Proposal for a revised procedure-making process for the IETF
A proposal for managing the process of determining the IETF process --- History and status -- Since 199x, the IETF's process issues have been handled by a couple of working groups, POISED and POISSON. POISED finished its initial work of defining the IETF process and was closed down; POISSON has tackled issues that have occured since that time. It is a widespread impression that the process currently is not working terribly well. Debates in the WG tend to be wide-ranging, contentious, inconclusive and not terribly well informed; many members of the community are staying away from the WG because they do not relish the style of dialogue; it takes a very long time to get consensus on even reasonably simple things. These are all consistent with the characteristics of long-lived working groups; in other areas, the Right Thing is most of the time to close the working group and start over. This proposal suggests the same thing for POISSON. A new way of attacking the problem -- There are 2 overriding concerns when deciding how to decide policy for the IETF: - The process must be open. Anything else would compromise the essential nature of the IETF. - The process must achieve quality results. Anything else endangers the function and continued existence of the IETF. The proposal below aims to achieve those two things. The proposal is funded on the idea that process work is more like an area than it is like a working group; there are problems that pop up from time to time, there is a need for a constant ability to address issues, there are large and small pieces of work that need to be done. However, the idea of a process area has been tried (and has failed) in the past; for one thing, there simply isn't enough work around to make it necessary to have a whole area for it. Proposal components --- Procedural issues are a task of the General Area of the IETF. The IETF Chair will act as AD for this area, and perform the usual functions of process management for the process-making process. There will no longer be a special IETF process list; instead, issues of interest to the community will be raised on the general IETF list. This list will be used for pre-charter discussion of new items, as well as general process issues. When items of a significant nature are to be considered, working groups will be chartered as needed. Each group will have a scope limited to one or a few documents, or portions of documents, will work out or recycle those documents only, and will then shut down. WG documents will generally be Last Called in the usual fashion and issued as BCPs. Non-WG documents will be discussed as needed, on the IETF list or elsewhere, and will get a 4-week Last Call. At the pleasure of the IETF Chair, there may exist a directorate to help in generating coherent plans for the area. Proposal discussion --- The existence of formalized, short-term working groups may help with the problem of WG rot that has characterized the POISSON effort. The increased focus may also help with the problem that POISSON has had with meeting at IETFs: when it is scheduled opposite other meetings, there will always be participants who have no possibility of attending; in particular, most of the IESG will be busy in other meetings. More focused WGs will not need so much attention. Not having a special process list is one of the more uncertain aspects of this proposal. The advantages of using the general IETF list are: - A great number of relevant people are already present on this list - It is better linked into the community than a process-only list is likely to be The disadvantage is that all participants will have to read process-related discussions whether they are interested or not. This suggests that the threshold for creating special lists for specific issues should be rather low, even for documents that do not require the full apparatus of spinning up a working group. There is a very real danger that documents that are too small to require a working group will get inadequate review. This can be ameliorated by: - discussing the documents on the IETF list - using 4-week Last Calls, with pointers to appropriate mailing lists - the ADs requesting independent review of documents Comments on this proposal are sought; the general IETF list is the list that this proposal advocates for such comments, but the attempted process list ([EMAIL PROTECTED]) may be more appropriate for detailed (nitpick-style) discussions. The General AD will monitor all 3 relevant lists, and make a decision on the proposal no earlier than October 19. [END]
Re: Last Call: PIC, A Pre-IKE Credential Provisioning Protocol to Proposed Standard
Paul, thanks for clearing up the requirements. Darren - Original Message - From: Paul Hoffman / IMC [EMAIL PROTECTED] To: Darren Dukes [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Thursday, October 11, 2001 8:16 PM Subject: Re: Last Call: PIC, A Pre-IKE Credential Provisioning Protocol to Proposed Standard At 3:56 PM -0400 10/11/01, Darren Dukes wrote: This may be nit-picking but I have seen no mention on IPSRA, or any other list, or during any meetings that there are two interoperating independent implementations of this draft. Is anyone able to confirm that implementations exist and interoperate? Yes, it is nitpicking. This call is for PIC to go to *Proposed* Standard. The requirement for two interoperable implementations is for going to *Draft* Standard, which is the step after Proposed Standard. See RFC 2026 for the not-so-gory details. --Paul Hoffman, Director --Internet Mail Consortium
PATRIOT/USA followup: we lost in US Senate
Late last night (EDT) we lost badly in the US Senate, on all three votes. [not voting can sometimes be an indication of concientious objectors, but in the case it just looks like the geriatric set.] Vote 299Vote 300Vote 301 computer trespasser roving wiretap business records Bingaman (D-NM) Boxer (D-CA) Cantwell (D-WA) Cantwell (D-WA) Cantwell (D-WA) Collins (R-ME) Corzine (D-NJ) Corzine (D-NJ) Corzine (D-NJ) Dayton (D-MN) Dayton (D-MN) Dodd (D-CT) Durbin (D-IL) Feingold (D-WI) Feingold (D-WI) Feingold (D-WI) Harkin (D-IA) Harkin (D-IA) Levin (D-MI)Levin (D-MI)Levin (D-MI) Specter (R-PA) Specter (R-PA) Stabenow (D-MI) Thompson (R-TN) Wellstone (D-MN)Wellstone (D-MN)Wellstone (D-MN) [not voting][not voting][not voting] Domenici (R-NM) Domenici (R-NM) Domenici (R-NM) Helms (R-NC)Helms (R-NC)Helms (R-NC) Lott (R-MS) Thurmond (R-SC) Thurmond (R-SC) Thurmond (R-SC) -- William Allen Simpson Key fingerprint = 17 40 5E 67 15 6F 31 26 DD 0D B9 9B 6A 15 2C 32
Re: Proposal for a revised procedure-making process for the IETF
Harald, Without touching on the question of working group rot, I'll note that the difficulty with your proposal is that process issues tend to arise individually and periodically, and often need a timely resolution. Working group chartering, and even mailing list setup, has quite a bit of overhead. It is unlikely that the effort associated with them will be viable for the periodic (multiple times per year) requirements of process discussion. Note, for example, some recent issues about a particular working group's process that warranted -- and received -- immediate discussion and clarification. My own sense of the Poisson discussion was that it was reasonable in tone and had a constructive resolution. - - - - - Hence, let me suggest a revision to your proposal, intended to respond to the concern but lighten the administrative burden: Retain the list and the group. Permit open discussion, in order to provide a separate venue for raising issues. The group chair will assess rough consensus about the need to pursue a topic and will draft a task description to serve as a mini-charter statement of work. It will be sent to ietf-announce, to permit non-poisson mailing list members to know of the new activity. The chair will then manage the task process in the usual way. d/ -- Dave Crocker mailto:[EMAIL PROTECTED] Brandenburg InternetWorking http://www.brandenburg.com tel +1.408.246.8253; fax +1.408.273.6464
PATRIOT/USA followup: ongoing House debate
Last night, in a highly unusual maneuver, the Speaker recessed the House at 10:25 pm EDT, and didn't adjourn until 8:59 am, reconvening one minute later at 9:00 am. The reason? To file a report from the Committee on Rules at 8:58 am, on how to handle the anti-terrorism bill. The House will now debate and vote on this report, even though few members of the House have actually seen the report. Even minority members of the Rules committee haven't seen the report. This may rank as one of the biggest raw power grabs in US history. -- William Allen Simpson Key fingerprint = 17 40 5E 67 15 6F 31 26 DD 0D B9 9B 6A 15 2C 32
Re: Proposal for a revised procedure-making process for the IETF
I'd second Dave's suggestion that we leave the POISSON list as is. Aside from the overhead of multiple lists, confusion might reign about which list is discussing which topic, with people ending up posting to multiple lists, etc. The increased focus may also help with the problem that POISSON has had with meeting at IETFs: when it is scheduled opposite other meetings, there will always be participants who have no possibility of attending; in particular, most of the IESG will be busy in other meetings. More focused WGs will not need so much attention. True, fewer people would attend the more focused groups, but wouldn't they still face scheduling conflicts with other WGs? (Feel free to tell me if I've missed the point ...)
Re: Proposal for a revised procedure-making process for the IETF
though i appreciate the intent. i would appreciate a separate mailing list for process issues as opposed to technical stuff. it is my job to work on the technical stuff at some depth. the process discussions often get a bit too detailed g. randy
Re: Proposal for a revised procedure-making process for the IETF
[ trimming the cc list to just [EMAIL PROTECTED] ] On Fri, 12 Oct 2001, Susan Harris wrote: I'd second Dave's suggestion that we leave the POISSON list as is. Aside from the overhead of multiple lists, confusion might reign about which list is discussing which topic, with people ending up posting to multiple lists, etc. If there are multiple lists than there must be multiple working groups (or BOFs with the goal of becoming a working group). This would be similar to the ordinary way in which any area in the IETF operates. Note that the model is to operate sort of like an area without actually being one. Thus, there should be no additional confusion than that which IETF participants already experience. :-) This is why all discussions start in one place, the IETF general list. And it needs to be that list and not a separate process list in order to be exposed to the greatest cross section of the community (if not the entire community). As with any IETF issue, if the discussion warrants detailed attention (as a BOF with a tentative goal of becoming a working group), then a separate list is created and discussion moves there. Harald has already suggested that perhaps the threshold for what needs to move will be lower for process issues than it ordinarily is for issues on the IETF list. That is something we will have to determine as the need arises. Jim Co-Chair of POISSON but speaking for myself -- -- James M. Galvin [EMAIL PROTECTED] The increased focus may also help with the problem that POISSON has had with meeting at IETFs: when it is scheduled opposite other meetings, there will always be participants who have no possibility of attending; in particular, most of the IESG will be busy in other meetings. More focused WGs will not need so much attention. True, fewer people would attend the more focused groups, but wouldn't they still face scheduling conflicts with other WGs? (Feel free to tell me if I've missed the point ...) To subscribe or unsubscribe from this elist use the subscription manager: http://lists.elistx.com/ob/adm.pl
Re: PATRIOT/USA followup: ongoing House debate
Perhaps I missed it -- this has what to do with Internet engineering? Neil - Original Message - From: William Allen Simpson [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, October 12, 2001 11:45 AM Subject: PATRIOT/USA followup: ongoing House debate Last night, in a highly unusual maneuver, the Speaker recessed the House at 10:25 pm EDT, and didn't adjourn until 8:59 am, reconvening one minute later at 9:00 am. The reason? To file a report from the Committee on Rules at 8:58 am, on how to handle the anti-terrorism bill. The House will now debate and vote on this report, even though few members of the House have actually seen the report. Even minority members of the Rules committee haven't seen the report. This may rank as one of the biggest raw power grabs in US history. -- William Allen Simpson Key fingerprint = 17 40 5E 67 15 6F 31 26 DD 0D B9 9B 6A 15 2C 32
Re: PATRIOT/USA followup: ongoing House debate
On Fri, 12 Oct 2001 15:16:38 EDT, Neil Carpenter [EMAIL PROTECTED] said: Perhaps I missed it -- this has what to do with Internet engineering? At least some readings of the original bill would require ISP's to save addressing information, such that the ISP would basically have to log every SYN or SYN/ACK packet. Forever. You should worry about that as an engineering issue. There was also the equating of hacking to terrorism. With the retroactive removal of a statute of limitations. And provisions for providing significant aid to terrorists. This means that Steve Bellovin could (under the original proposals) end up in jail for life, because he wrote a paper on TCP sequence numbers, because Mitnick used a sequence number attack on somebody. Anybody who has ever posted to the Bugtraq or comp.risks or IETF lists regarding security issues is similarly vulnerable under the original draft. This would probably include most of the IAB and IESG. You should worry about that just out of self-preservation. I'm told that the Senate bill as amended fixes a lot of the worst aspects of the hacking side, and I'm also told that an amendment was proposed to exempt ISPs from the most onerous of the logging requirements. However, I have *NOT* tracked down pointers to the current legislation as being discussed to verify how much things have improved. -- Valdis Kletnieks Operating Systems Analyst Virginia Tech msg07013/pgp0.pgp Description: PGP signature
