This thread has mostly looked at the details of the recent problem, and hasn't responded much to Sean's original points. A very notable exception is Eric's thoughtful consideration of the approaches that might be taken for a discussion forum. The note about Sean's credibility obviously is also relevant, but I'll note that the recent DNS controversy has made it clear that no amount of personal credibility is enough to withstand a sustained and forceful attack by a diligent and well-funded opponent. Hence, the effort under discussion, here, needs a group behind it, not just an individual. Which is not to say that having it led by a highly credible individual isn't extremely helpful. In considering the possible modes that Eric outlines, the two questions I found myself asking were about openness and control. Is it important that the general public be kept out of the analysis and reporting process, as is done for CERT, or is it important (or at least acceptable) that the public be present? With respect to control, should the discussion be subject to control by an authority or should it be free-form? At 02:17 PM 11/13/98 -0500, Eric M. Carroll wrote:
- constitute a mailing list for failure analysis, everyone pitches in with or without assistance. The simple act of analyzing the options and possible failure modes is of value (note the reaction from Paul to your mail message - thus value is demonstrated!)
This is the open/no-control model. It is the best for encouraging a broad range of opinion. It is the worst for permitting ad hominems, spin control efforts, etc.
- constitute a closed mailing list, by invitation only. Ask vendors for cooperation, and publish the results with the names removed to protect the guilty and ensure their cooperation. Publish their names if cooperation is refused.
This is probably the best for thoughtful analysis and the worst for information gathering.
- created a moderated digest list, IFAIL-D, and take input from anywhere, but vet it through a panel of experts for analysis and publication. That's basically your newsletter.
Open participation means broad input. Moderation means control over the emotional, etc. distractions. It also might be quite a bit of effort for the moderator...
- create a real working group that meets and travels, and visits the vendors in person. Perhaps they get badges eventually, or cool NTSB like jackets ;-)
The most fun for the participants, expensive, and probably not (yet) necessary. I've biased the analysis, to show which one I personally prefer, but it's predicated on having a moderator with the time and skill to do the job. On the other hand, if we take the event detail analysis that has been mostly going on for this thread, we find that contributions have been thoughtful and constructive, so that the job of the moderator would have been minimal. In essence, the moderator introduces a small amount of delay but adds a safety mechanism in case the tone would otherwise start getting out of hand. And now that I've said that, there is a question about timeliness. Does the analysis need to be able to occur in emergency mode, to get things fixed, or will these only be post hoc efforts? d/ =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Dave Crocker Tel: +60 (19) 3299 445 <mailto:dcrocker@brandenburg.com> Post Office Box 296, U.P.M. Serdang, Selangor 43400 MALAYSIA Brandenburg Consulting <http://www.brandenburg.com> Tel: +1 (408) 246 8253 Fax: +1(408)273 6464 675 Spruce Dr., Sunnyvale, CA 94086 USA