[Iasa20] Comments on <draft-ietf-iasa2-rfc4071bis-00>

[Bob Hinden <bob.hinden@gmail.com>]

Hi,

My comments below.  They range from editorial to substantive.

Note, to make this shorter, I removed text I wasn’t commenting on.

Thanks,
Bob


> 
> 
> 
> 
> IASA2                                                        B. Haberman
> Internet-Draft                                  Johns Hopkins University
> Obsoletes: RFC4071, RFC4333, RFC7691 (if                         J. Hall
>            approved)                                                 CDT
> Intended status: Best Current Practice                      J. Livingood
> Expires: June 8, 2019                                            Comcast
>                                                        December 05, 2018
> 
> 
>    Structure of the IETF Administrative Support Activity, Version 2.0
>                      draft-ietf-iasa2-rfc4071bis-00
> 
> 

. . . .

> 1.  Introduction
> 
>    The IETF Administrative Support Activity (IASA) was originally
>    established in 2005.  In the years since then, the needs of the IETF
>    evolved in ways that required changes to its administrative
>    structure.  The purpose of this document is to document and describe
>    the IASA 2.0 structure.
> 
>    Under IASA 2.0, the work of the IETF's administrative and fundraising
>    tasks is conducted by an administrative organization, the IETF
>    Administration Limited Liability Company ("IETF LLC").  Under this
>    structure, the Internet Administrative Oversight Committee (IAOC) was

s/was/is/

To my thinking this hasn't happend until this document is approved.   For
example, until RFC4333 is obsoleted when this document is approved.  It's
not past tense yet.


>    eliminated, and its oversight and advising functions transferred to
>    the IETF LLC Board.
> 
>    [I-D.haberman-iasa20dt-recs] discusses the challenges facing the
>    original IASA structure as well as several options for reorganizing
>    the IETF's administration under different legal structures.  This
>    document outlines how the chosen option is structured and describes
> 
> 
> 
> 
> Haberman, et al.          Expires June 8, 2019                  [Page 3]
> Internet-Draft                    IASA2                    December 2018
> 
> 
>    how the organization fits together with existing and new IETF
>    community structures.
> 
>    The point of the IASA2 WG and process has been to solicit community
>    input about how to address the challenges identified in
>    [I-D.haberman-iasa20dt-recs], and included much debate on the IASA2
>    mailing list and the IASA2 working group meetings at IETF 101
>    [ietf101-slides] and IETF 102 [ietf102-slides].
> 
>    Under IASA 2.0, most of the responsibilities that [RFC4071] assigned
>    to the IETF Administrative Director (IAD) and the Internet Society
>    (ISOC) were transferred to the IETF LLC and IETF Administration LLC
>    Executive Director (IETF Executive Director).  It is the job of the
>    IETF LLC to meet the administrative needs of the IETF and to ensure
>    that the IETF LLC meets the needs of the IETF community.
> 
>    Eliminating the IAOC meant that changes were required in how trustees
>    could be appointed to the IETF Trust.  The details of how this is
>    done are outside the scope of this document but are covered in
>    [I-D.ietf-iasa2-trust-update].
> 
>    This document obsoletes [RFC4071], which specified the original IASA,
>    [RFC4333], which specified the selection guidelines and process for
>    IAOC members and [RFC7691], which specified terms for IAOC members.

Does this doucment also update BCP101?   I think so, if it does, it should be
mentioned here.


> 2.  Scope Limitation
> 
>    The document does not propose any changes to anything related to the

s/propose/make/

When approved, it's not a proposal.

>    oversight or steering of the standards process as currently conducted
>    by the Internet Engineering Steering Group (IESG) and Internet
>    Architecture Board (IAB), the appeals chain, the process for making
>    and confirming IETF and IAB appointments, the IETF Nominating
>    Committee (NomCom), the Internet Research Task Force (IRTF), or
>    ISOC's memberships in or support of other organizations.

I note the NomCom responsibilities are changing, they will now appoint some
IETF LLC Board members and IETF Trust Trustees.  This text isn't quite
right.


