Happenstance versus planning

A friend recently told me about a time, 25 or 30 years ago, when she took her kids out for pizza at a place that her husband would pass as he walked home from the commuter train. She figured he’d see their car there as he approached and would come in, and that’s exactly what happened: he arrived just about the same time the pizza did.

When she told me that, I imagined him smiling when he saw the car. I imagined the pleasant surprise of seeing it and realizing that his wife and kids were there, with a pizza in the oven for them all. The day was ending differently from how he’d expected, and it was nice.

I also thought that they’d do it differently today. They’d have mobile phones, and he’d get a phone call while he was on the train. “Hey, I’m taking the kids to the pizza place. Meet us there on your way home? OK, great, see you there.” Maybe he’d call them when the train arrived. “I’m walking. Order me a beer now, OK?”

It would have the advantage of not leaving things to chance. What would have happened, in 1980-ish, if he’d had something on his mind and not noticed the car? Or if the train had been delayed, or he’d gotten stuck at work and was on a later train than usual? Nowadays, we’re in communication much of the time, and our planning is more precise, more sure.

But they’d lose that delightful surprise. Seeing your family’s car at the pizza place isn’t the same as getting a call on your mobile; the latter dims the spark, dilutes things a bit.

Of course, they could still do it the old way, even today. The thing is that they probably wouldn’t, for exactly the reason of not risking the glitches. By smoothing out the wrinkles in these sorts of situations, we’ve taken something away, too. The technology has brought us a great deal, and I love it. It’s just that it’s not without its own small cost.

Interpretations

Last evening, some friends and I were discussing how different people make different compromises in religious observance in a modern world. I know people, for example, who keep kosher at home, but don’t worry about it when they eat out — what we used to call “a kosher kitchen and a treyf stomach.” Of course, plenty of Catholics use birth control mechanisms — real ones. That sort of thing.

Some of these are simply choices that one makes: one knows that it’s not what one is “supposed to do,” but one opts for it anyway, as a way of adapting. But often it amounts to varying interpretations of “rules”.

An obvious example is the admonition against killing. Most of us will make an exception for self defense, or defense of one’s family. Some allow for the state to kill someone as punishment, while some don’t. It’s all a question of interpreting the meaning of the rule.

It’s what judges are assigned to do: they read laws, hear arguments, and decide how the laws apply to the case at hand, interpreting the law in the process. Usually, they use earlier interpretations as a basis for their own. Sometimes they branch out.

Of course, interpretations are opinions, not absolutes. And opinions differ.

The interesting thing is that when it comes to interpretations of religious texts and rules, people do tend to treat them as absolute. One seldom hears, “It’s my opinion that God doesn’t like [x], but others may disagree,” or “The Bible forbids [y], according to my interpretation.” We can read novels for school and analyze them in class. We can watch movies and talk over coffee about what they meant to us. Yet we claim to “know”, without question, the meaning of vague, archaically worded text that was written thousands of years ago.

I’m afraid I haven’t done very well at conveying last night’s discussion — it was more interesting than this. Sorry. I wish I’d had a scribe....

Do you know the way to San Jose?

Recently, a friend and I had a discussion about why an Internet map service chose a particular route. And, actually, I’ve been thinking quite a bit, lately, about our reliance on these services and on GPS-based navigation devices. It’s common for two devices (or two services) to choose different routes when you ask for directions, or for them to behave differently when they have to recompute a route because you went off course.

First, I’ll point out the obvious: at best, they’re only as good as their databases. But some of the ramifications of that fact aren’t so obvious. It used to be common for them to try to send you the wrong way down a one-way street. That’s less frequent now, as one-way-street information has been added, but it’s still common for them to suggest illegal turns, such as a left turn at a spot with a “no left turn” sign.

There are also many “paper roads” — roads that were approved and are on the maps, but which were never actually built, or don’t connect the way the maps say they do. Conversely, there are roads that have been built but aren’t on the maps at all. Sometimes that’ll be corrected when the map information is updated, and there’s a case where the Internet services have an advantage over a GPS-based device whose database might not be updated at all until the device is replaced.

Any of those situations can result in sub-optimal route selection, even to the point of getting you lost. But they’re not the only causes of a route choice that seems a little strange. Computer programs don’t consider navigation the same way that people do, and the algorithms the programs use will often optimize differently, and will lack some of the social knowledge that’s important in choosing which roads to drive.

There’s the question of speed limits and actual prevalent speeds. There’s the road quality — poorly maintained roads, or ones with particularly narrow lanes, for instance. As a driver, you’ll want to avoid streets with a lot of busy stores, ones that have frequent traffic jams, ones that are heavy bus routes, and ones where the timing of the traffic lights is especially bad. And around here, everyone knows that you just don’t take the Cross Bronx Expressway, which uses a meaning of “express” that you won’t find in any dictionary.

The algorithms don’t take any of that into account, at least not in general.

And once the route is chosen, just following the directions can be confusing. When a road changes names, the verbal directions will tell you that it’s a new road, even though it’s the same physical road that you’re driving on. Sometimes an “exit” actually means that you stay on the main road, depending upon the local designations. And roads often have multiple names. Sometimes the map programs use one name, but the road is universally known by a different name by the locals. And, of course, the programs don’t know about landmarks.

Take this segment of directions, for example, from one of the Internet services, Maps On Us:

Turn LEFT (East) onto Summit Ave		0.5 mi
Entering New York		< 0.1 mi
Road name changes to Old Pascack Rd		0.3 mi
Bear LEFT (East) onto W Washington Ave		0.8 mi
Turn RIGHT (South) onto Railroad Ave

Note the artificial distance after “entering New York”, the subsequent name change (which actually happens at the NJ/NY border), and the “bear left” instruction.

Now here’s the version from MapQuest:

Turn LEFT onto SUMMIT AVE (Crossing into NEW YORK).		0.1 miles
SUMMIT AVE becomes OLD PASCACK RD.		0.2 miles
Stay STRAIGHT to go onto W WASHINGTON AVE.		0.8 miles
Turn RIGHT onto RAILROAD AVE.

They attach the entry into New York to the turn onto Summit, when it actually belongs with the name-change to Old Pascack Rd. They tell you to “stay straight” for W Washington, rather than to “bear left”, a much more accurate view — in fact, it’s another name change, as far as anyone driving the road can tell. And they get the distances wrong, understating the total by almost half a mile.

This one is from Google Maps:

Turn left at Summit Ave Entering New York		0.5 mi
Continue on Old Pascack Rd		0.3 mi
Continue on W Washington Ave		0.8 mi
Turn right at Railroad Ave

They do it best, getting the distances right and using "continue on" to make it clear that you’re just staying on the road, and the name is changing. Still, they, too, group the entry to New York in the wrong place.

And here’s the version I would give:

Turn left on Summit Ave — there’s a traffic light and a Lukoil station. In about a mile and a half you’ll cross route 304 and then the railroad tracks. Turn right as soon as you cross the tracks, onto Railroad Ave.

People like a landmark here and there, to assure us. And we prefer that extraneous information be omitted — it’s not really significant that the road’s name changes twice, and calling it out so explicitly just adds confusion to what’s only a mile and a half on a straight road. And you know you’re going to a place in New York; the directions don’t need to try to tell you exactly when that will happen.

The advantage, of course, with the active navigation systems that you take with you, that use the GPS satellites, is that it’s not so important for them to tell you how far to go nor what landmarks to look for. They tell you, on the spot, at the moment, what to do. You don’t have to know whether the left turn you want is at the light or at the gas station — “Turn left, now,” makes it clear. And if you make a mistake, miss a turn or take a wrong one, the system will recompute the route and tell you how to recover.

