Re: draft-housley-two-maturity-levels-05

[Mykyta Yevstifeyev]

06.04.2011 18:27, Russ Housley wrote:

This revision proposes a solution to the issue raised by Brian Carpenter about 
documents lingering at Draft Standard.  Some people thought it was a problem.  
Others thought it did not matter.  The proposed solution leaves the matter in 
the hands of the IESG.

Russ,

Hello again.  I have another minor comment regarding this document.


4. Downward References Permitted
This section says nothing about references to documents with no status 
(pre-IETF RFCs).  Maybe informative references to such RFCs should be 
allowed.  And what about normative ones?  Whether the RFC 3967 procedure 
will be used in such cases, or such references are disallowed in 
Standards Track docs?  I think this should also be mentioned in your draft.


Mykyta Yevstifeyev


Russ


Begin forwarded message:


From: IETF I-D Submission Toolidsubmiss...@ietf.org
Date: April 6, 2011 11:22:25 AM EDT
To: hous...@vigilsec.com
Cc: dcroc...@bbiw.net, ebur...@standardstrack.com
Subject: New Version Notification for draft-housley-two-maturity-levels-05


A new version of I-D, draft-housley-two-maturity-levels-05.txt has been 
successfully submitted by Russ Housley and posted to the IETF repository.

Filename:draft-housley-two-maturity-levels
Revision:05
Title:   Reducing the Standards Track to Two Maturity Levels
Creation_date:   2011-04-06
WG ID:   Independent Submission
Number_of_pages: 7

Abstract:
This document proposes several changes to the Internet Engineering
Task Force (IETF) Standards Process defined in RFC 2026, primarily a
reduction from three IETF standards track maturity levels to two.

{{ RFC Editor: please change proposes several changes to the to
changes the. }}



The IETF Secretariat.



___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf



___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf

Re: [secdir] Secdir review of draft-ietf-sidr-res-certs

[John C Klensin]

Steve,
Two things:


(1) Given the variable amount of time it takes to get RFCs
issued/ published after IESG signoff, are you and the WG sure
that you want to tie the phases of the phase-in procedure to RFC
publication?

(2) There is an incomplete sentence at the end of (2): This
allows CAs to issue certificates under (more context below).

   john



--On Friday, April 15, 2011 14:45 -0400 Stephen Kent
k...@bbn.com wrote:

   2- During phase 2 CAs MUST issue certificates under the new
 profile, and these certificates MUST co-exist with
 certificates issued under the old format. (CAs will continue
 to issue certificates under the old OID/format as well.) The
 old and new certificates MUST be identical, except for the
 policy OID and any new extensions, encodings, etc. Relying
 parties MAY make use of the old or the new certificate formats
 when processing signed objects retrieved from the RPKI
 repository system. During this phase, a relying party that
 elects to process both formats will acquire the same values
 for all certificate fields that overlap between the old and
 new formats. Thus if either certificate format is verifiable,
 the relying party accepts the data from that certificate. This
 allows CAs to issue certificates under
 
   3- At the beginning of phase 3, all relying parties MUST be
 capable of processing certificates under the new format.
...

___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf

Re: IAOC: delegating ex-officio responsibility

[Lucy Lynch]

On Sat, 16 Apr 2011, John C Klensin wrote:
snip


At the risk of agreeing violently with Dave, I think the series
of comments above, and referenced above, are missing something.
None of this familiy of delegation or someone else proposals
requires that the IAB or IESG Chairs not serve on the IAOC.  If
they think that is sensible and they have the time, they are
free to do that.  We might even strongly encourage it.  However,
if those people conclude that limited available time is better
spent in other ways or that, if they take the IAOC position,
they would not be able to devote adequate attention to it,
aren't we better off giving them the flexibility and discretion
to make that decision?  Similarly, if someone tells the
appointing body I have the time and resources to take on the
IAB Chair or IETF Chair position but only if that position does
not include the responsibility of sitting on the IAOC isn't it
better to give those bodies the option of considering that
person rather than limiting the choices to those who can sign up
for all of the job?


