Network Working Group D. Crocker, Ed. Internet-Draft Brandenburg InternetWorking Intended status: Informational S. Brim Expires: January 27, 2011 Cisco J. Halpern Ericsson B. Wijnen B. Leiba Internet Messaging Technology M. Barnes Polycom July 26, 2010 Nomcom Enhancements: Improving the IETF leadership selection process draft-crocker-nomcom-process-00 Abstract Every year the IETF's Nominating Committee (Nomcom) reviews and selects half of the IETF's leadership on the IESG, IAB and IAOC/ Trust. In the 18 years since the inception of the Nomcom process, the Internet industry and the IETF have gone through many changes in funding, participation and focus, but not in the basic formation, structure or operation of Nomcom. This paper explores challenges that have emerged in the conduct of Nomcom activities, particularly due to changing IETF demographics. The paper reviews the nature, causes and consequences of these challenges, and proposes a number of specific changes. The changes provide better communication of Nomcom institutional memory, enhance Nomcom membership expertise, and produce stronger confidentiality and etiquette practices among Nomcom participants. Some changes require formal modification to Nomcom rules; others can be adopted immediately. Status of this Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference Crocker, et al. Expires January 27, 2011 [Page 1] Internet-Draft NomcomTuning July 2010 material or to cite them other than as "work in progress." This Internet-Draft will expire on January 27, 2011. Copyright Notice Copyright (c) 2010 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Crocker, et al. Expires January 27, 2011 [Page 2] Internet-Draft NomcomTuning July 2010 Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4 2. Nomcom Management . . . . . . . . . . . . . . . . . . . . . . 7 3. Nomcom Member Knowledge . . . . . . . . . . . . . . . . . . . 8 4. Nomcom Confidentiality . . . . . . . . . . . . . . . . . . . . 11 5. Nomcom Independence . . . . . . . . . . . . . . . . . . . . . 14 5.1. Liaison Influence . . . . . . . . . . . . . . . . . . . . 14 5.2. Politicking . . . . . . . . . . . . . . . . . . . . . . . 16 6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 17 7. Security Considerations . . . . . . . . . . . . . . . . . . . 17 8. Informative References . . . . . . . . . . . . . . . . . . . . 17 Appendix A. Draft IETF Nomcom Independence and Confidentiality Policy . . . . . . . . . . . . . . . 18 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 19 Crocker, et al. Expires January 27, 2011 [Page 3] Internet-Draft NomcomTuning July 2010 1. Introduction The IETF conducts an annual process, selecting half of its leadership. Selections are made by a Nominations Committee (Nomcom) of randomly chosen volunteer participants. Each Nomcom spends more than 6 months, recruiting nominees, interviewing them and the community, and laboring over criteria and trade-offs. The Chair of Nomcom and the liaisons from IETF-related groups are appointed, non- voting members. The selections made by a Nomcom are reviewed by Confirming Bodies that consider the conduct of the Nomcom process and, to some extent, the adequacy of selected candidates. The Nomcom process was developed in 1992. In the 18 years since then, the Internet industry and the IETF have gone through many changes in funding, participation and focus, but not in the basic formation, structure or operation of Nomcom. The only significant changes were to add to Nomcom's workload, by creating more staffing positions for the recently-formed IAOC/IETF Trust and the RAI area, and to its disclosure by making the list of nominees public. [RFC5680] When the Nomcom process was created, most IETF meeting attendees were heavily involved in a range of IETF work; most really did see themselves as integral to an IETF "community". Today there is significantly greater diversity in IETF participants' background, knowledge, and working styles. Many participants still are deeply involved in the IETF, but many others are more narrowly focused, with limited IETF involvement. Often they track only one working group and contribute to none of its discussion, writing or leadership. Many participants are more familiar with the process and culture of another standards body and are therefore more likely to use that frame of reference when pursuing IETF work. This results in volunteers with potentially less IETF experience, less understanding of IETF culture and less appreciation of the specific strengths (and weaknesses) of the IETF approach to standards development. Instead, they bring their own norms, often including a stronger sense of loyalty to other groups. This can create conflicting goals. One of the cornerstones to the IETF's cultural model is that an individual participates as a private individual rather than as a representative of their employer. The IETF Nomcom process requires confidentiality among participants. For example it is not acceptable for a participant to report details of the process to their work supervisor. Violation of confidentiality threatens participant willingness to be candid in interviews and discussions. Equally, politicking intimidates participants and makes political leverage more important than the skills of an applicant. Nomcom decisions are to be based on individual merit, such as quality of technical contributions. The model of personal participation Crocker, et al. Expires January 27, 2011 [Page 4] Internet-Draft NomcomTuning July 2010 encourages individual assessments based on professional judgment, rather than on expedient corporate preferences that are driven by current business interests. Certainly Nomcom takes note of organizational affiliation, but this is for better understanding the current perspective of the individual and for attempting to ensure diversity of views. Still some participants have difficulty making the distinction between their role as an individual, versus their role as a corporate representative. Whatever their causes, some significant problems are affecting the operation of Nomcoms. (For example, see [Nomcom2009].) The recommendations made here cover four basic areas of concern: Knowledge of IETF culture, rules and processes IETF leaders do work that is substantial and difficult. It is not possible to choose among different nominees without knowing the depth and breadth of that work, since different nominees will have different skills and limitations. Some IETF leadership work is managerial, some is conceptual, some is administrative and some is legal. A Nomcom voting member must understand which position requires which talents. By itself, attending a few IETF meetings cannot ensure enough experience with IETF leadership work to understand the current demands. Nomcom Confidentiality Nomcom performs a human resources personnel hiring, firing and retention process for the IETF. In order to obtain accurate and meaningful input from the community and in order to have full and frank discussions about nominees, the details of a Nomcom's work must be restricted to the current members of the Nomcom. The need is not merely for confidentiality of the comments made about nominees but also those made about everyone else. For example it can be extremely destructive to have a candid comment about the IESG get back to the IESG. Any pattern of such leakage makes it unlikely that candid comments will be offered. Nomcom Independence Since Nomcom is tasked with selecting IETF leadership, credibility in the Nomcom process relies on having Nomcom's operation be meaningfully independent of the current IETF leadership. At the same time, the process requires oversight, to ensure that it is fairly conducted. One source of tension, Crocker, et al. Expires January 27, 2011 [Page 5] Internet-Draft NomcomTuning July 2010 given these two requirements, is in having liaisons from leadership groups be responsible for oversight. They represent core IETF authority. Particularly within interviews, the fact of their role with those groups can sway participants away from full candor. This threatens the ability of Nomcom to obtain sufficiently complete information that is needed for making truly independent assessments. Politicking for Nominees An organized campaign that seeks selection of a particular nominee directly works against the Nomcom effort to select candidates based on merit. The use of political leverage is destructive to efforts at evaluating skills and accomplishments. However such politicking is common in some other standards groups and has been observed in the IETF. The basic concepts of confidentiality and protection against conflict of interest are intended to ensure that those entrusted with an important process are free to perform it, without any appearance or reality of external pressures and with strict focus on the quality of the process. This is not a question of individual integrity, but rather of inherent confusion created by any participant exerting undue influence on the Nomcom process. This note discusses some of these challenges and offers recommendations for alleviating them. The recommendations are specific. However the reader should distinguish between a suggested framework for action, configured according to a number of types of choices. That is, definition of parameters, versus the specific values assigned to those parameters. Therefore, the reader should separately consider the approach being suggested for solving an issue, versus the specific details suggested when using that approach. For example, there is a suggestion to have two different pools for selecting Nomcom members and criteria that would distinguish between the pools. It is possible to debate whether to have multiple pools, as distinct from debating whether the number should be two or whether the offered criteria for the second pool compose an acceptable set. Readers are encouraged to separately consider the broader recommendations versus the details that make the recommendations concrete. Equally, some recommendations lack complete detail. The details matter, of course, but first there must be agreement about the approach. The details should be developed after that. Readers are encouraged to offer alternatives and garner support for them, should they consider specific recommendations problematic. Crocker, et al. Expires January 27, 2011 [Page 6] Internet-Draft NomcomTuning July 2010 2. Nomcom Management There are informative specifications for the selection of Nomcom participants, for Nomcom's primary deliverables and for its major deadlines. [RFC3777] [RFC5078]. The documents provide little detail about Nomcom internal operations, and each Nomcom is both free and required to make many decisions about the details of the way it will operate, in terms of meetings, interviews, nominee analysis, decision-making methods and candidate selection criteria. Much of this flexibility is useful, to allow each Nomcom to determine the operating style that best suits the current year's Nomcom participants, as well as the current year's priorities that should guide its selections. However the fact that each Nomcom starts from what is essentially a clean operational slate makes its initial organizing efforts rather daunting. In order to develop sufficient understanding of the task and to review and resolve the logistical details, each Nomcom must scale a very large, initial hurdle. Although a Nomcom has the considerable benefit of on-going participation by the previous Nomcom's chair, there is no organized documentation to help Nomcom's benefit from the long history of Nomcom's useful or problematic self-management choices, although Nomcom Chair reports may contain some examples of guidance. RECOMMENDATION -- Nomcom Operations Guide A collection of past Nomcom chairs and participants should write non-normative guidance about common Nomcom operational process choices that have been made, when these choices seemed to work and what their limitations appeared to have been. A Nomcom remains free to make its own organizational decisions, but it has the option of simply adopting procedures and milestones recommended by a group that has had extensive experience in the process. (Implementation) This requires no formal authorization to start happening. While it might be appropriate to publish as an RFC and therefore might need a degree of formal IETF approval, it appears better to pursue this as an IETF wiki, to encourage continuing enhancement by the community. A basic wiki could easily be in place for the 2010-2011 Nomcom. Each Nomcom is created as a new group. One challenge in the management of new groups is to ensure that fair and thorough discussion takes place. Any group has the risk of excessive participation by one or another participant. This is exacerbated when that participant carries additional power, such as being the Crocker, et al. Expires January 27, 2011 [Page 7] Internet-Draft NomcomTuning July 2010 liaison of a confirming body. However the general concern about dominating discussion applies for all participants. RECOMMENDATION -- Nomcom Discussion Management It is primarily the job of the Nomcom Chair to ensure that no individual dominates the group. All participants in Nomcom discussions are encouraged to assist the Chair in assuring that no participant dominates Nomcom discussions. (Implementation) The conduct of meetings and the staffing of interviews is already under the control of the Nomcom chair. So this topic requires no change to Nomcom rules. However it will probably be helpful for the operations Guide and an RFC 3777 revision effort to emphasize this issue. RECOMMENDATION -- Selective Exclusion The Nomcom Chair may selectively exclude any participant from a single Nomcom activity. This action may be overridden by a majority of Nomcom Voting Members. Reasons for exclusion include, but are not limited to a conflict of interest, potential for violation of confidentiality, and potential for intimidation of other participants. (Implementation) This is a formal change to rules concerning Nomcom "members", which will require a modification to RFC 3777, presumably as an enhancement to an RFC 3777 revision effort. 3. Nomcom Member Knowledge Anyone who merely attends a few recent IETF meetings is allowed to volunteer for Nomcom. This rule has the considerable benefit of being highly inclusive, but it does not guarantee that a volunteer has any meaningful, direct experience in the IETF's technical or leadership processes. That is, the criteria and the selection process for members make it quite easy to have a Nomcom in which no voting members have ever written RFCs, participated in formal reviews of drafts, chaired working groups, or served on the IESG, IAB or IAOC/Trust. In fact given the proportion of IETF participants that have low levels of IETF process experience, the statistical probabilities over time make it virtually inevitable. The issue is a matter of insights and skills, not of motivations. Direct participation does not guarantee an understanding of what is needed to make the IETF work successfully, but it makes it more Crocker, et al. Expires January 27, 2011 [Page 8] Internet-Draft NomcomTuning July 2010 likely. The danger of a Nomcom with voting members who have little experience in making the IETF work is that they will have little direct knowledge of the qualities necessary for the people being selected to run the IETF. Job descriptions exist for the positions that are to be filled, and the descriptions are generally viewed as being useful. However they cannot provide insight into practical aspects of performing the jobs they describe, nor problems with the way those jobs are done. In addition, the jobs being filled are for leadership and oversight activities, yet Nomcom members often only have experience as individual contributors. So the nature of leadership skills also is not within their direct experience. A special comment should be made about filling the IAOC/IETF Trust position. The IAOC and IETF Trust perform the administrative and legal work of the IETF. The work, and the members doing it, tend not to be in the spotlight of the IETF and very few IETF participants have much understanding of the required knowledge or activities. Hence, even very active IETF participants are likely to have little insight into the details of that position. That makes it extremely difficult to evaluate nominees. The most recent Nomcom pursued a series of tutorials with IAOC/Trust, in an effort to improve Nomcom's ability to assess candidates. The tutorials were extremely helpful. RECOMMENDATION -- Nomcom Tutorials In order to select personnel for the IAB, IESG, and IAOC/Trust, Nomcom members need to understand the current responsibilities, activities and problems with these groups. To this end, it would be extremely helpful to hold a series of scheduled tutorials, during the first IETF meeting of a new Nomcom, by representatives of IAB, IESG, and IAOC/Trust. They should be closed, to permit more candid discussion. These tutorials will be important, independent of the knowledge level of a Nomcom's voting members. In addition to providing basic introductions to the nature of the work done by members of each group, it can highlight nuances of operation and current challenges. A Nomcom would, of course, be free to use or ignore the information from the tutorials, as it sees fit. (Implementation) This does not require any formal approval. It does require the collaborative concurrence of those presenting material and those attending. It could easily be put in place for the 2010-2011 Nomcom. The random selection of Nomcom members usually produces a number who have extensive IETF experience, but this really is merely a matter of Crocker, et al. Expires January 27, 2011 [Page 9] Internet-Draft NomcomTuning July 2010 statistical happenstance. The criteria for volunteers and the manner of selecting them make it statistically likely that some Nomcom will eventually have none of these "senior" participants. That is, the methodology makes it possible to have a Nomcom whose voting members have no meaningful expertise about the IETF's operation. Repeated application of this sampling rule means that the "possible" is certain to eventually occur. A Nomcom whose voting members lack sufficient expertise about IETF management issues is overly dependent on its advisers and liaisons. Such a dependence is a matter of strategic weakness that requires making changes to the criteria and procedures for selecting at least some Nomcom members to guarantee a basic level of expertise among voting members. RECOMMENDATION -- Nomcom Expertise Requirement There needs to be review and agreement on the baseline level of expertise that must be represented within Nomcom's voting members. This requires agreeing on the details of the expertise and on the minimal proportions of Nomcom that must have that expertise, as well as on the means by which differential expertise levels are selected. Based on this requirement, here is a specific proposal... RECOMMENDATION -- Selection Pool There needs to be assurance of a minimum presence of Nomcom voting members who have meaningful knowledge of IETF "decision and leadership processes". A greater level of knowledge is acceptable and preferred, but it is important to ensure a minimum, while avoiding turning the Nomcom into an exclusive committee of long-time participants. Therefore, create a second pool of volunteers who satisfy more stringent Nomcom participation rules. Volunteers in this 'expertise' pool must have been on the IESG, IAB or IAOC/Trust, or have been a working group chair. These positions require a degree of direct involvement in the process of IETF leadership. Three (3) volunteers from the 'expertise' pool are selected first. Those who are not selected from that pool are then added to the general pool of volunteers, for the second round of selection. Nomcom is not limited to having only three of its members be experienced. Crocker, et al. Expires January 27, 2011 [Page 10] Internet-Draft NomcomTuning July 2010 Various selection mechanisms are possible and reasonable. The specific details are less important than is the requirement for ensuring knowledge of IETF workings among the voting members. (Implementation) This is a formal change to Nomcom selection rules, which will require a modification to RFC 3777, presumably as an enhancement to an RFC 3777 revision effort. This enhancement might also require a change to [RFC3797], or the Nomcom chair might need to accurately describe this when they publish the seeds for the random selection. 4. Nomcom Confidentiality The IETF mandates that Nomcom's internal activities be confidential. Nomcom is a personnel hiring process and confidentiality is, therefore, an appropriate professional standard. Sensitive information about nominees and discussions needs to be kept internal to the Nomcom. Nominees, nominee's companies, the IAB, the IESG and others typically know more about the internal workings of each current Nomcom than they should. Examples abound. To cite one: with no prior discussion of the topic by a Nomcom member with a particular nominee, that nominee thanked the member for a comment the member made during the previous day's internal Nomcom discussion about the nominee! Leaks such as this are corrosive to the process. They mean that participants must assume all of their comments will be reported to others. This causes them to limit their comments, depriving Nomcom of valuable information about nominees. We need to reverse this tendency towards sloppiness. We need to make clear that confidentiality is important and is expected to be respected. Nomcom members need the understanding, incentives and tools to preserve this confidentiality. RECOMMENDATION -- Confidentiality Agreement Everyone participating in Nomcom needs to sign a formal Confidentiality Agreement. The Agreement needs to be carefully tailored to cover the particular roles and relationships of Nomcom members, especially including strictures against discussing Nomcom activities with their friends, family, co- workers, employer or other IETF participants who are not part of Nomcom. For example, it needs to specifically state that none of the covered information pertains to the signer's employer. Having participants acknowledge the terms of the Crocker, et al. Expires January 27, 2011 [Page 11] Internet-Draft NomcomTuning July 2010 Agreement means that the expectations on Nomcom members will be explicit, detailed and documented. A draft Confidentiality agreement is provided in Appendix A. (Implementation) Requiring use of this Agreement probably needs a formal change to Nomcom selection rules, which will require a modification to RFC 3777, presumably as an enhancement to an RFC 3777 revision effort. Note, however, that Nomcom members and those participating in the Nomcom process can voluntarily choose to sign the agreement, without any formal changes to RFC 3777. RECOMMENDATION -- Anonymous Input Any individual can submit anonymous comments, by approaching a Nomcom voting member and requesting to have their comments communicated with some obfuscation. (Implementation) Private contact with a Nomcom members are existing means of providing anonymous input. However this is not necessarily well known to the community. It will probably be useful to emphasize this alternative in the operations Guide document and possibly the Nomcom web page. It might also make sense to document them in an RFC 3777 revision effort. RECOMMENDATION -- Liaison Disclosures Liaisons are required to disclose some Nomcom information back to their groups, but there is no clear guidance about what is acceptable to disclose and what is not. Previous efforts to specify this as a strict rule reached an impasse, as did the effort to formulate one for this proposal. Generally the point of a confirming body's questions should be to ensure that the Nomcom was properly diligent in making their selections, and not to second-guess the Nomcom's choices such as by asking why a particular candidate was not chosen. Broadly, then, it is reasonable and appropriate for the confirming body and the Nomcom to discuss whether particular skills or issues were considered, but not to discuss the details about these skills or issues with respect to a particular candidate. Some examples are provided here, to show what types of interactions are viewed as acceptable and what types are not. Examples of interactions: Crocker, et al. Expires January 27, 2011 [Page 12] Internet-Draft NomcomTuning July 2010 + "Did the Nomcom consider a particular candidate's lack of skill in a specific technical area?" The question attempts to pursue details about a specific candidate, but Nomcom must not discuss candidate details. Hence a response of the form "Nomcom had extensive discussion of the candidate's technical skills" would be acceptable while a response such as "Yes, the Nomcom noted that gap in the candidate's skills, and chose the candidate in spite of it" would not. The error could be compounded by then discussing the particular deficiencies of competing candidates. + "Doesn't the Nomcom see that choosing particular candidates leaves a gap that a different, particular candidate would have filled?" This asks about the details of at least three candidates. A reasonable response would be limited to noting that Nomcom considered these candidates carefully and discussed the abilities of each and remains comfortable with the selection(s) made. A problematic response would discuss the details of particular candidates' skills or any disclosure of the details of the discussion, or of why, specifically, a particular candidate was not chosen. + "Did the Nomcom consider a particular skill or factor for a particular candidate, or compare particular candidates according to particular factors?" This crosses into details about specific candidates. On the other hand, it is reasonable for Nomcom to respond that it considered the importance of the skill, when evaluating candidates. + "Why wasn't a particular candidate chosen?" Nomcom must not discuss the details of its reasons for picking or rejecting specific candidates. + Did the Nomcom consider the disastrous personality conflicts between a particular candidate and another IETF participant, when they selected the candidate to work alongside that participant?" If indeed this provides Nomcom with new information, it could be reasonable for Nomcom to response "No, the Nomcom may not have been aware of that situation." Perhaps more safely, the Nomcom could respond that this concern is indeed serious but that Nomcom still supports the candidate, or that Nomcom wishes to instead select a different candidate. Note that this responds to the substance of the concern being raised, but not to its direct application for a specific candidate. + A confirming body might directly or indirectly recommend an alternate candidate or, worse, suggest someone who was not Crocker, et al. Expires January 27, 2011 [Page 13] Internet-Draft NomcomTuning July 2010 nominated. In general, the best response would be in the style "Nomcom selected from among the nominated candidates the one who exemplified the best available mix of capabilities." (Implementation) If a liaison is not completely certain that it is acceptable to convey certain information to the confirming body, or to answer a particular question, they should bring the issue to the Nomcom chair and abide by the chair's guidance. This practice would be useful to record in the proposed Guide. 5. Nomcom Independence There are several concerns that have the potential to undermine the independence of the Nomcom process. The multiple roles of liaisons from the IETF groups for whom candidates are selected can produce competing goals and their presence in portions of the Nomcom process can produce distraction or intimidation. In addition, attempts to assert undue influence in terms of promoting a nominee based primarily on affiliation and politicking in general have become problematic. Separately, any participant in Nomcom's internal or interview processes can come to exert excessive influence. This last concern is discussed in Section 2. 5.1. Liaison Influence Liaisons to Nomcom serve multiple roles. In addition to the usual job of "representing the views of their respective organizations" and providing information to Nomcom, liaisons are tasked by [RFC 3777], Section 4 #7 with a process oversight function for the IETF in general and for their respective groups. Since Nomcom fills positions in three of the groups that provide liaisons, these groups' liaisons face inherent conflicts of interest. It can be difficult to provide neutral oversight and maintain confidentiality to a group which is judging the body that the liaison is representing. Still, the need for oversight reasonably extends to include at least a sampling of interviewing. Further, there might be specific concern about a specific interviewer, prompting a need to observe their interviewing behavior. For example, the mere presence of some people who hold special positions of authority (and therefore power) is sometimes problematic in an interview. Interviewees making comments about one of these groups have reported concern when a liaison from that group is present, and are known to have avoided certain issues, for fear of jeopardizing their working relationship with that group. Indeed, liaisons have been known to report back to their groups the internal Crocker, et al. Expires January 27, 2011 [Page 14] Internet-Draft NomcomTuning July 2010 discussions of a Nomcom. Balancing these conflicting needs and concerns is challenging. The concern for oversight has sometimes led to the extreme of having liaisons participate as fully active Nomcom members, including participating in every interview! The problem with suggesting that they participate in only some is that this gives an appearance of balance, but does not address the problem, for those interviews in which a liaison is present. Some obvious and reasonable choices appear not to be workable. For example, one thought is to limit interview presence to liaisons who are not part of a direct IETF leadership team. At best this reduces to only the ISOC Liaison. However that would rely on the interviewee's understanding the distinct difference