Re: PATRIOT/USA followup: ongoing House debate
Better classified as social engineering Neil Carpenter wrote: Perhaps I missed it -- this has what to do with Internet engineering? Neil - Original Message - From: William Allen Simpson [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, October 12, 2001 11:45 AM Subject: PATRIOT/USA followup: ongoing House debate Last night, in a highly unusual maneuver, the Speaker recessed the House at 10:25 pm EDT, and didn't adjourn until 8:59 am, reconvening one minute later at 9:00 am. The reason? To file a report from the Committee on Rules at 8:58 am, on how to handle the anti-terrorism bill. The House will now debate and vote on this report, even though few members of the House have actually seen the report. Even minority members of the Rules committee haven't seen the report. This may rank as one of the biggest raw power grabs in US history. -- William Allen Simpson Key fingerprint = 17 40 5E 67 15 6F 31 26 DD 0D B9 9B 6A 15 2C 32
Re: PATRIOT/USA followup: ongoing House debate
Neil Carpenter wrote: Perhaps I missed it -- this has what to do with Internet engineering? Internet engineers risk becoming the new witches of Salem. cheers, gja
Re: PATRIOT/USA followup: ongoing House debate
Neil Carpenter [EMAIL PROTECTED] writes: Perhaps I missed it -- this has what to do with Internet engineering? Do you want your internet designed with permanent surveillance capacities to meet a temporary exigency? Then look no further -- your legislation has arrived. Perry
Re: PATRIOT/USA followup: ongoing House debate
In message [EMAIL PROTECTED], Valdis.Kletniek [EMAIL PROTECTED] writes: There was also the equating of hacking to terrorism. With the retroactive removal of a statute of limitations. And provisions for providing significan t aid to terrorists. This means that Steve Bellovin could (under the original proposals) end up in jail for life, because he wrote a paper on TCP sequence numbers, because Mitnick used a sequence number attack on somebody. Nah -- that would be an ex post facto law, since it wasn't illegal to publish that in 1989. Of course, I may have to worry about my next paper... And although ex post facto laws are banned by the Constitution, there are (or at least were) other provisions of dubious constitutionality in that bill. Ah, well -- time to get ready for the traditional flood of out of the office autoreplies... --Steve Bellovin, http://www.research.att.com/~smb Full text of Firewalls book now at http://www.wilyhacker.com
Re: PATRIOT/USA followup: ongoing House debate
I have to agree with Mr. Carpenter on the fact that this appears to have nothing to do with internet engineering. Please discontinue spamming the IETF with off-the-subject posts. Thank you. - Original Message - From: Neil Carpenter [EMAIL PROTECTED] To: William Allen Simpson [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Friday, October 12, 2001 3:16 PM Subject: Re: PATRIOT/USA followup: ongoing House debate Perhaps I missed it -- this has what to do with Internet engineering? Neil - Original Message - From: William Allen Simpson [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, October 12, 2001 11:45 AM Subject: PATRIOT/USA followup: ongoing House debate Last night, in a highly unusual maneuver, the Speaker recessed the House at 10:25 pm EDT, and didn't adjourn until 8:59 am, reconvening one minute later at 9:00 am. The reason? To file a report from the Committee on Rules at 8:58 am, on how to handle the anti-terrorism bill. The House will now debate and vote on this report, even though few members of the House have actually seen the report. Even minority members of the Rules committee haven't seen the report. This may rank as one of the biggest raw power grabs in US history. -- William Allen Simpson Key fingerprint = 17 40 5E 67 15 6F 31 26 DD 0D B9 9B 6A 15 2C 32
Re: Proposal for a revised procedure-making process for the IETF
The IETF list should be reserved for proper technical discussions, such as the format of RFCs and Internet Drafts, NATs are good/bad/ugly, add me/remove me messages, and conference location debates.
