[ih] Very early days of the IANA

Fri Apr 8 19:36:03 PDT 2011

    > From: Jorge Amodio <jmamodio at gmail.com>

    > As far as I remember that was discussed before and during the first
    > Inet meeting in Denmark (1991) that led to the creation of ISOC, as
    > a path to provide some sort of institutional umbrella and legal
    > protection to IANA, IAB and IETF.

I have some memories to contribute that go back a bit further.

There was an ad-hoc discussion at a speaker's meal (no idea if it was
breakfast or lunch) at an Interop in San Jose (sorry, don't remember which
one, but it was one of the first ones), and IIRC I think the participants
included me, Craig Patridge (definitely), Phill Gross (likely), Vint
(possibly) and Scott Bradner (possibly). The topic was how to get
manufacturers to actually fix security bugs, and we discussed the
possibility of using liability issues to light a fire under them. (As in,
the manufacturer is notified of a bug, they don't move expeditiously to
fix it, someone suffers losses as a result of a breakin which uses it,
then the manufacturer might be liable for losses as a result.)

I had an existing relationship with someone at the Washington office of
Hale and Dorr (at that point, the law firm I was using) whose name I
cannot remember since I'm tired (I can trivially look it up if it's
important), which I had formed through using them to put together a
sentencing memo for the court in the RTM 'worm' case. I volunteered to
have them look into the issue.

Hale and Dorr promptly produced a fairly good-sized tome (which I can
probably locate a copy of, if it's important) on liability issues, and
they then raised the issue of _standards body_ liability. It was a kind of
'good news - bad news' thing, in that standards body members (especially
of an ad-hoc group like the IETF) as individuals _could_ be liable... but
there were some fairly easy steps we could take (and there's a famous case
involving, IIRC, boiler-making standards to set precedent) to make us
pretty immune. (Not against a suit being filed, since you can't stop that,
but against losing such a suit.)

This was all revealed to a group of us (including me, Vint (pretty
definitely), Scott Bradner (possibly), and a few others) at the Washington
offices of Hale and Dorr. The notion that we all could be personally
liable was something of a shock - I remember fairly vividly the expression
on Vint's face, and his verbal reaction, when that sunk in!

Anyway, as far as I know that's what produced the interest in having a set
of rules that made us relatively safe from liability, as well as an angel
body overhead to 'shield' us as individuals, hold insurance, etc, etc. I
do not recall the Denmark meeting you speak of, but I am pretty sure that
that would have been later.

I can dig up documents on this if anyone really cares (including my Hale
and Dorr bills, which I think should give us the date of the Washington
meeting). I don't think I paid for anything after that, I think the
legal work was taken over by some other entity right after that meeting.

	Noel