On the other hand, the recomputation isn’t always smooth. Probably the most surreal experience I’ve had with a GPS-based system happened in Florida, when my brother had plotted a route to northbound I-95, but decided to go his way instead of following the navigator’s directions. It recomputed three or four times before the two of them finally agreed on a turn. But what happened next was truly odd. I’ve drawn it on the map below (click to enlarge): the blue line shows the correct route; the red line is what the GPS system wanted us to do, complete with the odd u-turn in the middle of a major intersection.

We're still better off getting directions from a human who knows where to go, and checking computer-generated directions against that.

Are tax laws “biblical”?

The New York Times headline is provocative: Professor Cites Bible in Faulting Tax Policies. The blurb in the Atom feed also piqued my curiosity.

The work of a professor at the University of Alabama Law School has prompted some other scholars to scour religious texts to explore the moral basis of tax and spending policies.

My first thought was, “Yeah, right. Let’s try to fit one more bit of modern society into a millennia-old fanciful storybook.”

Professor Susan Pace Hamill teaches at the University of Alabama Law School and “holds a degree in divinity from a conservative evangelical seminary” (to which my first thought was, “A degree in what? And how does that qualify her for anything?”; but to continue on that path would be a significant digression, so let’s stay on track here).

Professor Hamill asserted that 18 states seriously violate biblical principles in the way they tax and spend. She calls Alabama, Florida, Louisiana, Nevada, South Dakota, Texas “the sinful six” because they require the poor to pay a much larger share of their income than the rich while doing little to help the poor improve their lot.

Professor Hamill’s point is that the bible represents “the moral compass chosen by most Americans”, and so it makes sense to compare public policy with that “moral compass”, and see how it measures up.

OK, this seems as good a place as any to point out that we generally “seriously violate biblical principles” all over the place, by not keeping slaves, not beating disrespectful children to death, and other sorts of things like that. Of course, there are those who think that more’s the pity with regard to those too, but, well, we generally consider them to be right nutters.

In other words, it should surprise no one that public policy, made recently and by legislators with many yokes of oxen to gore, does not match some biblical “ideal”, which if you looked at it at all closely wouldn’t turn out to be ideal anyway. We’ve tossed out a load of things that we’d consider barbaric in today’s light. We’ve eschewed plenty of things that, while they still exist in our morality, don’t have a place in our system of laws. And we’ve made some mistakes along the way, of which the tax laws she cites might be examples.

And then she jumps right off the deep end, with the fallacy that we’re amoral without religion to keep us in line:

“The Bible commands that the law promote justice because human beings are not good enough to promote justice individually on their own,” she said. “To assume that voluntary charity will raise enough revenues to meet this standard is to deny the sin of greed.”

Bull. Shit.

There are greedy people, indeed. There are also robbers and murderers and child molesters. But most of us are none of those. Even if we stipulate that there’s some aspect of greed in all of us, most of us still, as individual human beings, have enough of a moral foundation to do what’s right most of the time, and to take a part in helping people. Some of us get the motivation for that from religion, and some of us do not. But I don’t think for a moment that if religion were out of the picture, we’d round up all the homeless and push them into the East River.

I’m often puzzled that the New York Times gives ink to this sort of junk.

Oops. I just did too.

Benazir Bhutto has been killed

Oh, damn it:

The Pakistani opposition leader Benazir Bhutto was assassinated near the capital, Islamabad, on Thursday. Witnesses said Ms. Bhutto, who was appearing at a political rally, was fired upon by a gunman at close range, quickly followed by a blast that the government said was caused by a suicide attacker.

Ms. Bhutto, a former prime minister of Pakistan, was declared dead by doctors at a hospital in Rawalpindi at 6:16 p.m. At least a dozen more people were killed in the attack.

Dr. Abbas Hayat, professor of pathology at Rawalpindi General Hospital where Ms. Bhutto was taken, said doctors tried to revive her for 35 minutes, but that she had shrapnel wounds and head injuries and was in heart failure. He said he could not confirm whether she had bullet injuries.

Mele Kalikimaka

Christmas eve hike

 

 

Carnivals!

France: Saboteurs Attack Speed Cameras and Demand Ransom

A group calling itself the Nationalist Revolutionary Army Faction says it has blown up at least seven speed cameras on French roads and has demanded money from the government to stop, the police said. The radio station RTL said the group had asked for a significant sum, along with tax cuts and “less repression.”

Pointers to this fortnight’s blog carnivals:

• Skeptics’ Circle #76.
• Carnival of Feminists #50.
• Carnival of Education #149.
• Carnival of Education #150.
• Carnival of Mathematics #22.

Ruminants

There were seven of them out in my back yard yesterday morning. Can you find them all in this photo? (Click to see it full-sized, of course.)

The alternative minimum wealthy

On the Brian Lehrer show, yesterday on WNYC, the local public radio station, Brian talked with Alvin Hall, “personal finance expert and author of You and Your Money: It’s More Than Just the Numbers.” As they took calls from listeners, they got into comments about the alternative minimum tax. Listen to the segment 15:23 into the audio stream, where they take a call from Helen in Manhattan:

Helen: I have a kind of political take on this. My husband and I together earn a little over $200,000 a year, and we’re constantly getting stuck with the alternate [sic] minimum tax. And of course, we don’t get help on college tuition, and we have high property taxes, so... we’re not rich. So I checked the New York Times cost of living comparison, and I saw that $200,000 in New York is really a middle-class income elsewhere in the country. And the alternate minimum tax seems to hit hardest on people living in big cities, in cost-of-living areas. And they also happen to be heavily Democratic areas, so I’m wondering if it may be a disincentive to the Republicans to adjust the... or abolish the alternate minimum tax because it seems that they’re hitting the hardest on the urban middle class, and I know if you’re making $30,000 a year, $200,000 sounds like a lot, but when you do...

Brian: And... but, to be fair, I think at $200,000 you’re probably in the top 5% of earners in this area.

Alvin: Yes, you are... yes.

Helen: Well, in the... in the area, but I notice that after we’ve paid all of our bills, and we’ve paid our property taxes, which are about $20,000 a year, and we pay our college tuition, and we pay for our medical insurance because we don’t get help... uh, much help because we’re professionals, and obviously our...

Brian: I hear what you’re saying, and I have to go because we’re running out of time, but... we just have 30 seconds left, Alvin. Is it in effect a “blue state” tax?

Alvin: It does seem that way, given the number of people who are hit in these areas, but in reality it’s much more general than that. It’s that we feel it more because the cost of living here is higher for us. Whether you’re earning that money in California, Kansas, or Missouri, you’re gonna get hit with that tax.

Now, Alvin Hall sort of ignored Helen’s point in his answer: what she’s saying is that the amount of income that qualifies as “Holy crap, you make how much?” varies based on where you live, and that someone earning that money and living in Kansas can afford to toss some extra money Uncle Sam’s way, whereas in New York the money doesn’t take one as far.

And that’s true enough: it does cost more to live in New York City than in many other places.

What’s also true, though, is that people like Helen are exactly those for whom the alternative minimum tax was designed: people who make lots of money and have an unreasonable sense of entitlement about it. Helen, really, how can you take a thought like, “I know if you’re making $30,000 a year, $200,000 sounds like a lot,” and stick a “but” after it?