> 2.1.  LLC Agreement with the Internet Society
> 
>    The LLC Agreement between the IETF LLC and ISOC [IETF-LLC-A] is also
>    out of scope for this document, however this document depends on the
>    LLC Agreement and will refer to it for certain aspects of the legal
>    relationship between the IETF LLC and ISOC.  The LLC Agreement was
>    developed between legal representatives of the IETF and ISOC and
>    includes all critical terms of the relationship, while still enabling
>    maximum unilateral flexibility for the IETF LLC Board.  The LLC
>    Agreement includes only basic details about how the IETF LLC Board
>    manages itself or manages IETF LLC staff, so that the IETF LLC Board
>    has flexibility to make changes without amending the agreement.  The
> 
> 
> 
> 
> Haberman, et al.          Expires June 8, 2019                  [Page 4]
> Internet-Draft                    IASA2                    December 2018
> 
> 
>    IETF LLC Board can independently develop policy or procedures
>    documents that fill gaps.
> 
> 3.  Definitions and Principles
> 
> 3.1.  Alphabet Soup

Just call this “terminology"?   Do we need to be cute here?


>    Although most of the terms, abbreviations, and acronyms used in this
>    document are reasonably well known, first-time readers may find this
>    alphabet soup confusing.  This section therefore attempts to provide
>    a quick summary.

Please rewrite this.   Some of these are well known (IESG, IAB, etc.), but
the rest (IETF LLC) are not.

>    IAB: Internet Architecture Board (see [RFC2026], [RFC2850]).
> 
>    IAD: IETF Administrative Director, a role obsoleted by this document
>    and the ISOC/IETF LLC Agreement ([IETF-LLC-A]) and replaced by the
>    IETF LLC Executive Director.
> 
>    IAOC: IETF Administrative Oversight Committee, a committee that
>    oversaw IETF administrative activity, obsoleted by this document and
>    replaced by the IETF LLC Board.  (The IETF Trust function of the
>    former IAOC was not included in the new responsibilities of the IETF
>    LLC Board (See [I-D.ietf-iasa2-trust-update]).)
> 
>    IASA: The original IETF Administrative Support Activity, defined by
>    [RFC4071] and obsoleted by this document and the ISOC/IETF LLC
>    Agreement ([IETF-LLC-A]).


I disagree.  IASA is the general term that applies to IASA 1.0 and IASA
2.0.  Perhaps in the future IASA 3.0.


>    IASA 2.0: Version 2.0 of the IETF Administrative Support Activity,
>    defined by this document.
> 
>    IESG: Internet Engineering Steering Group (see [RFC2026], [RFC3710]).
> 
>    IETF: Internet Engineering Task Force (see [RFC3233]).
> 
>    IETF Administration LLC: The legal entity - a disregarded Limited
>    Liability Company (LLC) of The Internet Society - established to
>    house IASA2, specified by the ISOC/IETF LLC Agreement ([IETF-LLC-A]).
>    Also referred to as "IETF LLC" or just the "LLC".

Please, only give it one name, like IETF LLC.   Having multiple names
for the same thing will be confusing.

>    IETF LLC Executive Director: the executive director for the IETF
>    Administration Limited Liability Company, responsible for day-to-day
>    administrative and operational direction (See Section 4.1).  Also
>    referred to as "IETF Executive Director".  (Note that the title of
>    "IETF Executive Director" in older documents such as [RFC2026] is now
>    "Managing Director, IETF Secretariat".)


I thought the name was going to be "IETF Executive Director".  I am fine
with now calling it the "IETF LLC Executive Director", but it should only
have one name.   Either is fine in my view, but not both.



> Haberman, et al.          Expires June 8, 2019                  [Page 5]
> Internet-Draft                    IASA2                    December 2018
> 
> 
>    IETF LLC Board: The Board of Directors of the IETF LLC - formally a
>    multi-member "manager" of the IETF LLC on behalf of ISOC (See
>    Section 4.2).
> 
>    ISOC: Internet Society (see [RFC2031] and [ISOC]).
> 
> 3.2.  Key Differences From the Old IASA Structure to IASA 2.0
> 
>    o  The IAOC and IAD roles defined in RFC 4071 were eliminated.

s/were/are/

Please change this from past tense elsewhere too.

