IETF Logo Mail Archive

Re: [httpapi] Lars Eggert's No Objection on draft-ietf-httpapi-rfc7807bis-05: (with COMMENT)

Mark Nottingham <mnot@mnot.net> Thu, 16 February 2023 22:01 UTC

Return-Path: <mnot@mnot.net>
X-Original-To: httpapi@ietfa.amsl.com
Delivered-To: httpapi@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E919DC16B5A1; Thu, 16 Feb 2023 14:01:24 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.097
X-Spam-Level:
X-Spam-Status: No, score=-7.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=mnot.net header.b="qA6d2k8F"; dkim=pass (2048-bit key) header.d=messagingengine.com header.b="QtM/fiRl"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PjhNo6e4FOEI; Thu, 16 Feb 2023 14:01:20 -0800 (PST)
Received: from out5-smtp.messagingengine.com (out5-smtp.messagingengine.com [66.111.4.29]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 98C36C16B5C0; Thu, 16 Feb 2023 14:01:20 -0800 (PST)
Received: from compute3.internal (compute3.nyi.internal [10.202.2.43]) by mailout.nyi.internal (Postfix) with ESMTP id B992D5C0087; Thu, 16 Feb 2023 17:01:19 -0500 (EST)
Received: from mailfrontend1 ([10.202.2.162]) by compute3.internal (MEProxy); Thu, 16 Feb 2023 17:01:19 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mnot.net; h=cc :cc:content-transfer-encoding:content-type:date:date:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:sender:subject:subject:to:to; s=fm2; t=1676584879; x= 1676671279; bh=sP0Qn9Gbtmv6wS1l4jqdRWeharKqfjgFT5smFJazMpA=; b=q A6d2k8Fy65l2SOrefDo/ydgo+2kIGX83jG2ty397TLD4q0xKSDzeCGrs3ZHljYVS NLRvsrTHEoJS8jrTUxCZOWxMzNz80ICTkv20ETLzmF+6Fk/JBDcKbndUM/iI+RJW BBQVm6XHB90/+ZgrOnGp7zjrJbjDElvrDNufrYmOKIRa0IY7z8pdD9nJy7GHljN6 PE7fcm8HutADnyDv3ZxAUkxBhIsTUrYjWPdBLc7sXwPwEXJGXSQ/+DcpwxqWDHJ9 bGMu0IonK44iQX+g6qiSyk2lQBn5M+dAuSxeLM5osVb5VMvB77jDh9hbdefQsKpJ v1w+K8avcL9Q5yZdYpt/A==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:sender:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm1; t=1676584879; x= 1676671279; bh=sP0Qn9Gbtmv6wS1l4jqdRWeharKqfjgFT5smFJazMpA=; b=Q tM/fiRldl0JTz8oXdM6QHMbtNEarrgYNh5m0QWHsQ0yMNRiQ1i/4Ic3vlODthYer rLleIgwtZvg7nUYyE26QTUheSBYJX2gHsUAWT9Ib6yiCMogINGN2Dxj5Jne7BUXf uH0iEeGtkZtVj3ryxy48/4BbWE9CVElL/CJpFwbJXP3QaJFs9GfTcMz8lku0iegS nkb1lbQjsfUsmapDXd43uwLf3dZMF4GDC2Mj1Sork/5lD87h12v0NTCHWEo6pHzE d7BgbshAqx0ef2IONRjOzEGrYUbrFjglhv/z1LpkLFHAcclQoAMWY2Xuj6YYjBV0 jJuzIEtfVrosCwmXi35oA==
X-ME-Sender: <xms:r6fuY-EL9QsAIdPpgsbCK1saxFf2YcYf08idNIMgneCevz6Sd0dHmQ> <xme:r6fuY_VQZJkAdY0iOne31wp5Sqyxj0g64x3s8p4pEKI635tiMyA1GcW8MvmbFenJA HFNMgxzu9F6IuV8vw>
