Re: draft-housley-two-maturity-levels-05
06.04.2011 18:27, Russ Housley wrote: This revision proposes a solution to the issue raised by Brian Carpenter about documents lingering at Draft Standard. Some people thought it was a problem. Others thought it did not matter. The proposed solution leaves the matter in the hands of the IESG. Russ, Hello again. I have another minor comment regarding this document. 4. Downward References Permitted This section says nothing about references to documents with no status (pre-IETF RFCs). Maybe informative references to such RFCs should be allowed. And what about normative ones? Whether the RFC 3967 procedure will be used in such cases, or such references are disallowed in Standards Track docs? I think this should also be mentioned in your draft. Mykyta Yevstifeyev Russ Begin forwarded message: From: IETF I-D Submission Toolidsubmiss...@ietf.org Date: April 6, 2011 11:22:25 AM EDT To: hous...@vigilsec.com Cc: dcroc...@bbiw.net, ebur...@standardstrack.com Subject: New Version Notification for draft-housley-two-maturity-levels-05 A new version of I-D, draft-housley-two-maturity-levels-05.txt has been successfully submitted by Russ Housley and posted to the IETF repository. Filename:draft-housley-two-maturity-levels Revision:05 Title: Reducing the Standards Track to Two Maturity Levels Creation_date: 2011-04-06 WG ID: Independent Submission Number_of_pages: 7 Abstract: This document proposes several changes to the Internet Engineering Task Force (IETF) Standards Process defined in RFC 2026, primarily a reduction from three IETF standards track maturity levels to two. {{ RFC Editor: please change proposes several changes to the to changes the. }} The IETF Secretariat. ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: [secdir] Secdir review of draft-ietf-sidr-res-certs
Steve, Two things: (1) Given the variable amount of time it takes to get RFCs issued/ published after IESG signoff, are you and the WG sure that you want to tie the phases of the phase-in procedure to RFC publication? (2) There is an incomplete sentence at the end of (2): This allows CAs to issue certificates under (more context below). john --On Friday, April 15, 2011 14:45 -0400 Stephen Kent k...@bbn.com wrote: 2- During phase 2 CAs MUST issue certificates under the new profile, and these certificates MUST co-exist with certificates issued under the old format. (CAs will continue to issue certificates under the old OID/format as well.) The old and new certificates MUST be identical, except for the policy OID and any new extensions, encodings, etc. Relying parties MAY make use of the old or the new certificate formats when processing signed objects retrieved from the RPKI repository system. During this phase, a relying party that elects to process both formats will acquire the same values for all certificate fields that overlap between the old and new formats. Thus if either certificate format is verifiable, the relying party accepts the data from that certificate. This allows CAs to issue certificates under 3- At the beginning of phase 3, all relying parties MUST be capable of processing certificates under the new format. ... ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: IAOC: delegating ex-officio responsibility
On Sat, 16 Apr 2011, John C Klensin wrote: snip At the risk of agreeing violently with Dave, I think the series of comments above, and referenced above, are missing something. None of this familiy of delegation or someone else proposals requires that the IAB or IESG Chairs not serve on the IAOC. If they think that is sensible and they have the time, they are free to do that. We might even strongly encourage it. However, if those people conclude that limited available time is better spent in other ways or that, if they take the IAOC position, they would not be able to devote adequate attention to it, aren't we better off giving them the flexibility and discretion to make that decision? Similarly, if someone tells the appointing body I have the time and resources to take on the IAB Chair or IETF Chair position but only if that position does not include the responsibility of sitting on the IAOC isn't it better to give those bodies the option of considering that person rather than limiting the choices to those who can sign up for all of the job? I'm not arguing that any of the IETF/IAB/etc hat wearers are inexhaustible resources, I'm saying that the AdminRest process looked hard at the composition and duties of the IAOC and if the needs have changed, or the community concerns have shifted, we should approach the current problems in a holistic manner and not engineer short term solutions on the fly. I'll point you at your own last paragraph here; http://www.ietf.org/mail-archive/web/ietf/current/msg33932.html At least from my perspective, broadening the flexibility available to already-appointed IAB and IETF Chairs and to the bodies that appoint them is the real issue here. _Requiring_ that they serve on the IAOC does not create more time or resources, it just limits the range of people who can take those positions or, more likely, raises the odds of getting someone onto the IAOC who won't be able to pay full (or even adequate) attention. certainly one possible outcome So. in