> 
>    o  The former ISOC and IAD responsibilities were assigned to a new
>       organization, IETF Administration LLC.
> 

s/were/are/


>    o  The Board of Directors of the IETF LLC - formally a multi-member
>       "manager" of the IETF LLC on behalf of ISOC - assumed the
>       oversight responsibilities of the IAOC.

Does [formally a multi-member "manager" of the IETF LLC on behalf of ISOC] need to be here?  Formal part was defined earlier.

> 
>    o  The Board of the IETF LLC is more focused on strategy and
>       oversight than the IAOC was, with the IETF Executive Director and
>       their team in charge of day-to-day operations.
> 
>    o  The IAD role was replaced with the IETF Executive Director role.

s/was/is/

> 
>    o  The role that was previously referred to as "IETF Executive
>       Director" in older documents such as [RFC2026] was replaced with
>       "Managing Director, IETF Secretariat”.

s/was/is/


> 
> 3.3.  General IETF LLC Responsibilities
> 
>    The IETF LLC was established to provide administrative support to the
>    IETF.  It has no authority over the standards development activities
>    of the IETF.

s/was/is/

> 
>    The responsibilities of the IETF LLC are:
> 
>    o  Operations.  The IETF LLC is responsible for supporting the
>       ongoing operations of the IETF, including meetings and non-meeting
>       activities.
> 
> 

. . . .

> 3.4.  IETF LLC Working Principles
> 
>    The IETF LLC is expected to conduct its work according to the
>    following principles, subject to any reasonable confidentiality
>    obligations:
> 
>    o  Transparency.  The IETF LLC is expected to keep the IETF community
>       informed about its work and to engage with the community to obtain
>       consensus-based community input on key issues and otherwise as
>       needed.  The IETF community expects complete visibility into the
>       financial and legal structure of the IETF LLC.  This includes
>       information about the IETF LLC annual budget and associated
>       regular financial reports, results of financial and any other
>       independent audits, tax filings, significant contracts or other
>       significant long-term financial commitments that bind the IETF
>       LLC.  As discussed in [ietf101-slides], whatever doesn't have a
>       specific justification for being kept confidential is expected to
>       be made public.  The IETF LLC Board is expected to develop and
>       maintain a public list of confidential items, describing the
>       nature of the information and the reason for confidentiality.
> 
>    o  Responsiveness to the community.  The IETF LLC is expected to act
>       consistently with the documented consensus of the IETF community,
>       to be responsive to the community's needs, and to adapt its
>       decisions in response to consensus-based community feedback.
> 
>    o  Diligence.  The IETF LLC is expected to act responsibly so as to
>       minimize risks to IETF participants and to the future of the IETF
>       as a whole, such as financial risks.
> 
>    o  Unification: The IETF LLC is reponsible for providing unified
>       legal, financial, and administrative support for operation of the
>       IETF, IAB, IESG, IRTF, and RFC Editor.
> 

I think it is correct that the IETF Trust is not included here.  Might be good to call that out.  That said, where does the IETF Trust get it’s funding?


>  Haberman, et al.          Expires June 8, 2019                  [Page 7]
> Internet-Draft                    IASA2                    December 2018
> 
> 
>    o  Transfer or Dissolution: Consistent with [IETF-LLC-A], the IETF
>       LLC subsidiary may be transferred from ISOC to another
>       organization, at the request of either party.  Similarly, the IETF
>       LLC may be dissolved if necessary.  Should either event occur, the
>       IETF community should be closely involved in any decisions and
>       plans, and any tranfer, transition, or dissolution conducted
>       carefully and with minimal potential disruption to the IETF.
> 
>    The transparency and responsiveness principles are designed to
>    address the concern outlined in Section 3.3 of
>    [I-D.haberman-iasa20dt-recs] about the need for improved timeliness
>    of sharing of information and decisions and seeking community
>    comments.  The issue of increased transparency was important
>    throughout the IASA 2.0 process, with little to no dissent.  It was
>    recognized that there will naturally be a confidentiality requirement
>    about some aspects of hotel contracting, personnel matters, and other
>    narrow areas.


. .  . .

> 
> 
> 3.7.  IETF LLC Board Decision Making
> 
>    The IETF LLC Board attempts to reach consensus on all decisions.  If
>    the IETF LLC Board cannot achieve a consensus decision, then the IETF
>    LLC Board may decide by voting.

I would hope that most board decision should be unanimous.  Is that what “concensus” is intended to mean?

I think it would be good that all major decisions are voted on and the results are recorded.  This should include budgets, hiring/firing, major contracts, selection of IETF meeting venues, etc.

> 
>    The IETF LLC Board decides the details about its decision-making
>    rules, including its rules for quorum (see Section 5.9), conflict of
>    interest (see Section 7.1), and breaking of ties.  These rules are
>    expected to be public.
> 
>    All IETF LLC Board decisions are expected to be recorded in IETF LLC
>    Board minutes, and IETF LLC Board minutes are expected to be
>    published in a timely fashion.
> 
> 3.8.  Review and Appeal of IETF Executive Director and IETF LLC Board
>       Decisions
> 
>    The IETF LLC Board is directly accountable to the IETF community for
>    the performance of the IASA 2.0.  In order to achieve this, the IETF
>    LLC Board and IETF Executive Director are expected to ensure that
>    guidelines are developed for regular operational decision making.
>    Where appropriate, these guidelines should be developed with public
>    input.  In all cases, they must be made public.

Why is the IETF Executive Director called out here?   Is there a distinction?  Please explain?

. . . . .


> Haberman, et al.          Expires June 8, 2019                  [Page 9]
> Internet-Draft                    IASA2                    December 2018
> 
> 
>    If a member of the community is not satisfied with the IETF LLC
>    Board's response to his or her review request, he or she may escalate
>    the issue by appealing the decision or action to the IAB, using the
>    appeals procedures outlined in [RFC2026].  If he or she is not
>    satisfied with the IAB response, he or she can escalate the issue to
>    the ISOC Board of Trustees, as described in [RFC2026].
> 
>    The reviewing body (the IAB or ISOC Board of Trustees) shall review
>    the decision of the IETF Executive Director or IETF LLC Board to
>    determine whether it was made in accordance with existing BCPs and
>    operational guidelines.  As a result of this review, the reviewing
>    body may recommend to the community that the BCPs governing IETF LLC
>    Board actions should be changed.  The reviewing body may also advise
>    the IETF LLC Board to modify existing operational guidelines to avoid
>    similar issues in the future and/or it may advise the IETF LLC Board
>    to re-consider their decision or action.  It may also recommend that
>    no action be taken, based on the review.
> 
>    In exceptional cases, when no other recourse seems reasonable, the
>    reviewing body may overturn or reverse a non-binding decision or
>    action of the IETF LLC Board.  This should be done only after careful
>    consideration and consultation with the IETF LLC Board regarding the
>    ramifications of this action.  In no circumstances may the IAB or
>    ISOC Board of Trustees overturn a decision of the IETF LLC Board that
>    involves a binding contract or overturn a personnel-related action
>    (such as hiring, firing, promotion, demotion, performance reviews,
>    salary adjustments, etc.).

Is this actually legal and consistent with [IETF-LLC-A] and the State of Delaware laws regarding LLCs?  I suspect it isn’t.

> 
> 3.9.  Community Consensus and Grant of Authority
> 
>    The IETF is a consensus-based group, and authority to act on behalf
>    of the community requires a high degree of consensus and the
>    continued consent of the community.  After a careful process of
>    deliberation, a broad-based community consensus emerged to house the
>    administration of the IETF within the IETF LLC as a disregarded
>    entity of the Internet Society.  This document reflects that
>    consensus.

Sorry, when was the IETF Last call to determine "a broad-based community consensus"?

The degree of consensus will be determined when this document is approved via our normal processes (IETF Last Call, IESG review and decision).  This text implies it has already happened.

Please revise.

. . . .

> 4.2.  IETF LLC Board Responsibilities
> 
>    The IETF LLC Board is responsible for conducting oversight of the
>    IETF LLC's execution of its responsibilities, as described in
>    Section 3.3.  They have duties of loyalty, care, and good faith.
>    This includes the responsibility to:
> 
>    o  provide strategic direction for the IETF LLC to the IETF Executive
>       Director;
> 
>    o  hire, supervise, and manage the employment of the role of the IETF
>       Executive Director of the IETF LLC, including tasks such as
>       hiring, termination, performance review, amendment of employment
>       terms, the award of compensation and other requisite employment
>       benefits or decisions;
> 

Does the LLC Board or Executive director do these talks for staff hired by the Executive Director.  It should be specified.