in roles for that liaison, and most will not. Further, it can reasonably be argued that a representative from the group that supplies the IETF with much of its funding should be counted as having significant (and potentially intimidating) power. RECOMMENDATION -- Interview Monitoring Liaisons must not sit in on interviews without a specific invitation. Liaisons currently have a monitoring responsibility that reasonably includes sitting in on interviews. However some interviewees are intimidated by having liaisons present from IETF leadership groups -- currently consisting of ISOC Board of Trustees, IAB, IESG and IAOC/Trust. In order to remedy this, Liaison participation in interviews must be a considered exception, and not a regular practice. In order to achieve the required monitoring of interviews, the Chair and Advisors are tasked with attending interviews -- but only as needed -- such as at the specific request of a Liaison. [RFC3777] (section 4, rule 3) gives any committee member the right to propose the addition of advisors to participate in some or all of the deliberations of the committee. Under that authority, committee members may choose to propose one or more advisors to monitor interviews. The chair can therefore appoint additional Advisors to assist with this, where the Advisor is not affiliated with any IETF leadership group and is not a candidate for any position with one. This recommendation was the most difficult to develop, of those in this proposal. It balances removing the inherent conflict of interest and potential for intimidation from interview situations, while ensuring that reasonable interview oversight Crocker, et al. Expires January 27, 2011 [Page 15] Internet-Draft NomcomTuning July 2010 is possible. This recommendation was the most difficult to develop, of those in this proposal. It removes the inherent conflict of interest and potential for intimidation from interview situations, while ensuring that reasonable interview oversight is possible: Liaisons currently have a monitoring responsibility that reasonably can and should include sitting in on interviews. However some interviewees are intimidated by having liaisons present from IETF leadership groups -- currently consisting of ISOC Board of Trustees, IAB, IESG and IAOC/Trust. In order to remedy this, xxxLiaisons must not sit in on interviews. In order to achieve the required monitoring of interviews, the Chair and Advisors are tasked with attending interviews as needed, possibly at the specific request of a Liaison. RFC 3777 (section 4, rule 3) gives any committee member the right to propose the addition of advisors to participate in some or all of the deliberations of the committee. Committee members may choose to propose one or more advisors to monitor interviews, under that authority The chair can therefore appoint additional Advisors to assist with this, where the Advisor is not affiliated with any IETF leadership group and is not a candidate for any position with one. (Implementation) As a formal prohibition, this is a formal change to Nomcom selection rules, which will require a modification to RFC 3777, presumably as an enhancement to an RFC 3777 revision effort. Note, however, that the Nomcom Chair is entirely responsible for defining Nomcom procedures; and each Nomcom determines the attendance and style of the interviews it conducts. Therefore as a practical matter, any Nomcom can choose to exclude its liaisons from the pool of interviewers. It also can choose to appoint additional Advisors to assist with interview oversight. Still, this issue is core and inherent; for the long-term, its handling should be the result of a formal IETF consensus process. 5.2. Politicking The current reality is that politicking during the Nomcom process does take place, sometimes quite aggressively. It is one thing for a nominee to make invididual and personal requests for support. It quite a different thing to have an organized campaign by a business associate, such as an employer. As an example, one company sought to recruit the employees of its business partners who participate in the IETF to register positive comments on the Nomcom wiki. The IETF Nomcom process needs protection against these sorts of Crocker, et al. Expires January 27, 2011 [Page 16] Internet-Draft NomcomTuning July 2010 attempts at manipulation. The IETF needs to make clear statements about the behaviors that are acceptable, and those that are not, among anyone involved directly or indirectly in the IETF process. RECOMMENDATION -- Etiquette Guide In order to ensure that every participant and organization involved in the Nomcom process can be easily and adequately informed of what is expected of them in the process, there should be an "etiquette" guide supplied to all participants, nominees, nominees' organization, interviewees, and others. (Implementation) This is not, technically, a formal change to Nomcom rules. It could probably be implemented informally. However it asserts IETF norms. If only to add to its credibility, this should be a normative document, detailing desired and acceptable behaviors and those that are prohibited. RECOMMENDATION -- Politicking Any evidence of politicking should be reported to Nomcom and should be treated as a significant, negative factor when considering the nominee who is intended to benefit from the politicking. (Implementation) Nomcoms develop their own criteria. Hence the use of this criterion does not require any formal change. It will be useful to include this item in both the proposed operations Guide and the Etiquette Guide. 6. Acknowledgements This draft is the result of discussions among an ad hoc Nomcom Selection Design Team, including Spencer Dawkins. Additional review and suggestions have been provided by: Ross Callon, Olaf Kolkman, Jason Livingood, Tony Hansen, Danny McPherson, Hannes Tschofenig. 7. Security Considerations This document has no security implications, except for the viability of the IETF's Nomcom process. 8. Informative References [Nomcom2009] Crocker, et al. Expires January 27, 2011 [Page 17] Internet-Draft NomcomTuning July 2010 Barnes, M., "Nomcom Chair's Report: 2009-2010", I-D draft-barnes-Nomcom-report-2009, February 2010. [RFC3777] Galvin, J., "IAB and IESG Selection, Confirmation, and Recall Process: Operation of the Nominating and Recall Committees", RFC 3777, June 2004, . [RFC3777bis] Galvin, J., "Operation of the Nominating and Recall", I-D draft-galvin-rfc3777bis-00 (expired), March 2009. [RFC3797] Eastlake, D., "Publicly Verifiable Nomcom Random Selection", RFC 2777, June 2004. [RFC5078] Dawkins, S., "IAB and IESG Selection, Confirmation, and Recall Process. Revision of the Nominating and Recall Committees Timeline", RFC 5078, October 2007. [RFC5680] Dawkins, S., Ed., "The Nominating Committee Process: Open Disclosure of Willing Nominees", BCP 10, RFC 5680, October 2009. Appendix A. Draft IETF Nomcom Independence and Confidentiality Policy I am participating in the Internet Engineering Task Force's (IETF) nominations process. Working with the independent IETF Nominations Committee (Nomcom) often includes access to information that is confidential. Preservation of the Nomcom's independence and confidentiality are necessary to the integrity of that process. In light of this I understand that: I am participating as a private individual and not as a representative of any organization. The confidential information that is part of the Nomcom process includes: * The activities of IETF participants, as they are part of IETF work, and * Details of the IETF's Nomcom operation. An example of confidential information that I am expected NOT to disclose is information about my business associates, such as my employer, that is not already public information. Crocker, et al. Expires January 27, 2011 [Page 18] Internet-Draft NomcomTuning July 2010 I must not share any Nomcom confidential information with anyone, unless the Nomcom Chair indicates it is acceptable. In particular this means that I must not share any Nomcom information with co- workers, family, friends or other IETF participants who are not members of the current IETF Nominating Committee. I understand that it is not possible to know what details are harmless and what details are not. For example, people outside of the Nomcom can combine small amounts of apparently harmless, confidential information from multiple sources, in order to generate a surprising level of insight into the workings of the current Nomcom, and then disrupt its process. Therefore, I must not communicate any of the Nomcom information to which I have access. Sometimes an employer, colleague, friend or family member will attempt to pressure a Nomcom participant to reveal confidential information or to take particular actions. I must explain to them that the Nomcom confidentiality and independence policies do not permit me to discuss this information or to act at their direction. I should resign from the Nomcom, rather than allow my employer or others to require that I disclose confidential Nomcom information or change my interactions, preferences or voting. I acknowledge that I have read and understand this Policy statement. Participant: Name (Print or Type): Signature: Date: Crocker, et al. Expires January 27, 2011 [Page 19] Internet-Draft NomcomTuning July 2010 Authors' Addresses D. Crocker (editor) Brandenburg InternetWorking 675 Spruce Dr. Sunnyvale USA Phone: +1.408.246.8253 begin_of_the_skype_highlighting +1.408.246.8253 end_of_the_skype_highlighting Email: dcrocker@bbiw.net URI: http://bbiw.net Scott Brim Cisco Email: scott.brim@gmail.com Joel Halpern Ericsson P. O. Box 6049 Leesburg, VA USA Phone: +1.703.371.3043 begin_of_the_skype_highlighting +1.703.371.3043 end_of_the_skype_highlighting Email: Joel.Halpern@ericsson.com Bert Wijnen begin_of_the_skype_highlighting end_of_the_skype_highlighting Email: bertietf@bwijnen.net Barry Leiba Internet Messaging Technology Email: barryleiba@computer.org URI: http://internetmessagingtechnology.org/ Mary Barnes Polycom Email: mary.ietf.barnes@gmail.com Crocker, et al. Expires January 27, 2011 [Page 20]