addition to the questions Dave posed, the question I would address to you and Bob is whether, given a hypothetical choice of someone sitting on the IAOC ex-officio but not being able to really pay attention because he or she concludes that there are more pressing priorities and having someone representing the IAB or IESG who really can pay attention, which one you would pick. In the worst case, if you prefer to have the Chairs nominally present but not paying complete attention, then keep insisting that they are the only ones who can possibly occupy the IAOC slot. I would of course prefer full attention and skilled participation. I'd also like the full confidence of the community in the process. As part of that, figure out how you are going to convince the Nomcom and the IAB that selecting people for the Chair roles should have will give IAOC first priority regardless of their judgment about the importance of other aspects of their roles as an absolute criterion and/or how you are going to convince the community to recall anyone in the Chair roles who does not give the IAOC that priority. New/old problem that may require additional revision on several fronts - not just the IAOC. - Lucy best, john ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: IAOC: delegating ex-officio responsibility
On 4/16/2011 7:51 AM, Lucy Lynch wrote: On Fri, 15 Apr 2011, Dave CROCKER wrote: That is a concrete and basic assertion. Please put some flesh on its bones so that the basis for your view can be understood better. Let me take a run at this. Back in the pre-history of BCP 101 we had very little control over many of the ... I do not see anything in the extended history you provide that explains Bob's assertion of what is needed now. Perhaps I missed it. If so, please point to the specific requirements that apply now. Better still, let's let Bob explain his own assertion of the requirement. (It's of course fine for you to explain your own view, but Bob is the current chair of the IAOC and speaks from a different, current vantage point than anyone else.) The implication is that the people sitting in the positions of IAB Chair and IETF Chair are essential to the good operation of the IAOC/Trust. Someone else from their groups or even someone else that they appoint from outside cannot perform the task of IAOC/Trust member adequately. I think this is the wrong question. I don't think this is about the people who sit on the IAOC or the Trust, it is about the roles. That's what I was referring to. No idea how my text appears to say otherwise. However roles do not perform. People occupying those roles do. Why? What are the specific contributions (insights and skills) that these roles regularly perform, in the conduct of the IAOC/Trust that cannot be performed adequately by others? see above. That's unfortunately circular and ambiguous reference. What text specifically provide the answer to this question? One more point here: as a former Chair of the IAOC (IAB appointed member from the community) I'm sympathetic the the overload arguments but I'll note that absent the IAB/IETF chairs the work of the IAOC chair and the weight put on that role may increase in unexpected ways. This is another assertion without providing substance. My original note asked for the substance so that the discussion can include more than expert assertions of agreement or disagreement. Folks need to note some rather basic points: 1. Things are working fine, except that they aren't. This entire thread comes from a proposal from folk who are overloaded and who need things to change. When someone says I cannot keep doing the task I've been assigned either they are not competent to the task or the nature or terms of task need to change. I don't see any basis for considering the former, which leaves us with the latter. By any reasonable measure, the IETF has concentrated far too much work onto its two Chairs. For an organization devoted to an industry based on distributed control, we have a remarkable dislike to distributing control within the organization. One effect of this is to dramatically reduce the pool of people available for those concentrated jobs. Here we have a request for a particular reduction. If that reduction is not tolerable, we need to understand why? Separately, of course, we need to consider the details of the change and consider tradeoffs for alternative solutions. To do that, we need to understand the requirements that are at issue. Hence my questions to Bob. 2. The view that no change should occur without a holistic review is a consistently effective way to kill any change effort. We have plenty of experience with its effectiveness. Note that the most effective enhancements to successful IETF work is by incremental change, not holistic re-evaluation. Here we have a proposal from those experiencing the problem. A proposal states the problem and offers a solution. My original question to Bob was to help us assess the assertion of the problem and the assertion of the solution. (One or another notes implies that I've stated an opinion about the proposal, but I haven't. For now, I'm trying to get source data, including performance requirements and the logic behind the proposal.) d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf