardized (the way many pieces of Linux has been
>>>>standardized).
>>>>
>>>>cheers,
>>>>
>>>>thomas
>>>>------
>>>>
>>>>
>>>>
>>>>
>>>>>I'm not sure how to do this, but maybe we could figure it out !
>>>>>
>>>>>Cheers,
>>>>>   Gord 8-)
>>>>>
>>>>>
>>>>>
>>>>>----- Original Message -----
>>>>>From: "Thomas Hardjono" <thardjono@verisign.com>
>>>>>To: <glarose@info-mech.com>; <ietf-idrm@lists.elistx.com>
>>>>>Sent: Wednesday, December 11, 2002 12:55 PM
>>>>>Subject: Re: [IDRM] Disband or recharter IDRM?
>>>>>
>>>>>
>>>>>
>>>>>>Gord,
>>>>>>
>>>>>>I agree with most of your comments. Judging from the
>>>>
>>>>"emotional outcry" we
>>>>
>>>>>>received at the last IDRM meeting (Salt Lake City IETF,
>>>>
>>>>end of 2001), DRM
>>>>
>>>>>>seems to mean different things to different people.
>>>>>>
>>>>>>
>>>>>>At 12/11/2002||09:23 AM, Gord Larose wrote:
>>>>>>
>>>>>>>Hello:
>>>>>>>  Most of you on the list will not know me, as I came
>>>>
>>>>in during your
>>>>
>>>>>period
>>>>>
>>>>>>>of dormancy. I too have been mulling these issues, as
>>>>
>>>>the DRM company
>>>>
>>>>>that
>>>>>
>>>>>>>I helped found (NetActive) struggled like most others in
>>>>
>>>>the space.
>>>>
>>>>>>>I think there are two classes of issues here - the
>>>>
>>>>social-advocacy ones
>>>>
>>>>>>>and the technical ones.
>>>>>>>
>>>>>>>The social-advocacy issues are horribly subjective. The
>>>>
>>>>concerns were
>>>>
>>>>>>>well expressed in Mark's email, and we could spend
>>>>
>>>>thousands of words
>>>>
>>>>>>>debating them.  For what it
>>>>>>>is worth, I believe that DRM is not philosophically
>>>>
>>>>wrong, and further,
>>>>
>>>>>that
>>>>>
>>>>>>>it is commercially necessary. However, I do not believe
>>>>
>>>>that the current
>>>>
>>>>>>>"axis of greed" between Hollywood and Washington 
>>
>>serves the best
>>
>>>>>interests
>>>>>
>>>>>>>of American citizens and, as a Canadian, I am very
>>>>
>>>>concerned about the
>>>>
>>>>>>>United States' efforts to impose its draconian views 
>>
>>of copyright
>>
>>>>>>>enforcement on the rest of the world.
>>>>>>> Good DRM does not have to put Big Brother on your hard
>>>>
>>>>drive. If it
>>>>
>>>>>does,
>>>>>
>>>>>>>then the price is too high.
>>>>>>
>>>>>>Right. So one of the notions we put forward in the IETF
>>>>
>>>>was:  is it at all
>>>>
>>>>>>possible to create "open-source DRM technologies", so 
>>
>>that small
>>
>>>>>>mom-and-pop publishers need not pay $$$ for proprietary
>>>>
>>>>solutions.  The
>>>>
>>>>>>analogy is that with Linux and the Apache webserver,
>>>>
>>>>which are available
>>>>
>>>>>>for around $30.
>>>>>>Another useful comparison in the RSA encryption
>>>>
>>>>algorithm, which is good
>>>>
>>>>>>technology, well understood, standardized and now finally
>>>>
>>>>over the patent
>>>>
>>>>>>hurdle.
>>>>>>
>>>>>>I realize that some folks take the (radical) position of
>>>>
>>>>being against any
>>>>
>>>>>>development of DRM technology whatsoever.  The best way
>>>>
>>>>to ensure Big
>>>>
>>>>>>Brother does not happen is to go against any work
>>>>
>>>>relating to DRM. The
>>>>
>>>>>>reality is that DRM Technology is here to stay
>>>>
>>>>(proprietary), whether we
>>>>
>>>>>>like it or not.  It will ship inside PCs and in consumer
>>>>
>>>>electronics
>>>>
>>>>>>devices.  I think such a position actually helps the Big
>>>>
>>>>Brother syndrome,
>>>>
>>>>>>as it does not provide an option to the general public as
>>>>
>>>>to alternative
>>>>
>>>>>>sources of technology.
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>>On a philosophical level then, I say there is a need for
>>>>
>>>>smart people to
>>>>
>>>>>>>build workable DRM that citizens can live with.
>>>>>>>
>>>>>>>The point issue of this technical group's mandate is
>>>>
>>>>much clearer IMO.
>>>>
>>>>>The
>>>>>
>>>>>>>core
>>>>>>>technology challenges for DRM are terminal node
>>>>
>>>>challenges, not network
>>>>
>>>>>>>challenges. Sure, a network is usually involved, but DRM
>>>>
>>>>is nothing
>>>>
>>>>>special
>>>>>
>>>>>>>for the network. DRM's basic network needs are nothing
>>>>
>>>>harder than
>>>>
>>>>>>>http/https over tcp/ip. And the terminal mode challenges
>>>>
>>>>are largely
>>>>
>>>>>about
>>>>>
>>>>>>>things like tamper-resistance, which are proprietary 
>>
>>and not very
>>
>>>>>amenable
>>>>>
>>>>>>>to
>>>>>>>standardization. It's not something where an IETF group
>>>>
>>>>adds much value.
>>>>
>>>>>>Right.  This is where the word "DRM" is I think a
>>>>
>>>>misnomer for the IETF
>>>>
>>>>>>efforts.  You are absolutely right, that DRM is indeed
>>>>
>>>>"terminal node
>>>>
>>>>>>challenges" (ie. development of rights-enforcing
>>>>
>>>>terminals), which is not
>>>>
>>>>>>the traditional area of work for the IETF.
>>>>>>
>>>>>>However, there some network issues that is part of what I
>>>>
>>>>call the "DRM
>>>>
>>>>>>macrocosm", which included functions relating to
>>>>
>>>>look-ups, secure network
>>>>
>>>>>>storage, transaction clearinghouse, etc.  These would 
>>
>>appear to be
>>
>>>>>suitable
>>>>>
>>>>>>for work items in the IETF.
>>>>>>
>>>>>>Thus, one possible change to IDRM is a new name that is
>>>>
>>>>less likely to be
>>>>
>>>>>>controversial.
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>>So where does that leave the group ? Seems to me the
>>>>
>>>>options include:
>>>>
>>>>>>>1) disband
>>>>>>>2) generalize the focus to a multidisciplinary one,
>>>>
>>>>along the lines of
>>>>
>>>>>>>http://www.bcdforum.org . (Though I have to confess 
>>
>>I find that
>>
>>>>>organization
>>>>>
>>>>>>>lacking substance.)
>>>>>>>3) Find specific technical problems that are obstacles
>>>>
>>>>to good (i.e.
>>>>
>>>>>>>effective but not Orwellian) DRM, which are going
>>>>
>>>>begging, and in scope,
>>>>
>>>>>>>and work on solutions.
>>>>>>>
>>>>>>>I don't have a top-of-mind suggestion for #3, but it
>>>>
>>>>sounds like the most
>>>>
>>>>>>>fun!
>>>>>>
>>>>>>Yes, the keyword is "fun".  Perhaps others on the list
>>>>
>>>>may have specific
>>>>
>>>>>>suggestions?
>>>>>>
>>>>>>cheers,
>>>>>>
>>>>>>thomas
>>>>>>------
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>>Other thoughts ???
>>>>>>>
>>>>>>>Best Regards,
>>>>>>>   Gord Larose
>>>>>>>
>>>>>>>----- Original Message -----
>>>>>>>From: "Mark Baugher" <mbaugher@cisco.com>
>>>>>>>To: <ietf-idrm@lists.elistx.com>
>>>>>>>Cc: <thardjono@yahoo.com>; "Vern Paxson" <vern@icir.org>
>>>>>>>Sent: Tuesday, December 10, 2002 6:43 PM
>>>>>>>Subject: [IDRM] Disband or recharter IDRM?
>>>>>>>
>>>>>>>
>>>>>>>>IDRM has obviously been dormant for about a year.
>>>>>>>>SNIP<
>>>>>>
> 
>