There’s no “but” on that one, Helen. I’m awfully sorry that your property taxes are bothering you, that those designer cocktail dresses kind of run into some real money, and that you can only see three plays a week, I really am. But, as Mr Lehrer says, you’re already in the 95th percentile in income, even for New York City, and be honest here: you do have some money tucked away in long-term investments, hm? Yes, there you go, I knew you did.

And you gave yourself away there, with that “I know... but” statement. Because you do know, and yet you think you deserve a break anyway. Helen, you and the Mister already have all the breaks. Be very happy that you can send the kids to Columbia and Cornell (I know you’re not talking about college tuition at CCNY), drive a couple of expensive German cars, and still have an occasional meal at Le Bernardin.

While you’re thinking about that, have a glance at the lady who cleans your apartment. She’s got no college tuition to worry about, because even CCNY for her kids is just not in the budget. No property taxes, because she can’t afford to buy. Probably no health insurance either, nor much in her savings account. She takes the bus, and her rice-to-meat ratio is very different to yours. And she lives in New York City too.

...and now Colorado

First California, then Ohio... and now Colorado:

Thousands of Colorado’s electronic voting machines do not work properly and have been decertified, according to a review by the Colorado secretary of state that has left elections officials scrambling to find viable machines in time for local and Congressional primary elections in August and the presidential election in November.

[...]

The review, by electronic voting systems experts, outside auditors and cyber-security specialists, found multiple problems with machines that were made by Sequoia Voting Systems, Hart InterCivic and Election Systems & Software and that are used in 52 of Colorado’s 64 counties, including Denver.

Two types of Sequoia electronic machines could not accurately trace security breaches, the review found. Hart’s optical scan machines did not count votes accurately, and the optical scan and electronic machines made by Election Systems & Software suffered programming errors and could be disabled by voters.

And, of course, once again, “All three companies defended their machines, saying they had been used successfully throughout the country.”

Mm-hm.

Addressing comments from Tuesday’s post:

Paul said:

I’ve said it before, and I’ll say it again. The problem you have is the size and complexity of your ballot. If the only thing on your ballot was which candidate to vote for for president, computerized voting machines would not be necessary, and you would get a higher voter turnout. The election of the most powerful man in the entire world is too important to be jeopardized by the need to elect a dog catcher in Aurora, Illinois, or decide on library funding in Waldport, Oregon. Those issues should be decided in other state and municipal elections at different times.

Yep, I agree with you. The trouble is that that would take either a constitutional amendment or an unprecedented level of cooperation among the states.

We should have a national election for president, but we don’t. We have 54 little elections that all happen on the same day. And each of those little elections, in each state, the District of Columbia, and the territories, has its own local stuff in it, as well as its own rules — the rules differ in each as to who can be on the ballot, how the voting is done, what happens during recounts, and so on.

It’s insane, but it’s the United States. Maybe you should move to Canada.

Um, no, wait....

Andy said:

Sarcasm aside, developing new electronic solutions seem bound for disaster, even using an open process. It’s hard to get software right, much less reliable and secure. My current favorite solution is a paper-based mechanism using a simple format. Something odd? Just count them again.

Paper is fine as far as it goes, and we’ll certainly see this stuff going on for some time yet. Maybe it’ll be ten years, maybe twenty. Maybe even fifty. But voting with computers is inevitable; we will move the technology forward and go there. It’s what we do. Here: go buy a car any more that doesn’t have a computer running it. We even have them in our coffee pots and toasters.

So we might as well start now in designing it right, because, yes, it’s not going to come easily.

And moving to Canada won’t help on this one.

More on portion sizes

Here’s something else to go along with my comments about insane portion sizes. It’s an item in Men’s Health magazine, reported here at MSNBC, about how forthcoming — or not — some restaurants are about their product, with respect to health and nutrition:

It seems simple: a law that requires nothing more than having restaurants tell us what we’re putting in our mouths. Yet the California Restaurant Association, which represents all of the state’s largest chain restaurants, called the bill a “feel-good Band-Aid” and claimed it ignored the “true issues” behind obesity.

We disagree. One of the true issues behind obesity is the fact that many chains obfuscate the fat and calorie counts of their menu items, and fight any attempt to shed light on what, exactly, is going on between their buns and inside their taco shells.

And I have some comments about the article....

(Hey, in case you were wondering, an order of Outback’s Aussie Cheese Fries has 2,900 calories, and its Ayers Rock Strip has 60 grams of fat.)

Not being an Outback afficionado, I don’t know how many people are meant to share one order of those cheese fries, but... well, if it’s one, I should point out that that’s an adult man’s entire calorie intake for a day. Have it with a cup of coffee. Black. And then think about a balanced meal for tomorrow.

Applebee’s doesn’t want you to know that many of its “low-fat” items have more than 500 calories.

Well, to be fair here, this is a much more general issue: “low fat” does not translate to “low calorie”, and a fat calorie is no different from a protein calorie or a carbohydrate calorie. You can eat a pound of plain, steamed potatoes, and you’ll have had essentially no fat (about half a gram), but around 360 calories.

Of course, it’s true that the food manufacturers and sellers would rather not point that out to you. Labels that tout “Low fat!” and “Low in carbohydrates!” sell product, by making folks think the food is better for them — whether or not it is.

IHOP doesn’t want you to know that its Omelette Feast has 1,335 calories and 35 grams of saturated fat.

Now, here I have to go with the idea that people have to be responsible for themselves. I’m all for labelling and all that, yes. But let’s be honest: does someone really have to tell you that a three-egg omelet, three pancakes, bacon, and hash browns amounts to a huge, calorie-filled, fat-laden meal with loads of cholesterol?

In Italy, a standard pasta serving means 4 ounces of noodles with a few tablespoons of sauce. At Maggiano’s, a large order of pasta translates into 2 pounds of noodles piled high on a hubcap-size dinner plate.

Ah, yes, 2 pounds of pasta is a lot, yowza! Comparison with a “standard” pasta serving in Italy is flawed, though, because there the pasta is one small course in a full meal, between the antipasto and the main course, while here it’s meant to be the main course. And they do say that “you’ll have plenty to share or take home,” so they aren’t expecting one person to eat all that.

Still, it’s clear that these portion sizes do prompt us to eat too much. Maybe we do take some home... but we probably eat more than we ought to before we stop and have it packed to take. If we were served what we might reasonably be expected to eat, we’d clearly eat less.

First California, now Ohio

California audited computer voting machines last summer, and gave all of the audited machines failing grades. The result of that was that California’s Secretary of State decertified all of them.

Now, Ohio has done a similar audit, with similar results:

All five voting systems used in Ohio, a state whose electoral votes narrowly swung two elections toward President Bush, have critical flaws that could undermine the integrity of the 2008 general election, a report commissioned by the state’s top elections official has found.

“It was worse than I anticipated,” the official, Secretary of State Jennifer Brunner, said of the report. “I had hoped that perhaps one system would test superior to the others.”

At polling stations, teams working on the study were able to pick locks to access memory cards and use hand-held devices to plug false vote counts into machines. At boards of election, they were able to introduce malignant software into servers.

Ms. Brunner proposed replacing all of the state’s voting machines, including the touch-screen ones used in more than 50 of Ohio’s 88 counties. She wants all counties to use optical scan machines that read and electronically record paper ballots that are filled in manually by voters.

We should name names, here:

The study released Friday found that voting machines and central servers made by Elections Systems and Software; Premier Election Solutions, formerly Diebold; and Hart InterCivic; were easily corrupted.