Re: PATRIOT/USA followup: ongoing House debate
Steven M. Bellovin wrote: In message [EMAIL PROTECTED], Valdis.Kletniek [EMAIL PROTECTED] writes: There was also the equating of hacking to terrorism. With the retroactive removal of a statute of limitations. And provisions for providing significan t aid to terrorists. This means that Steve Bellovin could (under the original proposals) end up in jail for life, because he wrote a paper on TCP sequence numbers, because Mitnick used a sequence number attack on somebody. Nah -- that would be an ex post facto law, since it wasn't illegal to publish that in 1989. Well, I would have thought that it wasn't illegal to publish the first internet-draft in '92 that lead to the nearly identical RFC-1334 PPP Authentication Protocols in '94. (Read it and weep.) But, as those of you who have been around here for a significant period of time already know, I spent the bulk of my life savings fending off the FBI on a charge of _T_R_E_A_S_O_N_, and at least one university cut off my internet access just on the suspicion of the investigation. Are we all prepared to hazard that? The new bill allows them to secretly monitor communications and business records, and seize all my computer equipment and bank accounts _during_ the investigation and reduces the burden of proof to reasonable cause and reasonable necessity, instead of probable cause. Are we *ALL* prepared to hazard that? Of course, I may have to worry about my next paper... And although ex post facto laws are banned by the Constitution, there are (or at least were) other provisions of dubious constitutionality in that bill. It's arguable that educating a foreign national on security issues has always been illegal. However, the statute of limitations on that is merely increased to 8 years. Increasing a statute of limitations time isn't considered an ex post facto law. Unlimited is the commission of such offense resulted in, or created a forseeable risk of, death or serious bodily injury to another person. Ah, well -- time to get ready for the traditional flood of out of the office autoreplies... Amazingly enough, I haven't had any on my posts! -- William Allen Simpson Key fingerprint = 17 40 5E 67 15 6F 31 26 DD 0D B9 9B 6A 15 2C 32
Re: Proposal for a revised procedure-making process for the IETF
Jim, et al, At 10:19 AM 10/12/2001, James M Galvin wrote: Dave, although it may be true that our current process for creating working groups can be cumbersome, I am expecting the IESG to streamline the process of new working groups for process issues. Obviously this requires a bit of change in how the IESG works but surely they realize this is necessary for the proposed process to work and it will get done. giving full credit to everyone's clear and honest good intentions and good actions -- especially the kind folks on the IESG -- the question is why you have that expectation? we are talking about a management body that is vastly overworked, and that has a very, very stable long-term pattern of handling working group creation. And unless the processes inside the IESG have changed, it is even more consensus oriented than the rest of the IETF. That takes time. A lot of it. And it is very difficult to streamline such a process. At any rate, the topics that poisson has had to cover have been rather narrow and isolated. now, it well might be that an effort to query the community about process topics that could be improved would produce a substantial list of topics that are legitimately in need of work. THAT would warrant a working group. (it would also be at least a 2-year working group, i suspect.) however the pattern, to date, has been topics that have come up far more piecemeal and have needed more timely response than is possible if each must wait for a critical mass of topics, before forming a working group. On the other hand, creating a new working group and a new list has one feature that is an explicit goal. IETF working groups always have an abundance of fringe participants and for long-lived groups this is especially problematic: you get on a list and you never get off and you find yourself interested or otherwise involved in topics you otherwise would not have bothered with. Ahhh. Social engineering. Entirely rationale. However we stink at it and need to avoid opportunities like this to pretend that we have a clue about how to do it. Finally your last sentence seems to suggest that open discussion is some how coupled with a long-lived working group and its mailing list. Even if that were true, the proposal is to use the general IETF list, which is a mailing list that is both open and long-lived. It's not a working group but I don't see how that matters. My wording was obviously inadequate. You are not the only one to think that I was referring to openness. I wasn't. I was referring to the easy, spontaneous collaboration that is like walking down the hall to consult a colleaque. I am now calling this the water cooler effect. Hence the question reduces to: what existing list should be used? The IETF main list, or a different list? Given that we are considering a rather specific category of (ongoing) topics, then forcing them on to the IETF list is likely to have unfortunate side-effects on the IETF list. (What happens when you remove the water cooler is not a good thing.) d/ -- Dave Crocker mailto:[EMAIL PROTECTED] Brandenburg InternetWorking http://www.brandenburg.com tel +1.408.246.8253; fax +1.408.273.6464
RE: Proposal for a revised procedure-making process for the IETF
Waitaminute, I thought NAT rants had been relegated to the authority of one Dante Alighieri for proper assignment to a low, lonely circle of hell -- Ian -Original Message- From: Eliot Lear [mailto:[EMAIL PROTECTED]] Sent: Friday, October 12, 2001 3:47 PM To: Randy Bush Cc: [EMAIL PROTECTED] Subject: Re: Proposal for a revised procedure-making process for the IETF The IETF list should be reserved for proper technical discussions, such as the format of RFCs and Internet Drafts, NATs are good/bad/ugly, add me/remove me messages, and conference location debates.