. . . . .


> 
> 
> Haberman, et al.          Expires June 8, 2019                 [Page 13]
> Internet-Draft                    IASA2                    December 2018
> 
> 
>    o  Provides assistance to help facilitate ISOC's tax compliance,
>       including but not limited to assistance related to preparing the
>       Form 990 and responding to any IRS questions and audits;
> 
>    o  Obtains appropriate insurance, including commercial general
>       liability insurance with appropriate limits;

Who will the liability insurance cover?   I believe that we currently have liability insurance down through w.g. chairs.  Will this continue?

> 
>    o  Implements risk management and compliance processes in a manner
>       consistent with industry norms.
> 
>    The description below outlines the composition of the IETF LLC Board,
>    selection of IETF LLC Board Directors, and related details.
> 
> 

. . . . .


> Haberman, et al.          Expires June 8, 2019                 [Page 14]
> Internet-Draft                    IASA2                    December 2018
> 
> 
>    o  1 Appointed by the ISOC Board of Trustees
> 
>    o  3 Selected by the IETF NomCom, confirmed by the IESG
> 
>    o  Up to 2 Appointed by the IETF LLC board itself, on an as-needed
>       basis, confirmed by the IESG
> 
>    For the first slot listed above, the presumption is that the IETF
>    Chair will serve on the board.  At the IESG's discretion, another
>    area director may serve instead, or exceptionally the IESG may run a
>    selection process to appoint a director.  The goal of having this
>    slot on the board is to maintain coordination and communication
>    between the board and the IESG.

I think it would be good if there was stronger text to encourage the IETF Chair to serve on the board.  Everything will work better if there is closer alignment.

> 
> 5.2.  IETF LLC-Appointed Directors

s/IETF LLC-Appointed Directors/IETF LLC Appointed Directors/

remove the “-“

. . . . .

> 
> 5.5.  IETF LLC Board Director Limit
> 
>    A director may serve no more than two consecutive terms, with at
>    least one full term prior to the start of any additional terms.  An

I am having trouble parsing this, the part that starts with “at least one…”   Please rewrite to clarify.  I think it means that a person can not serve a third term unless three years has passed, but can’t tell for sure.



>    exception is if a Director role is occupied by the IETF Chair ex
>    officio, since that person's service is governed instead by the term
>    lengths established in [RFC7437] (BCP10), Section 3.4.
> 
>    An exception to the two consecutive term rule is for an IETF LLC-
>    appointed Director.  For such a Director, they may serve only one
>    term via this appointment method, after which any subsequent terms
>    would be occur via other appointment or selection processes (such as
>    via the NomCom process).
> 
>    Lastly, partial terms of less than three years for the initial
>    appointments to the first full board, for which some Directors will
>    have terms of one or two years, do not count against the term limit.
> 
>    The limit on consecutive terms supports the healthy regular
>    introduction of new ideas and energy into the Board and mitigates
>    potential long-term risk of ossification or conflict, without
>    adversely impacting the potential pool of director candidates over
>    time.
> 
> 5.6.  Staggered Terms
> 
>    ISOC, the IESG, the Nominating Committee, and the Board are expected

s/ISOC/ISOC Board of Trustees/

>    to coordinate with each other to ensure that collectively their
>    appointment or selection processes provide for no more than three
>    Directors' terms concluding in the same year.
> 
> 5.7.  IETF LLC Board Director Removal
> 
>    Directors may be removed with or without cause.  A vote in favor of
>    removal must be no fewer than the number of Directors less two.  So
>    for example, if there are seven directors, then five votes are
>    required.  Directors may also be removed via the IETF recall process
>    defined in [RFC7437] (BCP10), Section 7.


This should point to RFC7437bis.   RFC7437 doesn’t include the IETF LLC.