The companies, of course, say that the audits don’t matter, and they stand by their machines. That’s no surprise. In their own defense, they often say things like this:

“It is important to note,” he said, “that there has not been a single documented case of a successful attack against an electronic voting system, in Ohio or anywhere in the United States.”

In other words, no one’s been caught, so it’s OK.

Because that’s a key point here: one of the flaws is that corruption of the machines is, in many cases, hard to detect. We might have a nice, friendly community somewhere, where we could just put a box in the middle of the town green and set up the voting on the honour system... but no one would think that a wise thing. And in a real sense, that’s what we’re doing with these machines.

The solution, though, is not to have the companies go off and re-design their machines as they’ve designed them in the past — we’d just have to do another audit, at more expense, and I have no doubt that we’d find more problems. We can’t keep iterating this process.

The solution is to put it into an open design process, where security experts — the sorts of people who are auditing the machines now — participate in the design, and oversee things. And have the whole process audited at every stage.

Goodbye, Dan

Goodbye, Dan.

The leader of the band is tired and his eyes are growing old
His blood runs through my instrument, and his song is in my soul
My life has been a poor attempt to imitate the man
I’m just a living legacy to the leader of the band

Dan Fogelberg wrote that in memory of his father, the figurative leader of the band in the song. I give it back to Dan here, to honour him as the new, now passed, leader of the band.

Love when you can
Cry when you have to
Be who you must, that’s a part of the plan
Await your arrival with simple survival
And one day, we’ll all understand
One day, we’ll all understand

The meaning...

In the comments to yesterday’s post, Miss Profe asks:

So...

What does Christmas mean to an athiest?

Good question. And one that I have a longer answer for, so I’ll make it a separate post, rather than a response in the comments.

I can only speak for this atheist, of course, and one who grew up in a Jewish family, as well. I had no family connection to Christmas, but most of the families in my neighbourhood did celebrate Christmas, and most of my friends, therefore, did.

I think the connection between Christmas and Jesus, or religion in general, is pretty tenuous now, as it also was in my youth; I wonder if it ever was particularly strong (its history is as an attempt by the church to replace pagan solstice rites, after all). Some people clearly have more of a religious feeling about it than others do, but I think in the mainstream it’s a fairly secular celebration.

And that last word is really the central aspect of it for me: it’s a celebration, and I’m happy to see my friends and neighbours celebrate it, and to join in the celebration myself. I have no use for the idea that anyone should object to public displays of Christmas trees or Santas, wreaths or angels or trumpets or any such. Even nativity scenes don’t set off my “separation of church and state” alarms. I’m more annoyed at being bombarded by excessive commercialism (come on, how many people really buy cars for Christmas?) than by “Christian” Christmas symbols.

For me, it’s a chance to share other people’s traditions, to learn about what their families do to gather and celebrate, and all that. It’s a festival. And I’m as festive as the next guy. It doesn’t bother me whether the festival is celebrating the arrival of winter, the birth of a religious figure, the burning of a lamp in a temple for longer than expected, or just general brotherhood and good will. If it really does make us think a bit more about brotherhood and good will for a few weeks, it makes me happy.

Just as long as I don’t have to listen to that horrible Paul McCartney song.

Believing

It’s that time of year.

It’s the time of year when we let children believe that there’s an old man with a white beard, who lives “up there” somewhere. We let them think that if you’re good, you’ll be in his graces and he’ll lavish you with his gifts... but if you’re bad, you’ll suffer the consequences. He looks at all the world from his mysterious abode, and he knows what’s in the hearts of all of us, so the story goes. There’s no escaping his notice.

We encourage the children to ask him for things, implying that they’ll get them (if they’re good, and they believe, and they ask properly). What we gloss over, of course, is that it’s really we who deliver on those promises, but we’re happy to attribute the beneficence to the man up there. After all, it’s harmless fun for the kids.

It’s a time when we take children to places where many believers queue up, where they can see the old man and talk to him. And that’s a major way for them to beseech him for his gifts. It’s not really the old man, of course; it’s just an image. But the kids accept it, and at least pretend that they think he’s real.

And when, in a week or so, the kids’ prayers are answered, they’ll thank the old man and praise him for having made them happy. We’ll all smile, knowing the truth, knowing that their time as children is all too brief, and that they'll grow out of it, that one year soon they will no longer believe in the old man with the white beard.

Because, after all, only a child would believe in these fantasies, right?

I18n, la troisième partie

In the second part, of this series, we talked about internationalization of URLs and domain names. Let’s shift, now, to another Internet application: email. Almost 20 years ago, RFC 1049 defined an email header field called content-type, which took the first step toward internationalization of email (this from the document's abstract): “The ability to recognize this field and invoke the appropriate display process accordingly will, however, improve the readability of messages, and allow the exchange of messages containing mathematical symbols, or foreign language characters.”

In 1992, the first version of the Multipurpose Internet Mail Extensions (MIME) standard expanded on that, and led to widespread adoption of internationalization of email message bodies. At the same time, RFC 1342 showed us a way to do the same for message headers (such as the subject line of a message). That early work has since been updated; for reference, the current versions of the appropriate standards are in a three-part MIME technical specification: RFC 2045, RFC 2046, and RFC 2047.

But MIME suffers from the same problem that we noted above: the raw information is ugly. During the early days of MIME, that caused some deployment difficulty. If I sent you a message that used “funny” character encodings, and your mail program didn’t understand how to decode them, what you saw was strewn with cruft, at best, and was completely unintelligible, at worst. To reduce the occasions for the worst case, MIME included a transition mechanism, multipart/alternative.

The good part, though, is that MIME proved so useful and popular that it was widely adopted fairly quickly, and we soon came to a situation where all but the oldest and crustiest plain-text email programs can handle non-English character sets in both the body and the subject line.

But not in the email address.

Email addresses are stuck firmly in US-ASCII, for a variety of protocol-defined reasons. And since the average computer user has become more like my mother than like me (not a technology specialist, but someone who uses a computer as a tool, much like a toaster or a screwdriver), it’s not really acceptable to continue turning email addresses into ASCII. As it stands, we wind up with these sorts of things:

Hélène Brûlée <helene.brulee@example.fr>
Jürgen Kölsch <juergen.koelsch@example.de>
Алла Ленина <alla.lenina@example.ru>
אדם צוי <adam.tzvi@example.il>

All of these people would likely prefer to write their email addresses in their native languages, as they have done with the human-readable names.[1] And it’s worse in languages like Chinese, where a great deal is lost in transliteration.

Along comes Email Address Internationalization (EAI), an IETF working group that aims to take the first steps to correcting this. When the working group was started, it was clear that it wouldn’t be easy, that there’d need to be some trying things out, that there might be some false steps. So the charter specifies a series of experimental protocol extensions, not to be put on the standards track until some experimentation’s been done and the results are evaluated and reported.

Of course, a number of protocols need to be extended to handle non-ASCII email addresses, and that has to be done carefully. But beyond that, the most difficult part is coping with what happens when email has to pass through a server that hasn’t yet implemented the new mechanisms — that’s defined in the “downgrading” document (the current specifications can be found on this page), along with stuff in the “utf8headers” document that provides alternative information for some cases.

The major difficulty here is the transition, while many Internet servers (most of them, at first) do not understand the new specifications and can’t handle the “funny” characters. And the key, as it was with MIME, is to consider the transition carefully and provide as much assistance as possible to make it go smoothly. Nothing on the Internet changes overnight, so it’s critical to maintain interoperability over protocol transitions.

The EAI documents are almost ready, and experimentation with the protocol changes has begun. The next step is to get reports on the experiments and see where we need to go to put this stuff on the standards track.

Maybe in a few years, if there’s quick adoption of the EAI changes, Hélène and Jürgen and Alla and Adam will be able to get the sorts of email addresses that they’ve wanted from the start.
 

---

[1] In a raw email message, the human-readable names would actually be encoded according to RFC 2047, and would look awful... but the email programs would display them nicely, as shown here.

I18n, la deuxième partie

Now that we have the background, from the first part, about how human-language characters are encoded for computers, we’ll look at how that affects Internet standards as we try to internationalize them. We’ll start by looking at how we browse the web.

Stick a URL into your web browser, and off you go, loading a web site that could be anywhere, in any language. And, indeed, it’s easy to find web pages in any character set, and your browser will render most of them just fine: HTML (hyper-text markup language) and HTTP (hyper-text transfer protocol) are fairly recent standards (from 1990-ish), and are set up to handle all sorts of character sets.

But what about the URL itself? URLs are also fairly new things, and parts of them are already set up for sending all sorts of characters. There’re two problems, though:

1. The encoding is exposed in the URL, so the raw URL looks really ugly, and doesn’t actually show the international characters.
2. The domain name, which is part of the URL, was still limited to US-ASCII, for compatibility with other protocols.

The first of those can be sorted out by the browser — it can accept input from any keyboard and display any weird characters it likes, and then translate URLs that it gets into pretty characters... but still send the ugly, encoded ones on the wire. There’s a bit of an interoperability issue there, but not too much — the worst that can happen is that your browser might sometimes get one wrong, and display an odd URL or send a wrong one.

But the second is more of a problem, and the IETF addressed that with the Internationalized Domain Names work. The abstract of RFC 3490:

Until now, there has been no standard method for domain names to use characters outside the ASCII repertoire. This document defines internationalized domain names (IDNs) and a mechanism called Internationalizing Domain Names in Applications (IDNA) for handling them in a standard fashion. IDNs use characters drawn from a large repertoire (Unicode), but IDNA allows the non-ASCII characters to be represented using only the ASCII characters already allowed in so-called host names today. This backward-compatible representation is required in existing protocols like DNS, so that IDNs can be introduced with no changes to the existing infrastructure. IDNA is only meant for processing domain names, not free text.

With IDNs, the raw domain names have the same sort of ugly look as the rest of the internationalized URLs, but, again, the browsers can mitigate that by presenting them nicely.

Unfortunately, that causes its own problems, and there are several. One major one is that by hiding the fact that there are special characters in the domain name, the browser may actually be helping “bad guys”. Consider someone trying to fool you into giving up your PayPal user name and password. You might or might not be fooled by a bogus web site called, say, paypal-secure-login.com. But would one or more of these fool you into thinking you were at the real paypal.com web site?:

pаypаl.com
pąypąl.com
paУpal.com
paỳpal.com
payṗal.com
paypaĺ.com

Those are all domain names that look similar to paypal.com, but each one has a non-ASCII character in it. Depending upon the font you’re using and how closely you look at the URL, you might not notice the substitution (in some fonts, of course, the difference will be very noticeable). What’s even worse in this regard is that there are zero-width characters defined in Unicode, and such characters could be placed between any two visible characters to make an entirely different domain name that’s absolutely indistinguishable, visually, from the original.

Next time, we’ll look at internationalization of email.

I18n, la première partie

I’ve mentioned “internationalization” in some of my posts about the IETF and Internet standards, and I thought I’d write a post about what it means and what the issues are. Let’s see how long it gets, and whether I should split it into two. First, some setup, somewhat oversimplified.

Computers, of course, don’t know anything about letters or words, in the sense that we do — the shapes of the characters. They just know bits, binary digits, ones and zeros. And so we have to represent written characters as sequences of bits somehow, for the computer. The way we chose to do this initially, since it was all done in the U.S., was with a scheme called ASCII (American Standard Code for Information Interchange).

ASCII was developed in times when every bit was precious, so the original ASCII was a seven-bit code, allowing it to represent 128 characters. The first 32 are “control characters”, codes that caused the old teletype machines to do things like move to a new line and ring the bell. The rest include 26 upper-case letters, 26 lower-case letters, ten numbers, and assorted punctuation marks.

In order to add the sorts of accented characters that appear in many European languages, extended codes were developed, using eight bits instead of seven. Standard US-ASCII is now eight bits, and the International Organization for Standardization (ISO) devised a number of encodings that variously include accented characters, Greek characters, Cyrillic characters, and characters for Asian languages.

For Chinese and other east-Asian scripts, eight bits (256 characters) are not sufficient. Double-byte character sets were devised for those, allowing for more than 65,000 characters. That morphed into more general multi-byte character sets, and eventually into Unicode, an extensible and open-ended mechanism for encoding characters, and the associated Unicode Transformation Formats (UTF). Unicode is maintained and coordinated by the Unicode Consortium.

Individual computer programs can choose what character encodings they need to in order to represent the languages they want to support. But if they have to exchange information with other programs — the sort of thing that Internet standards are set up to do — they have to agree on the encoding(s) to use.

Unfortunately for modern computing needs, that agreement was always US-ASCII, in the old days. And much of what was done in the old days persists today, leaving us with the task of pushing, prodding, and tweaking, gradually replacing the old encodings with newer ones that allow us to represent the many languages of modern computer users.

Very gradually.

There are some places where we can go on using US-ASCII and not worry about it — some computer-to-computer protocols are written in human-readable form for convenience in development and debugging, and it’s OK to leave those as they are. But there are many places where it’s important to be able to use accented letters, along with other scripts such as Greek, Cyrillic, Hebrew, Arabic, Hindi, and Chinese, and for those we have to make changes to the standards.

We call that change process “internationalization” — enabling the protocols and data formats to carry international information, not just information in English. We abbreviate it “i18n”, because there are 18 letters between the “i” and the “n”, and because we like to abbreviate things.

In another post, I’ll talk about what we need to change and why, and why it’s hard to do.

Women: an “up” and some “downs”

For the “up”, we have the election of Cristina Fernández de Kirchner to the presidency of Argentina. Mrs Kirchner joins the ranks of women who have been presidents or prime ministers in many countries, including neighbouring Chile, Canada, Ireland, the United Kingdom, France, Germany, Israel, India, Pakistan, Indonesia, and the Philippines. Not the United States, though, not yet.

For the “downs”, we have a series of news items, which I’ll present before commenting:

• Australia Shocked by Case of Raped Indigenous Girl

  Australia has been rocked by the case of a 10-year-old indigenous girl who was gang raped in her home community, and the revelation that her nine rapists had not been given prison sentences, in part because the judge found that the victim “probably agreed” to have sex.

• Rape of Girl, 15, Exposes Abuses in Brazil Prison System

  It was at Abaetetuba, in the northeastern state of Para on the fringes of the Amazon, that a 15-year-old girl arrested on suspicion of petty theft was illegally placed among 34 male inmates in late October. For 26 days they treated her as their plaything, raping and torturing her repeatedly. Sometimes she traded sex for food; other times, she was simply raped, federal investigators here said.

  The police in the jail did more than turn their backs on the violence. They shaved her head with a knife to make her look more like a boy, investigators said, and now are blaming her for lying about her age.

• Mexico: Cannibal Suspect Found Hanged

  A 38-year-old man accused of killing a girlfriend and eating parts of her body was found dead in his cell in Mexico City, apparently a suicide, prison officials said. Guards found the man, José Luis Calva Zepeda, hanging by his belt. He was arrested in October when the police discovered the dismembered body of his girlfriend in his apartment and human flesh in a frying pan.

• Life in Prison for Canadian Serial Killer

  The serial killer Robert William Pickton was sentenced to life in prison with no chance of parole for 25 years on Tuesday for the murders of six women whose bodies were butchered in the slaughterhouse of his pig farm near Vancouver.

• Jailed Rapist Confesses to Murders 30 Years Ago

  A convicted rapist who has been in and out of prisons for decades has confessed to nine murders, including those of five women that terrorized this city along the Mississippi 30 years ago.

• 7 Troopers Suspended in Sex Assault Inquiry

  Seven New Jersey state troopers were suspended on Tuesday in connection with an investigation into a young woman’s report that she had been sexually assaulted.

  The woman, 25, told law enforcement officials that she was assaulted last week by “multiple male individuals,” including some who may have been members of the New Jersey State Police, the Mercer County prosecutor’s office said.

Confessions, investigations, job suspensions, a life sentence. Outrage. You’d think I’d be adding these to the “ups” list instead. But no, the point here isn’t that we’re addressing the problems after they happen, though it is good that we’re doing that. The point is that it’s happening in the first place.

The point is that no matter how much we want to think it’s gotten better, violence against women is still right out there, right up front. Disgusting, sadistic, pointless violence — pointless except that it provides at least one man with a sense of power, a feeling of superiority over women.

That I read all of those in one evening — and you, also, get to read them, or at least my excerpts, in one sitting — was particularly disturbing. Maybe this was a bad day for such news. Still, the concentration makes it clear that this stuff isn’t rare. It happens all the time, everywhere.

Why am I picking on this sort of thing? After all, violence toward men happens all the time too.

But it’s not the same thing. First, we hear about women as serial killers or sexual predators in a vanishingly small number of cases. It’s men who do this, almost exclusively. Second, male-male violence is usually either entirely random (he wasn't specifically targeting men) or directed at a single person for a particular reason.

In these cases, women were victims of violence against women in general.

It just has to stop.

Maybe if women ran the world....

Just take those old records off the shelf...

A recent episode of Scrubs included a send-up of Tom Cruise’s scene in Risky Business, where he lip-sync’s Bob Seger in his underwear. YouTube, of course, has it, and so (for as long as the links still work, and assuming you have Flash enabled)....

 
Here’s the “Scrubs” version:

 
And the original (which is now 24 years old, if you can imagine!):

FYROM

What’s in a name? That which we call Macedonia, would...

...create an international incident.

When Yugoslavia split back into its constituent parts (Slovenia, Croatia, Bosnia and Herzegovina, Serbia, Montenegro, and Macedonia), Macedonia managed to avoid the bloodshed when most of the rest of the area was asserting its freedom to bomb itself. It did not, however, escape entirely unscathed. As it pulled its name out of the Yugoslavian cloak, it found itself in a different sort of battle with Greece.

There’s a province called Macedonia in northern Greece, which borders the Republic of Macedonia and which covers most of the area that was ancient Macedonia. It’s not as simple as that, though, because the boundaries fluctuated over the centuries, and there were times when both areas were included in an entity called Macedonia. Still, the Greek government claims the rights to the name, and insists that the Republic of Macedonia change its name.

The government of the Republic of Macedonia, of course, has no interest in such a change.

Unfortunately for them, Greece can cause them trouble if they don’t come to an agreement. The UN and NATO both officially call the country the “Former Yugoslav Republic of Macedonia” (FYROM), holding back full legitimacy of the country’s name. And with Macedonia wanting to join NATO, Greece has yet more leverage now.

And so, diplomatic negotiations are resuming:

Greece and Macedonia on Wednesday agreed to hold a new round of talks on a festering dispute over Macedonia’s name that threatens to undercut its chances of joining NATO.

The agreement, brokered by Matthew Nimetz, a United Nations special envoy, offered new momentum to stalled negotiations over what Macedonia, the former Yugoslav republic of two million people, should call itself.

“Stability and cooperation in the region is extremely important,” Mr. Nimetz said after an hourlong meeting with Dora Bakoyannis, Greece’s foreign minister. “This is not an issue that cannot be resolved. It cries out for a solution.”

[...]

Most countries recognize Macedonia, Greece’s northern neighbor, as the Republic of Macedonia. But Greece has taken the position that using the name implies claims to the Greek province of the same name. Greece, long a NATO member, has also threatened to block Macedonia’s effort to join unless it agrees to change its name.

Once you decipher the odd double negative, you can see that Mr Nimetz thinks he can help them work something out. I’m not sure what it is that they can compromise on (“OK, you use the name in even-numbered years, and we’ll use it in odd-numbered ones....”), but I’m not sure why it’s such a problem!

You don’t see us having a fight with the “Former Soviet Republic of Georgia”. Mexico doesn’t seem miffed about “New Mexico”. And the various countries affected appear to accept or ignore the presence in the U.S. of towns like Berlin, CT; Cairo, NY; Vienna, VA; and Moscow, ID.

I don’t mean to make light of a political situation between two countries, I don’t. But, really: aren’t there more important fights to pick? Lidija, do you want to comment?

Carnivals!

Some people really do have way too much time on their hands.

Pointers to this fortnight’s blog carnivals:

• Skeptics’ Circle #75.
• Carnival of the Liberals #53.
• Carnival of the Decline of Democracy #2.24.
• Carnival of Feminists #49.
• Carnival of Education #147.
• Carnival of Education #148.
• Carnival of Mathematics #21.
• Carnival of the Godless #80.

Germany at war with England!

Well, but only with Ferris wheels:

Berlin officials broke ground this week for the construction of the Great Berlin Wheel, a 600-feet Ferris wheel that will top the London Eye by more than 160 feet to become the largest in Europe. It will be near the Berlin Zoo, on the western edge of Tiergarten Park. When it opens in about two years, it will have 36 air-conditioned cars, each capable of carrying 40 passengers. A ride around the wheel will take 35 minutes.

So, go bring 39 friends and a lot of beer, und haben Sie eine gute Fahrt.

I fear, though, what the next escalation might be....

IETF 70, Vancouver

As I said the other day, I’ve been at the 70th IETF meeting in Vancouver, BC, Canada. As usual, here’s my summary of the meeting, hidden below the “click here if you want to read the boring, geeky bits” link. I’m going to try to keep this shorter than usual. Some of the items will just be notes, rather than complete sentences. But it’s still pretty long.

Read the rest of the post...

Apparea — Applications Area general meeting

1. Announcement of Applications Area workshop, 11/12 Feb 2008.
2. Suggestion of Applications Area interoperability testing events — perhaps a full day of interop testing attached to an IETF meeting.
3. Request for a utf-8 advisor for the nfsv4 working group.
4. Brief discussion of question of identity-based encryption (IBE) and user authentication in email protocols. Issue will be discussed further by interested parties at the bar later.
5. Discussion of BCP 56 (RFC 3205): is this still the best current practice? Specifically, advice that new services should not reuse existing ports, contrasted with the use of http/80 for many non-web-browsing purposes. Conclusion: BCP 56 was meant to make sure people think about these things before they choose. It should stand, though maybe an update would be useful.
6. Presentation of a metadata format for files (see draft-garcia-sipping-file-*).
7. Presentations from netconf participants (Operations and Management Area) about a modeling language. One presentation using XML schemas. Second presentation of a homegrown modeling language called YANG. There was extensive discussion, and some heat. Ultimate question: “If we did a bof with YANG documents and other docs (XSD based), do people think we should do that?” Strong consensus in favour.

Sieve Mail Filtering Language

1. Document status: base doc is un-stuck (had been waiting for internationalization draft), and this frees a bunch of others.
2. Document status: body, notify, notify-mailto, notify-xmpp are in IESG processing.
3. Document status: edit header, mime loops, refuse/reject, regex are still being worked on.
4. Discussion of notify: have to sort out IANA registry issues. Decision to use RFC 2434, and refer to it.
5. Discussion of notify-mailto: Discussion of mail loop issues. Prefer to have a separate document, not from this WG, on mail loop detection and avoidance. Ackowledge that this doc will block on that. Discussion of using null MAIL FROM here. Discussion of not retaining Received headers in notification message.
6. Discussion of IMAP-Sieve (lemonade doc): Main issue is per-user scripts. Probably move to extension, probably leave the feature for delivery scripts, not IMAP-event scripts.
7. Brief discussion of other docs, no substantial issues.

Calsify — Calendaring and Scheduling Standards Simplification

1. 2445bis is in PROTO-shepherd review. One issue: is it OK to have RDATE < DTSTART ? Decision to take the issue back to the mailing list.
2. 2446bis (iTIP) issues discussion. Some small items.
3. Major discussion on RANGE parameter with day changes in recurring meetings.
4. Major discussion on SEQUENCE number — what its purpose is and how it’s used.

HTTPbis — HTTP updates

There were two HTTPbis sessions, but the second one conflicted with DKIM, so I missed it.

1. Presentation of HTTP history and lessons learned.
2. Charter review. Aiming to bring HTTP to “Draft Standard” status.
3. Discussion of the partitioning of the document into 8 parts.
4. Discussion of issues...
5. Loooooooooong discussion on ABNF conversion and logical whitespace (LWS) in ABNF for headers.
6. Some discussion of header-value internationalization. Decision: document reasonable RFC 2047 usage explicitly.
7. Brief discussion of character encoding defaults — existing language conflicts with MIME specifications. Noted that “guessing” is the best mechanism in practice, but someone pointed out that guessing wrong can cause problems that include security exposures.
8. Out of time, remaining items left for second session:
   • ETag in status messages
   • Clarify “requested variant”
   • Header line folding
   • Content negotiation for media types
   • Repeating single-value headers

IPR — Intellectual Property Rights

This session moved right along and ended early. The documents are essentially done, discussion wrapped up the remaining issues, and set us up for closing the working group. There were three proposals for new work; two were soundly rejected, the third had agreement that it should be pursued as an individual submission.

DKIM — Domain Keys Identified Mail

Tony Hansen and Murray Kucherawy presented the results of a DKIMinteroperability workshop that was recently held in the Dallas area.20 companies and organizations participated, and the interoperabilityresults were generally very good. A few minor issues were uncovered:edge conditions in the “relaxed” canonicalization algorithm, an ABNFerror, and similar things. We will submit errata to correct most ofthese issues, and add text to the “deployment” document for some others.

Jim Fenton presented a status update on the SSP draft, giving a reviewof recent changes and going over the open issues. Jim used quotes fromtwo “customers” early in his presentation, which prompted Dave Crockerto comment, and there was some significant discussion of theappropriateness of optimism in this regard, of some aspects of the SSPdraft that Dave considers wrong, and of Dave’s review of SSP, which he’dposted to the DKIM and Apps-Review mailing lists earlier that day. Further discussion of the review has been taken to the DKIM list (andthat discussion has already been quite active).

On the open issues: there was some discussion here and there, but a lotof discussion on one issue in particular: #1399: Clarify i= vs. SSP,“...need to provide the exact semantics in SSP of how a receiverdetermines whether a DKIM signature satisfies the SSP criteria or not.” The result of the discussion is that the chairs think we need one moreround, no more than a week, of discussion on the mailing list before wedetermine a closure for this issue.

We plan to start working-group last call after issue 1399 is closed andafter discussion has finished on Dave Crocker’s comments.

Doug Otis presented a (non-WG) draft, “DKIM Third-Party Authorizationfor Sender Signer Practices”.

Murray Kucherawy presented (non-WG) drafts dealing with passingauthentication results down the line (including all the way to the MUA). There was brief discussion about his draft for using an ESMTP extensionto pass the information, in order to reduce attacks against MUAs behindnon-compliant MTAs.

Tony Hansen presented a very drief status report (and call for reviews)on the Overview document and the new spin-off, Deployment andOperations.

EAI — Email Address Internationalization

1. UTF8headers doc:
   • Issue with specificatin of NO-WS_CTL. Decision to refer to 2822, note upcoming 2822bis.
   • Issue with normalization. Decision to refer to draft-klensin-net-utf8.
2. Core docs (UTF8headers, DSN, SMTPext) now ready to go to IESG.
3. Downgrade doc:
   • Issue with simple downgrade procedure. Decision that current section 8.1 is adequate.
   • Suggestion to split appendix A into a separate doc. Take discussion to the mailing list.
   • Needs review by people who have implemented it, then it’s ready for working-group last call.
4. IMAP and POP docs
   • Should we move “upgrading” — conversion up to UTF-8 — to clients, and remove it from here? Clients are better equipped to do whatever conversions are necessary, and clients know what they want. Also, conversion breaks message signatures. Consensus to remove, let clients do it.
   • Current IMAP draft uses lemonade “ENABLE” IMAP extension.
   • Switch POP to use UTF-8 “mode”, like IMAP, instead of duplicating commands? Decision: yes.
5. Discussion of whether “mailto” URL should be adopted now. Take to the mailing list.
6. Discussion of possible interoperability tests at one of the next IETF meetings.

lemonade — Enhancements to Internet email to Support Diverse Service Environments

1. Report on second interoperability event. Good results; things that were found broken at the first event have since been fixed.
2. Mostly covered document status and minor updates.
3. Some significant discussion on CONVERT, NOTIFY, and ENABLE.
4. Most of the discussion of ENABLE involved when it was allowed. Decision: only in authenticated, non-selected state.
5. Brief review of profile-bis status.

SAVI — Source Address Validation Improvements BOF

Problem statement: IP source addresses can be spoofed. Packet delivery is based only on destination addresses, to the spoofed traffic arrives, and hurts (attacks/threatens) the destination. It’d be nice to stop the spoofing, and existing solutions aren’t sufficient.

There are product solutions for ipv4, sold by Cisco and others, that work within a single switch. The working group wants something standard.

The trouble, as I see it, is that the charter is too limited:

Specifically, the group shall define solutions such that hosts attached to the same router cannot spoof each other’s addresses. The following assumptions apply:

• The WG considers only solutions on layer-3-aware Ethernet switches
• Two solutions are needed, one for IPv4 and another one for IPv6
• The IPv4 solution depends on tracking the DHCP traffic on a port
• The IPv6 solution depends on tracking the Neighbor Discovery and DHCP traffic on a port
• All address assignment mechanisms in IPv6 need to be supported, including stateless, stateful, privacy, and so on
• The solutions are turned on for host ports by configuration, and do not apply to routers

The WG recognizes anti-spoofing deployment efforts, motivation, and best practices development in various forums around the world (including RIPE). The WG is only chartered to deliver two specific solution components that such efforts could employ. The bigger questions are out of scope.

