Given that my blog is probably blocked, I suppose I won't be doing any
blogging that week. ;-)

Peter

- --
Peter Saint-Andre
https://stpeter.im/

It's not entirely clear to me what these conditions mean, so
maybe it's worth trying to parse them a bit. ISTM that there are
a bunch of potential questions about their interpretation:

1. What materials are covered under this? This could include any
of [in roughly descending order of "officialness"]:
(a) Materials printed in the program [Do we have a program?]
(b) Materials presented by IETF management (IAB, IESG, etc.)
(c) Speech by IETF management
(d) Materials presented by WG participants
(e) Speech by WG participants

2. What exactly is covered by the restriction on "any defamation
against the Government of the People's Republic of China, or show
any disrespect to the Chinese culture, or violates any laws of the
People's Republic of China or feature any topics regarding human
rights or religion"?

3. What recourse, if any, do we have if the hotel staff judge that
the lines above have been crossed?

4. What, if anything, is the IETF on the hook for if the conference
is cancelled?


None of these seem entirely clear from the text above. In the
maximal (and most worrisome) interpretation, the hotel staff, in their
sole discretion, could choose to cancel the entire IETF because a
single WG participant says something about Taiwan in the course of a
WG discussion. If that's in fact the controlling interpretation, then
that seems distinctly problematic.

Is it really that bad? Let's take a deeper look at each term:

1. The materials covered are specified as:

"Should the contents of the Group's activities, visual or audio
presentations at the conference,or printed materials used at the
conference (which are within the control of the Client)"

Except for the final parenthetical, this seems to include all of
(a)-(e). The relevant question then becomes what the meaning
of the final parenthetical is, and in particular, who the
Client is. I suppose one could argue that the Client is just
IASA and so all that's relevant is presentations from IAOC
(or more liberally from the I*). However, if you argue that
the client is IETF then clearly the IETF management *could*
control what people present (E.g., require pre-clearance of
slides) and say (by cutting off the microphones). So, I don't
think this is particularly clear. It doesn't seem to me that
we would really have much of an argument that presentations
at the plenary aren't "within the control of the Client",
however. That said, I think the natural interpretation is
that anything that's on the agenda falls into this category--if
people want to interpret it differently, we should get a
legal opinion to that effect--or better yet, get the
terms modified to make it clear.


2. The offensive topics are described as:

"[1] any defamation
against the Government of the People's Republic of China, or [2] show
any disrespect to the Chinese culture, or [3] violates any laws of the
People's Republic of China or [4] feature any topics regarding human
rights or religion"?

(Numbers mine)

This really seems exceptionally broad. I'm not overly worried about
IETFers defaming the government of the PRC, but I think I can come
up with plausible technical topics that would violate at least
[2] and [4]. In particular:

- An expression that HTTP error codes need not be translated into
Chinese could be argued to show disrespect to Chinese culture.
- Discussion of location privacy [Geopriv] or resistance to lawful
intercept [TLS, RTPSEC, IPsec] could be argued to be
relevant to human rights. I've fairly regularly heard negative
opinions expressed about both the US and Chinese governments
in these discssions.
- As someone else observed, the discussion of net neutrality in last
IETF's plenary could similarly be argued to be relevant to human
rights (cf. Ted's comments) The US and China come in for
criticism here as well.
- Discussion of language differences between Taiwan and China
could easily fall into a number of these categories.

So, absent some narrowing of this clause, it does seem to me like
this would have a chilling effect on technical discussion.


3. This clause actually seems the clearest and the most expansive:

the Hotel reserves the right to terminate the event on the spot
and/or ask the person(s) who initiates or participates in any or
all of the above action to leave the hotel premises immediately.

This appears to me to allow the hotel staff, in their sole discretion,
to determine which actions violate this contract and shut down the
entire IETF meeting. I don't see that we have any meaningful recourse.

Perhaps it's just security guy paranoia, but I would be reluctant to
sign a contract that featured this sort of clause regardless of the
antecedent actions that ostensibly triggered it; the problem here is
that it gives the hotel an incentive to use the implicit threat of
terminating the event as negotiating leverage for other interactions
where they simply wish to get a more advantageous deal.


