[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: v 5.4 - from Dave Mann

I completely agree with Spaf here.

The people doing the drafting are in a different world.  My guess is that they are busy, and a letter with a lot of signatures is not necessarily going to impress them.  So, to get their serious attention, and when they inevitably ask "Who are these guys, anyway?", the company affiliations can't hurt and will likely help.

Like others, I'll sign either way.


Gene Spafford wrote:

> Well, Kevin makes at least two points that I agree with:  first, that
> legislators too often fail to seek expert opinion before formulating
> new laws, and that it shouldn't matter whether we are affiliated with
> a big organization as our opinions count too.
> Well, I agree, but the world doesn't work that way at all.
> So, if we are going to have enough impact, we need to impress on the
> treaty writers that we aren't simply hobbyists or (even) black hat
> hackers.  Rather, we need to convey that we are (mostly) mature,
> experienced individuals associated with reputable organizations with
> a significant stake in the information infrastructure.   That doesn't
> make our arguments more cogent, but it does help establish that we
> have enough experience to know what we are talking about.
> A disclaimer that says "Unless stated otherwise, affiliations are
> shown for identification purposes only and do not imply endorsement
> by the organizations indicated" should make it clear in the signing
> process.
> Also, note that Europeans in general take titles much more seriously.
> Thus, I am likely to get more attention if I sign as:
> Eugene H, Spafford, Ph.D., FACM, FAAAS
> Professor and Director
> Purdue University CERIAS
> rather than
> --spaf
> The former suggests I have a clue about the context, some seniority,
> and recognition  by my scientific peers that I have a valuable
> perspective,   The latter suggests that I might be part of the
> problem they are legislating against!
> As to organizational endorsements, think carefully what it means for
> an organization to comment on the treaty.   I personally think a
> cadre of experts means more here than any organizational intent.
> As to next steps, I suggest that we set up a web page with a short
> description of the problem, links to the treaty draft, and text of
> the draft letter.   This should also include instructions on who we
> want to sign it, and how to do so.   And, we should include a section
> how others (companies and individuals) can send comments to the
> drafting commission separate from this letter.   Then we need to
> start spreading the word to get other signers.
> --spaf
org:The MITRE Corporation
adr:;;1820 Dolley Madison Blvd;McLean;VA;22102;
title:INFOSEC Engineer
fn:Bill Hill

S/MIME Cryptographic Signature

Page Last Updated or Reviewed: May 22, 2007