Normally, I would worry that a charter were too broad, but this just doesn’t seem to solve a problem that I think needs a standards-track IETF solution. Any company can already sell a switch with anti-spoofing technology in it. Another company can sell another, with different technology. There’s no issue of interoperability that I can see. The most I can see a need for is a BCP to tell hosts what to do to avoid running afoul of existing anti-spoofing techniques. If there’s a need for a WG to do that, OK (but I’m not convinced). But I really don’t see a standards-track issue here.

CSI — Cga & Send extensIons BOF

I have little to say about this. They have a solid idea of what they want to do, and a good plan for it. Almost everyone agreed that a working group should be chartered for it, they had some 20 or so people who said they’d be active participants, and 8 or 10 who said they’d be document authors. This seems ready to be chartered as a working group.

Peppermint — Provisioning Extensions in Peering Registries for Multimedia INTerconnection BOF

This one is decidedly less well baked, but they said that up front. They have good preliminary ideas about what they need, and used this session to bat it around in preparation for writing a draft charter. They seem to have succeeded in that, so we now have to see what the draft charter looks like.

Vancouver

Vancouver

Vancouver

I’m in Vancouver, BC, for the Internet Engineering Task Force meeting, so blogging will be a little light this week, until I post my usual excessively long meeting “summary”. I might post some photos if it stops raining long enough for me to take some; I arrived to this:

...and then it started raining. The good part is that it’s warmed up nicely (above 50F). The bad part is that it’s irretrievably wet.

Mitt promises to talk about faith

Mitt Romney, it seems, has made a meta-announcement, telling us that he’ll make a speech this Thursday in which he’ll talk about his religion, and how it relates to Americans’ sensibilities and his possible presidency.

Mitt Romney will deliver a speech entitled “Faith in America,” addressing his Mormon religion, on Thursday at the George H.W. Bush Presidential Library in College Station, Tex.

His campaign is describing the address as an opportunity for Mr. Romney to “share his views on religious liberty, the grand tradition religious tolerance has played in the progress of our nation and how the governor’s own faith would inform his presidency if he were elected.”

Mr. Romney personally made the decision to give the speech last week, feeling it was the right moment to do so, his advisers said. After he decided he would make it, the campaign consulted with former President Bush’s library, which invited him to deliver it there.

At the risk of repeating myself — I’ve said this sort of thing before — I have to say that I just find this to be silly. I do not care what the president’s “faith” is, per se. I don’t care if the president, or any other government official, believes in God, Adonai, Allah, Jehovah, Buddha[1], Shiva, Jesus, the Virgin Mary, Joseph Smith’s tablets, Xenu, Satan, Agape, Zeus, Cthulhu, little green men, or nothing “spiritual” at all.

What I do care about is that the president can lead, govern, decide, negotiate, and inspire — inspire everyone, of all faiths and none — without taking direction from an imagined being that one has to “have faith in” to believe, without getting the rules from an arbitrary book that “the faithful” take to be inerrant truth.

I’ve been made wary in recent years of anyone who hopes to be president bringing up God or faith at all, and I have to push back on myself in that regard. It doesn’t bother me, a priori, that a potential president goes to church, accepts Jesus as his saviour, wears a yarmulke, or lights bonfires on Samhain, and I need to remind myself of that. Many of the people I live, work, and play with do these same things, and I respect and trust them.

And that’s the key: I need to be able to trust the person I’d vote into the presidency — to trust that person to do the job rationally, sensibly, and for the good of the country, the world, and the people. It’s clear that “people of faith” can do that, and can be trusted.

It’s also clear that many can’t. And it’s clear to me that Mitt Romney is in the “can’t” category. The very statement he makes in announcing the speech, quoted above, shows that; I’ll repeat it here, with my emphasis added:

His campaign is describing the address as an opportunity for Mr. Romney to “share his views on religious liberty, the grand tradition religious tolerance has played in the progress of our nation and how the governor’s own faith would inform his presidency if he were elected.”

He passes, here, from the acceptable (the part that’s not highlighted) to the dubious (the part that is). That his “faith” would “inform his presidency” at all makes him unsuitable to me, and it wouldn’t matter what faith we were talking about.

Unfortunately, the candidates are pandering to the faithful, and it’s hard to find one who isn’t doing that. I don’t see Bill Richardson or Dennis Kucinich telling us to vote for them because they have faith in God, so that’s a plus for them.

It’s time for sense and good advice to inform the presidency. It’s time for truth, justice, and the American Way to inform the presidency. It’s time for our role as an honest, productive, and respected member of the world community to inform the presidency.

It’s time for reality to inform the presidency.
 

---

[1] For the nit pickers: yes, I know that “follows Buddha” is better; one doesn’t “believe in” Buddha. I didn’t want to try to write that sentence with that distinction in it. Oh, well.

Portions, a follow-up

To my post the other day about too-large portions, The Ridger commented thus:

I can’t remember when I last didn’t get at least one more meal out of my restaurant serving. Sometimes there’s enough to piece out a third meal. In Texas I saw 22 oz steaks on the menu. It’s absurd. Who could possibly eat 22 ounces of meat plus potatoes?

Ah, and that reminds me of a story.

Close to 15 years ago (my, but time does fly!), some of my co-workers spent a couple of months working at a programming office we used to have in the Dallas area. When they got back, one of them told me of a (famous?) steakhouse there, where they got 35-ounce steaks (about a kilogram, which is probably where they got that number). The conversation went something like this:

Me:   Wo! 35 ounces? How could you eat that much steak? And what about all the other stuff?

Him:  Oh, they gave us the potato and cole slaw and bread, and all that, but we didn’t eat any of it. We just ate the steak.

Me:   But I like the potato and the cole slaw and the bread, and all that!

Him:  They also had a 52-ounce steak [about 1.5 kilograms], but we didn’t get that. If you eat that one, they give you a pass for a free meal next time.

Indeed.

Tot technology

O brave new world, that has such toys in’t!

The hot toys for pre-school children this year, are technological ones:

Cellphones, laptops, digital cameras and MP3 music players are among the hottest gift items this year. For preschoolers.

Toy makers and retailers are filling shelves with new tech devices for children ages 3 and up, and sometimes even down. They say they are catering to junior consumers who want to emulate their parents and are not satisfied with fake gadgets.

“Not satisfied with fake gadgets,” indeed.

At the risk of sounding like my grandfather, well... a digital camera for a preschooler? My father gave me an old Brownie Hawkeye when I was about 8. I was delighted to have such an interesting toy! And a toy it was, when he gave it to me: it would have been around 15 years old at the time, and the adults had had their use out of it. It was ready, then, to be given to a child. And it did work. Dad would occasionally give me some film for it, so I could take real pictures. The rest of the time, I pretended.

Remember “pretending”?

I also had the loan of my parents’ “transistor radio”, which I was allowed to use at the beach to listen to the likes of Jan and Dean on WQAM, the big top-40 radio station in south Florida at the time. No MP3 music players existed then, of course, nor did mobile telephones. Computers filled entire rooms, and we never imagined that one might sit on a person’s lap.

But it’s not just a point of amazement at where technology has come in the last 50 years. It’s more that I’m amazed at the change in what sorts of toys we now buy for our children. LeapFrogs and Game Boys, brand-new cameras, DVD players, and laptop computers. One parent, quoted in the article, prefers not to give a laptop — a real, adult laptop — to her six-year-old daughter. The daughter wants it “ ’cause it’s cool.” Maybe, says mom, when she’s eight.

Yow!