4. I'm not entirely clear what our liability is here. Consider the
worst case: in the first session on Monday, there's a formal
presentation from an IETF official (e.g., an AD) denouncing China's
Tibet policy. The hotel decides that this is a breach of the above
terms and closes the entire IETF meeting. At this point, a large
fraction of IETFers cancel their hotel reservations, demand their
money back, and go home. Is the IETF required to make the hotel whole?
Maybe these reservations will be un-cancellable, but that's not
been the case for at least some previous meetings I've attended.
If the IETF is on the hook here, this seems like a fairly high
level of risk for the IETF to bear.


The bottom line, then, is that the stated terms seem to me to be quite
problematic: they (at least arguably) seem to apply to relevant
technical discussions by pretty much everyone at IETF and don't give
us any meaningful recourse if the hotel judges that we're in breach.

This leads immediately to the question of whether there is some more
constrained version of these terms that actually would be
acceptable. I don't see much room for negotiation in point (2), which
seems to me to be the meat of the objectionable material. One could
imagine narrowing (1) to apply somehow to only "official" statements
by the IETF and (3) to provide some sort of recourse, or required
escalation procedures, or something. However, I don't know if the IETF
management would be willing to bind themselves to these terms and I
don't know if we could define a meaningful escalation procedure, but
if we were able to achieve these, it seems like the impact on the
rest of the IETF would be marginal. [Speaking solely for myself,
were I still on the IAB I would not be willing to be bound by these
terms.] However, as it is, this seems to me to have the potential
for an unacceptably high impact on the IETF as a whole.

-Ekr

On Fri, 18 Sep 2009 11:12:59 -0500
Speaking of Danvers -- what is the situation -- theory and practice --
regarding encrypted transmissions to/from such a meeting? I think that
a high percentage of IETF attendees are using various sorts of VPNs
and/or encrypted tunnels for email retrieval, remote login, etc. Note
that I'm assuming they don't care much if we discuss cryptographic
technology (i.e., they're happy for the Security Area to meet). I'm
just talking ordinary, day-to-day activities for many participants.

N.B. It is extremely unlikely that I'd attend a meeting in that slot,
regardless of where it was; my current $DAYJOB doesn't give me the
luxury of attending most IETF meetings.


--Steve Bellovin, http://www.cs.columbia.edu/~smb

In the above,

"the Hotel reserves the right to terminate the event on the spot"

I, speaking just for myself, think that this is extremely unlikely to
happen.
There have been a number of technical meetings in the PRC in the
recent past,
and I haven't heard of any being shut down. Also, this would be a very
serious step
for any venue to take, and would likely mean a near termination of any
future foreign
conference business for them for quite some time to come.

Others, of course, will have to judge this probability for themselves.

Regards
Marshall

Marshall,

Since seeing your note, I've been trying to figure out how to
formulate my concern. Carsten's note captured it for me, so
let me be a little more specific.

First, thanks for asking.

I am deliberately not addressing the "where else could we meet
where things would be better" question, the visa issues, or any
of the other logistical questions in this note.

Let's assume (at least for purposes of argument -- I assume some
members of the community might disagree) that we can trust the
government of the PRC to be sensible in this sort of matter, to
understand what an IETF meeting implies, etc. The difficulty is
that, from things I've heard informally, the proposed Host
("Client") isn't the government or a government body.

I am concerned that, if there is some incident --completely
unrelated to IETF-- that someone associated with the host or
hotel might overreact and decide to interpret, e.g., a
discussion about mandatory-to-implement cryptography, as pushing
too close to the "politics" or "criticism" line. I'd be much
less concerned if any perceived incident led to some sort of
conversation between "us" and relevant government folks about
real issues and boundaries than if (and I assume this is an
exaggeration) some middle-level hotel employee could panic and
pull the eject lever.

john


--On Friday, September 18, 2009 18:26 +0200 Carsten Bormann

To quote from Wikipedia: "Most national laws of the People's Republic
of China do not apply to the Special Administrative Regions of Hong
Kong or Macau. There are no known cases of the Chinese authorities
censoring critical political or religious [Internet] content in those
territories."

I am opposed to the IETF meeting in China except in Hong Kong or
Macau. While one could argue endlessly about how likely such IETF
documents as RFC 1984 and RFC 2804 or such politically and culturally
sensitive issues as language tags, "internationalization" of
protocols, issuance of advice/requests to international authorities in
reference to country codes, etc., will be a problem, it seems to me
that the risk is too great.

Thanks,
Donald
=============================
Donald E. Eastlake 3rd +1-508-634-2066 (home)
155 Beaver Street
Milford, MA 01757 USA

Or, at the very least, remove the Facebook block: that would be a real
show stopper for many of us.

(Besides, I've heard that Mafia Wars scores play an essential role in
resolving disputes within the IESG...)

I'm only half kidding.

Hi Ross,
Same here.
Agreed.
I agree with that. This is basically about freedom of speech. It would be
ironical to host a meeting of the IETF, which stands for open Internet
standards, in a setting which limits open speech.

This is purely my personal opinion as well.

rahul

The IETF does not and cannot make any warranties relating to the political views, manners or behavior of attendees. The attendees are responsible for their own actions, and the IETF has no ability ensure their conformance to local laws or customers. If attendees violate the laws or customs of the host country, they may face consequences -- but they're on their own.

So if the question is whether the IETF should sign any agreement that takes responsibility for the behavior attendees, I'd say that this is a bad idea. It's not really an issue of politics -- I'd say the same thing if the meeting were being held in Palm Beach and the city requested that the IETF take responsibility for ensuring that participants conformed to the dress code (no white after labor day!).

I wonder what might happen if a remote participant started openly,
and pointedly, talking about human rights, say, or the Tibet
situation, on the XMPP chatroom service.

Now, obviously that participant is not going to be ejected from the
hotel - they could easily be a few thousand miles away - but
presumably some authority somewhere might well act.

Would that action be:

1) The termination of XMPP services (either by the hotel, or by the
GFW).

2) The termination of IP services from the hotel.

3) The termination of the conference.

It strikes me that any of these would harm participation very
heavily, and since it presents little or no risk to the remote
participant - who could therefore remotely participate purely for
disruptive purposes - it opens up a large window of disruption by
essentially external parties.

There's already been comments that an IETF meeting held within the
GFW would be seized upon by the press as ironic. It seems to be that
one sabotaged, or used deliberately for political purposes, would
raise much more press, and worse, this press coverage may actually be
useful to someone wanting to ensure the point is made.

I'd like to know what the PRC might say to that. The only solutions I
immediately see would be to give the PRC administrative rights over
the chatrooms, or else perform such policing ourselves, neither of
which exactly fills me with glee.

FWIW, I wouldn't be going to China, but then, I nearly always
remotely participate, so no change there. I do think we should make
every effort to hold a meeting in China, though, as a hefty chunk of
network expertise is there.

Dave.

I too was struck by the irony of trading one set of visa issues for another
...

While I agree one should not intentionally violate any laws of the visited
country, my concern with this condition is that I might lose my ability to
acquire a visa in the future due to the stupid actions of someone else. I
don't recall the questions on the PRC visa application, but I know that a
frequent question on visa app forms is something to the effect of "have you
ever been denied access, or asked to leave the country". I am willing to
deal with the consequences of my own actions, but I am not sure I want to
risk my future livelihood over someone else's desire for 15 minutes of fame.

I have been to Beijing/Shanghai/Guangzhou/HK many times over the last 7
years, and I can't see jeopardizing the ability to conduct future business
there given the strongly held viewpoints of many IETF attendees, so it is
not clear to me that I would attend under that condition. I would be happy
to participate in normal IETF business there, as there are contributors that
deserve the same locality considerations that the rest of the group is
given. If there were some way to make it clear that any issues were personal
actions, which probably means not scheduling a plenary to invite a group
discussion which may go south, I would be less concerned about attending.

Beyond that, I do agree with Mike that we need to take a close look at the
WGs which have problematic agendas in such an environment. It is not about
how we interpret the content of the discussions, it is how the local
officials would interpret it. Unless someone fairly high up in the national
government is willing to bless the topics in advance, and strong-arm any
local enforcement that is looking to make a name for themselves, I don't
think it makes sense to even bother scheduling them to meet.