I'm not arguing that any of the IETF/IAB/etc hat wearers are
inexhaustible resources, I'm saying that the AdminRest process
looked hard at the composition and duties of the IAOC and if
the needs have changed, or the community concerns have shifted,
we should approach the current problems in a holistic manner and not
engineer short term solutions on the fly. I'll point you at your
own last paragraph here;

http://www.ietf.org/mail-archive/web/ietf/current/msg33932.html



At least from my perspective, broadening the flexibility
available to already-appointed IAB and IETF Chairs and to the
bodies that appoint them is the real issue here.  _Requiring_
that they serve on the IAOC does not create more time or
resources, it just limits the range of people who can take those
positions or, more likely, raises the odds of getting someone
onto the IAOC who won't be able to pay full (or even adequate)
attention.


certainly one possible outcome


So. in addition to the questions Dave posed, the question I
would address to you and Bob is whether, given a hypothetical
choice of someone sitting on the IAOC ex-officio but not being
able to really pay attention because he or she concludes that
there are more pressing priorities and having someone
representing the IAB or IESG who really can pay attention, which
one you would pick.  In the worst case, if you prefer to have
the Chairs nominally present but not paying complete attention,
then keep insisting that they are the only ones who can possibly
occupy the IAOC slot.


I would of course prefer full attention and skilled participation.
I'd also like the full confidence of the community in the process.


As part of that, figure out how you are going to convince the
Nomcom and the IAB that selecting people for the Chair roles
should have will give IAOC first priority regardless of their
judgment about the importance of other aspects of their roles
as an absolute criterion and/or how you are going to convince
the community to recall anyone in the Chair roles who does not
give the IAOC that priority.


New/old  problem that may require additional revision on several
fronts - not just the IAOC.

- Lucy


best,
 john


___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf

Re: IAOC: delegating ex-officio responsibility

[Dave CROCKER]

On 4/16/2011 7:51 AM, Lucy Lynch wrote:

On Fri, 15 Apr 2011, Dave CROCKER wrote:

That is a concrete and basic assertion. Please put some flesh on its bones so
that the basis for your view can be understood better.


Let me take a run at this.

Back in the pre-history of BCP 101 we had very little control over many of the

...

I do not see anything in the extended history you provide that explains Bob's 
assertion of what is needed now.


Perhaps I missed it.  If so, please point to the specific requirements that 
apply now.


Better still, let's let Bob explain his own assertion of the requirement.

(It's of course fine for you to explain your own view, but Bob is the current 
chair of the IAOC and speaks from a different, current vantage point than anyone 
else.)




The implication is that the people sitting in the positions of IAB Chair and
IETF Chair are essential to the good operation of the IAOC/Trust. Someone else
from their groups or even someone else that they appoint from outside cannot
perform the task of IAOC/Trust member adequately.


I think this is the wrong question. I don't think this is about the
people who sit on the IAOC or the Trust, it is about the roles.


That's what I was referring to. No idea how my text appears to say otherwise.

However roles do not perform.  People occupying those roles do.



Why?

What are the specific contributions (insights and skills) that these roles
regularly perform, in the conduct of the IAOC/Trust that cannot be performed
adequately by others?


see above.


That's unfortunately circular and ambiguous reference.  What text specifically 
provide the answer to this question?




One more point here: as a former Chair of the IAOC (IAB appointed
member from the community) I'm sympathetic the the overload arguments
but I'll note that absent the IAB/IETF chairs the work of the IAOC
chair and the weight put on that role may increase in unexpected ways.


This is another assertion without providing substance.  My original note asked 
for the substance so that the discussion can include more than expert assertions 
of agreement or disagreement.


Folks need to note some rather basic points:

1.   Things are working fine, except that they aren't.

 This entire thread comes from a proposal from folk who are overloaded and 
who need things to change.


When someone says I cannot keep doing the task I've been assigned either they 
are not competent to the task or the nature or terms of task need to change.  I 
don't see any basis for considering the former, which leaves us with the latter.


By any reasonable measure, the IETF has concentrated far too much work onto its 
two Chairs.  For an organization devoted to an industry based on distributed 
control, we have a remarkable dislike to distributing control within the 
organization.  One effect of this is to dramatically reduce the pool of people 
available for those concentrated jobs.  Here we have a request for a particular 
reduction.  If that reduction is not tolerable, we need to understand why?


Separately, of course, we need to consider the details of the change and 
consider tradeoffs for alternative solutions.  To do that, we need to understand 
the requirements that are at issue.  Hence my questions to Bob.



2.   The view that no change should occur without a holistic review is a 
consistently effective way to kill any change effort.  We have plenty of 
experience with its effectiveness.


 Note that the most effective enhancements to successful IETF work is by 
incremental change, not holistic re-evaluation.


Here we have a proposal from those experiencing the problem.  A proposal states 
the problem and offers a solution.


My original question to Bob was to help us assess the assertion of the problem 
and the assertion of the solution.  (One or another notes implies that I've 
stated an opinion about the proposal, but I haven't.  For now, I'm trying to get 
source data, including performance requirements and the logic behind the 
proposal.)


d/
--

  Dave Crocker
  Brandenburg InternetWorking
  bbiw.net
___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf