[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: v 5.4 - from Dave Mann



Steve Christey, Mitre (affiliation for identification only :-) wrote:

> Spaf, you suggested that some companies could make separate official
> statements.  If we can do that, it seems like that reduces (somewhat)
> the importance of listing affiliations on an "experts" letter - at
> least for those who aren't comfortable doing so.  Also, it seems like
> there won't be a high percentage of people who would be unable to list
> their affiliation (assuming a disclaimer).  So if we have 100
> signatures, 90 of which list an organizational affiliation, I don't
> see that reducing the impact of the statement too much.  On the other
> hand, I do appreciate the, um, utility of naming such a well-known
> organization as Cisco.  But if it comes down to a choice between "no
> Cisco and no Kevin Ziese" or "Kevin Ziese but no Cisco," personally
> I'd choose the latter ;-)

My take:

The more people list their affiliations the more impact it will have, since
the diplomats that negotiate these things have probably never heard of any
of us as individuals (just as we've probably never heard of any of them).

The more companies sign on as a company, the more impact it will have since
political folks care greatly what the big $$ think.

So I like the two section idea.

But, we do not want to wait three weeks.  So I suggest we have a fairly
short deadline for folks to sign.  People who can get their company to sign
off before the deadline can get the company in that section.  People who
can't can go in the "individual expert" section.  Something like:

The following computer security experts have signed this letter:

<blah>

The following companies have endorsed this letter:

<blah>

I speak for Silicon Defense, so we endorse the letter FWIW :-)

(As usual, the fact that I chair an IETF working group about Intrusion
Detection cannot be mentioned, since it might erroneously give the
impression that the IETF was taking a position on this issue).

And I continue to strongly think that, although Rain Forest Puppy and his
ilk do great stuff that I hope they continue to do for a long time, it will
not help our cause to have them sign this letter.  (Did you notice that
some congressperson is now trying to pass a law to prevent security firms
hiring ex-hackers?)

Stuart.

--
Stuart Staniford  ---  President  ---  Silicon Defense
                   stuart@silicondefense.com
(707) 445-4355                     (707) 445-4222 (FAX)

Page Last Updated or Reviewed: May 22, 2007