Tony

As far as I know, IETF is not a political entity so it doesn't seem
appropriate for it to take a position on any of the issues brought up so
far.

Some IETF participants will invariably have strong political views. The
question is whether or not those views should influence their decision
to take part in any conference in China. To each his own, of course. I
just wish people would go to China and see it in first person and decide
for themselves what the real conditions are. Maybe I need to go out more
but for every person I know who's been to China, none has had negative
experiences and some have changed their view of the country completely.

F.U.D. is a powerful thing and I'm dismayed at how much influence it has
on otherwise bright people.

Coming back on topic on a practical concern of encryption and VPN access
from China. I was in China in May 2008 and used IPsec from my hotel
rooms (two hotels in two cities) for VPN access (back to the US) without
problem at all. The throughput maybe suspect at times but not the
protocol operation itself. I would think that is something that can be
properly addressed by the Host.

Thanks,
Jerry (I don't speak for AT&T in any way, shape or form.)
--
Jerry Huang, AT&T Labs, +1 630 810 7679 (+1 630 719 4389, soon)
-----Original Message-----
From: ietf-***@ietf.org [mailto:ietf-***@ietf.org] On Behalf Of
Noel Chiappa
Sent: Sunday, September 20, 2009 11:48 AM
To: ***@ietf.org
Cc: ***@mercury.lcs.mit.edu
Subject: Re: [IAOC] Request for community guidance on issue concerning
afuture meeting of the IETF
The likelihood that having the IETF actually meet in China will have
_any_
real impact on a country so large, I find very improbable. The things we
produce? Yes. Having a meeting there? Somehow I don't think so.

Noel

Hi,

Here are my impressions regarding the areas of concern you raise.
I have worked for a subsidirary of Huawei, and now work for
HuaWeiSymantec (a joint venture startup) and visit Beijing once or
twice a year.
I don't know if the venues under consideration are in Beijing, but I
assume that is fairly likely.
These opinions are my own and do not in any way represent the opinions
of Huawei or HuaweiSymantec.

I have personal concerns about censorship and manipulation of Internet
traffic. I don't have anything to hide, and do not regularly post
views I expect the Chinese government might find offensive, so it does
not impact me directly, but it does impact me indirectly.

I had some difficulty reaching some web sites, although they were
mostly news websites that might discuss politically-sensitive topical
issues. I do not remember having difficulty reaching any websites
critical to my IETF work.

The HQ of HuaweiSymantec is in Hong Kong, and my boss who lives there
tells me that HK is not subject to the censorship on the China
mainland. So maybe meeting in Hong Kong would allow us to meet in
China, without the censorship. (But I personally found HK very
expensive compared to mainland China)

I doubt the Chinese government, or the hotel, is likely to interfere
in our technical discussions. Some lively plenary discussions about
government-regulation impact on Internet technologies, such as the net
neutrality discussion in the Washington meeting and the encryption
regulations discussion we had in Danvers, might make our Chinese
participants and our host uncomfortable.

I would be a bit cautious about political discussions in public venues
outside the official meeting, e.g., over dinner or in bar BOFs.
"Bush-bashing" and other disrepect for our leaders is considered great
sport in Western countries; In China, for cultural reasons based on a
very long history going back at least to Confucious, this type of
disrespect for one's leaders is apparently considered very poor
manners. I am pretty sure that disrespect for their leaders would be
very very poor manners. The locals are much more likely to consider
you a barbarian than to want to engage in such discussions of their
leaders.
I have not found avoiding smoke in China much worse than in Europe. I
find it much easier to avoid smoke in US cities.
Auto emission pollution in Beijing is a real problem. If you have any
respiratory problems, I recommend you avoid heavy-traffic areas of
Beijing.

This problem is mostly an outdoor problem, not an indoor problem. You
can mitigate the pollution by wearing surgical masks when outside
(which is fairly common in Beijing). I assume the air handling systems
in a conference center and major international hotels would mitigate
this while indoors.

I think the level of poluution in Beijing is a valid concern when
evaluating venues.

David Harrington

So we need to know how many people who would normally attend would
expect to be denied visas.

- Stewart