X-ME-Received: <xmr:r6fuY4Lurn_6hP_5RIjgogwK8W1QuPpqrFMcqzVItgKRGu_REQRxlM9JiFuQEZFFOAk>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvhedrudeijedgudehgecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmd enucfjughrpegtggfuhfgjffevgffkfhfvofesthhqmhdthhdtvdenucfhrhhomhepofgr rhhkucfpohhtthhinhhghhgrmhcuoehmnhhothesmhhnohhtrdhnvghtqeenucggtffrrg htthgvrhhnpeegleegkedtgeeufeefvefhvdfgfffhheelhefgtddtvddvjeegvdefjeet vdduleenucffohhmrghinhepihgvthhfrdhorhhgpdhmnhhothdrnhgvthenucevlhhush htvghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehmnhhothesmhhnohht rdhnvght
X-ME-Proxy: <xmx:r6fuY4HFf2hookZqpu4vtg0cUaAE7O0DyaBvqUti1hXbQ0AFBg8Q9g> <xmx:r6fuY0XCCHc4z6UrkganrLyivrAq2wEhfoeVcUmOoCDvoZHYvdYPSQ> <xmx:r6fuY7NRx_vJ9c7AKQKtqoP6oJOtcLYo1jKOgKQTkOo88yVkr5a4jg> <xmx:r6fuY2IrsWDuM9smg4ihwCoI7RhH4OB4SO6XRFU4dw7ozoimj5zduA>
Feedback-ID: ie6694242:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA; Thu, 16 Feb 2023 17:01:18 -0500 (EST)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.400.51.1.1\))
From: Mark Nottingham <mnot@mnot.net>
In-Reply-To: <D147C8B5-5090-4695-AF80-E94B065B5668@eggert.org>
Date: Thu, 16 Feb 2023 14:00:57 -0800
Cc: Mark Nottingham <mnot=40mnot.net@dmarc.ietf.org>, The IESG <iesg@ietf.org>, HTTP APIs Working Group <httpapi@ietf.org>, Darrel Miller <darrel@tavis.ca>, "Salz, Rich" <rsalz@akamai.com>, Sanjay Dalal <sanjay.dalal@cal.berkeley.edu>, Erik Wilde <erik.wilde@dret.net>
Content-Transfer-Encoding: quoted-printable
Message-Id: <1DCE5CB5-B701-41FA-8DB5-DCBFCA3BF762@mnot.net>
References: <167638587783.56124.9720605602199418445@ietfa.amsl.com> <C007A96F-65EB-4BAA-A2C2-5339EA49D564@mnot.net> <D147C8B5-5090-4695-AF80-E94B065B5668@eggert.org>
To: Lars Eggert <lars@eggert.org>
X-Mailer: Apple Mail (2.3731.400.51.1.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/httpapi/poFFFN2ERG6AqrnJKchU8-wYTZ0>
Subject: Re: [httpapi] Lars Eggert's No Objection on draft-ietf-httpapi-rfc7807bis-05: (with COMMENT)
X-BeenThere: httpapi@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Building Blocks for HTTP APIs <httpapi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/httpapi>, <mailto:httpapi-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/httpapi/>
List-Post: <mailto:httpapi@ietf.org>
List-Help: <mailto:httpapi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/httpapi>, <mailto:httpapi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 16 Feb 2023 22:01:25 -0000

On 15 Feb 2023, at 1:01 am, Lars Eggert <lars@eggert.org> wrote:
> 
> Hi,
> 
> On Feb 15, 2023, at 07:05, Mark Nottingham <mnot=40mnot.net@dmarc.ietf.org> wrote:
>>> On 14 Feb 2023, at 6:44 am, Lars Eggert via Datatracker <noreply@ietf.org> wrote:
>> [...]
>>> ### Section 4.2, paragraph 3
>>> ```
>>>   When evaluating requests, the Expert(s) should consider community
>>>   feedback, how well-defined the problem type is, and this
>>>   specification's requirements.
>>> ```
>>> It's called "expert review" and not "community review" for a reason, because
>>> it's the expert's call. If you want community review, the registration policy
>>> should be "RFC Required" or "IETF Review"..
>> 
>> Yes, and the expert is asked to check with the community; this is hardly unusual.
> 
> So who are "the community" and how does an expert demonstrate they have "considered" the feedback? (I'm thinking about what happens in appeals of expert decisions.)

I did a little digging around and found that we use language about consulting the community already in:

RFC9110 - "The expert(s) can define additional fields to be collected in the registry, in consultation with the community." 
RFC9110 - "Other names can also be registered as permanent if the expert(s) finds that they are in use, in consultation with the community."
RFC9110 - "Provisional entries can be removed by the expert(s) if -- in consultation with the community -- the expert(s) find that they are not in use."
RFC8615 - "Other values can also be registered as permanent, if the experts find that they are in use, in consultation with the community."
RFC9209 - "The expert(s) should consider the following factors when evaluating requests: [...] Community feedback"

I'm sure there are a few more, but in general, the point is to assure that when the Expert has the ability to take unusual and unilateral action, there is at least a bit of transparency in their action. 

The specific community to be consulted and whether it was sufficiently considered are both intentionally vague; in an appeal, the appeal body would make a judgment about whether they are reasonable. It doesn't say "community consensus" (where I would understand your concern completely); only that the Expert should "consult" so that they're not acting in the dark. 

The difference I see between the proposed text and the examples above is that it is a _general_ requirement to consult with the community, whereas all of the examples (barring the last one) are about specific actions that are instigated by the Expert themselves. 

I think community feedback is relevant in this registry because the purpose of the registry is to try to capture those problem types that are amenable to reuse; community discussion can improve the candidates and help winnow out those that are not suitable. We didn't specify one of the more rigorous options because it would discourage use of the registry to the point that it would be useless to define it; I seriously doubt that we're going to see standards-track Problem Type definition RFCs anytime soon.

(feedback about that positioning from HTTP API WG members would be most welcome)

If this is really a problem I'll remove the text; however, it feels like we're being unnecessarily constrained by the terminology here.


>>> ### Uncited references
>>> 
>>> Document obsoletes `RFC7807`, but does not cite it as a reference.
>> 
>> Is that now required? The doc already clearly says it does so in the abstract. I have to say, there seems to be an increasing number of ceremonies for obsoleting something, considering it's captured in metadata at the top of the document.
> 
> It's not required, which is why this is in a comment. But a document obsoleting another document should IMO actually reference it.

It would be *great* if there were a detailed policy on this, rather than having the IESG and then the RFC Editor chime in with their adjustments as authors go through the process.

The only mention of obsoleting I see that's relevant on authors.ietf.org is <https://authors.ietf.org/en/required-content#abstract>:

"If the I-D intends to obsolete or update a previous RFC, ensure the abstract says so explicitly."

If we can get agreement that that's the right thing to do and update the docs accordingly, I'm more than happy to comply; otherwise, I'll leave as is (subject to whatever the RPC decides, no doubt).


>>> #### Section 4.2, paragraph 3
>>> ```
>>> -    and deployment-specific values are not registrable.  Specification
>>> +    and deployment-specific values are not registerable.  Specification
>>> +                                                 +
>>> ```
>> 
>> What is the correction here? The only difference I see is an extra space at the start of the sentence, which is superfluous in the text.
> 
> The ^ points to an inserted character.

You mean '+'? I think I see the problem -- I'm not reading with a fixed-width typeface. Fixed.

(is there another way to show the diff that doesn't require a fixed-width typeface? just a thought.)

Cheers and thanks for the feedback,


> 
> Thanks,
> Lars
> 
> 
> -- 
> httpapi mailing list
> httpapi@ietf.org
> https://www.ietf.org/mailman/listinfo/httpapi

--
Mark Nottingham   https://www.mnot.net/

v2.45.0 | Report a Bug | By Email | System Status