Hi the Authors, I remember you posted a list of Alan's comments in the mailing list, and mentioned what have been addressed and how, what will be addressed later. I think it's a good start. Why not continue doing this for your new revision. It would be very helpful.
Tianran > -----Original Message----- > From: OPSAWG [mailto:opsawg-boun...@ietf.org] On Behalf Of Alan DeKok > Sent: Tuesday, April 17, 2018 11:07 PM > To: Douglas Gash (dcmgash) <dcmg...@cisco.com> > Cc: opsawg@ietf.org; Andrej Ota <a...@google.com>; Thorsten Dahm > <thorstend...@google.com> > Subject: Re: [OPSAWG] New Version Notification for > draft-ietf-opsawg-tacacs-10.txt > > On Apr 17, 2018, at 10:15 AM, Douglas Gash (dcmgash) <dcmg...@cisco.com> > wrote: > > Initially (up to around version 5) we included just a very simple security > section admitting that T+ was insecure and that the second document would > address the issue. This was deemed to be insufficient, and instead the WG > collectively determined that more detail should be added to enumerate some > of the issues, you kindly catalogued some of these, providing a proposed text > which we took to be a genuine suggestion for text for the document. > > Which it was. > > The point I've been trying to make for over a year is apparently still > unclear. > > There was no excuse for plagiarizing the text in the first place. Using > it verbatim was fine, so long as attribution was given. > > There was no excuse for ignoring every single email I made to the list > asking > about this issue. > > There was no excuse for *continuing* to plagiarize the text for over a year, > across four separate revisions of the document. > > > Subsequently we interpreted your proposal more accurately (as just a > suggestion of the points to cover), and so we made sure that these were > covered, > but without verbatim reuse of the text. We hope that we have covered the > thrust of your issues (and others), but without the plagiarism. > > I have no idea. Because at this point, I'm pretty much done reviewing the > document. > > > 2) Reactivity of the Authors. > > > > As far as I know, we have responded to most posts regarding the content > of the document, with point-by-point replies, > > No. > > See the list archives, especially May 2017. There are multiple people > suggesting that you have *not* done this, and that you *should* do this. > > See line-by-line reviews done by me, which were generally ignored. Despite > that, I did *multiple* such reviews, until such time as it became clear that > such reviews were entirely unproductive. > > > but there has been, for various logistic reasons, long delays in submitting > the resulting new documents. Hopefully this has been addresses in last > versions and we will continue with more rapid uploads until process completes > one way or other. > > The issue isn't rapid uploads. The issue is engagement. It's not > productive to ignore the messages on the mailing list for 6 months, and then > to issue a new release saying "we fixed stuff". > > > We have not generally responded to posts regarding procedural matters, and > would leave such discussions to more knowledgeable stewards of the lists where > possible, > > You haven't responded to posts where I ask about the plagiarism. A simple > reply of "oops, sorry, I'll fix it ASAP" has taken over a year to write. > > > 3) Change Tracking > > > > The uploads have generally had extensive changes relating to comments (which > should generally have been summarized by previous email responses to > comments). > > Which I admit did happen sometimes, but not nearly as often as it should > have. Again, see mailing list archives from May 2017. I'm not the only > person who holds this opinion. I'm just the main one pushing the point. > > > Because of this, unless the updates have been for specific purposes (such > as the recent update of the security section) then I would leave the changes > to the diff tool which works pretty effectively. > > The diff tool lets us know what changed in the document. It doesn't let > us know if those changes addressed issues raise on the mailing list. > > To summarize: > > * we have no idea if this revision of the document addresses multiple WG > reviews > > * we have no idea if the document even describes TACACS+ as currently > implemented > > As such, it should not be put into working group last call, or much less > published until such time as those issues are addressed. > > Alan DeKok. > > _______________________________________________ > OPSAWG mailing list > OPSAWG@ietf.org > https://www.ietf.org/mailman/listinfo/opsawg _______________________________________________ OPSAWG mailing list OPSAWG@ietf.org https://www.ietf.org/mailman/listinfo/opsawg