> 
> 
> 
> 
> Haberman, et al.          Expires June 8, 2019                 [Page 16]
> Internet-Draft                    IASA2                    December 2018
> 
> 
> 5.8.  Filling an IETF LLC Board Director Vacancy
> 
>    It shall be the responsibility of each respective body that appointed
>    or selected a Director that vacates the Board to appoint a new
>    Director to fill the vacancy.  For example, if a Director selected by
>    the NomCom departs the Board prior to the end of their term for
>    whatever reason, then it is the responsibility of the NomCom (using
>    its mid-term rules, as specified in [RFC8318], Section 3.5) as the
>    original appointing body to designate a replacement that will serve
>    out the remainder of the term of the departed Director.  However,
>    this obligation will not apply to vacancies in Board-appointed
>    positions.
> 
> 5.9.  Quorum
> 
>    At all meetings of the Board, at least 2/3 of the Directors then in
>    office constitute a quorum for the transaction of business.  If a
>    quorum is not be present at any meeting of the Board, the Directors
>    present thereat may adjourn the meeting without notice other than

I think “present thereat” is redundant.   Suggest one or the other.

>    announcement at the meeting, until a quorum is present.
> 
> 5.10.  Board Voting
> 
>    The Board can hold votes during synchronous live meetings of the

I think "synchronous live” is also redundant.

>    Board (including telephonic and video) or via asynchronous written
>    (including electronic) means.  A given vote shall be either conducted
>    entirely during a synchronous live meeting or entirely via
>    asynchronous written means, not a mix of the two.  Decisions on
>    regular IETF LLC matters require a 2/3 majority vote in favor, with
>    the exception of removal of a Director as specified in Section 5.7.
>    Absentee voting and voting by proxy are not permitted.

This whole paragraph could be written to be clearer.  I think it is trying to say a vote can be held by people attending a meeting or by email, but not a mix of the two.


. . . . .


> 6.1.  Financial Statements
> 
>    As noted in Section 4.2, the IETF LLC must comply with relevant tax
>    laws, such as filing an annual IRS Form 990.  Other official

I strongly suspect that an annual tax return is also required in addition to the 990.


>    financial statements may also be required.
> 
>    In addition to these official financial statements and forms, the
>    IETF LLC is also expected to report on a regular basis to the IETF
>    community on the current and future annual budget, budget forecasts
>    vs. actuals over the course of a fiscal year, and on other
>    significant projects as needed.  This regular reporting to the IETF
>    community is expected to be reported in the form of standard
>    financial statements that reflect the income, expenses, assets, and
>    liabilities of the IETF LLC.
> 

Will the tax reports be made available publicly?  I think they should be, but I don’t see it here.

> 
> 
> Haberman, et al.          Expires June 8, 2019                 [Page 18]
> Internet-Draft                    IASA2                    December 2018
> 
> 
> 6.2.  Bank and Investment Accounts
> 
>    The IETF LLC maintains its own bank account, separate and distinct
>    from ISOC.  The IETF LLC may at its discretion create additional
>    accounts as needed.  Similarly, the IETF LLC may as needed create
>    investment accounts in support of its financial goals and objectives.
> 
> 6.3.  Financial Audits
> 
>    The IETF LLC is expected to retain and work with an independent
>    auditor.  Reports from the auditor are expected to be shared with the
>    IETF community and other groups and organizations as needed or as
>    required by law.
> 
> 6.4.  ISOC Financial Support
> 
>    ISOC currently provides significant financial support to the IETF
>    LLC.  Exhibit B of the [IETF-LLC-A] summarizes the one-time and on-
>    going financial support from ISOC for the forseeable future.  It is
>    envisioned that this support will be periodically reviewed and
>    revised, via a cooperative assessment process between ISOC and the
>    IETF LLC.
> 

Suggest a stronger word than “envisioned”.  Saying that it is important is an understatement.


> 6.5.  IETF Meeting Revenues
> 
>    Meeting revenues are another important source of funding that
>    supports the IETF, comining mainly from the fees paid by IETF meeting
>    participants.  The IETF Executive Director sets those meeting fees,
>    in consultation with the IETF LLC and the IETF community, with formal
>    approval by the IETF LLC.  Setting these fees and projecting the
>    number of participants at future meetings is a key part of the annual
>    budget process.
> 
> 6.6.  Donations to the IETF LLC
> 
>    Donations are an essential component of the financial support for the
>    IETF.  Within the general bounds noted in Section 6.8, the IETF LLC
>    is responsible for fundraising activities in order to establish,
>    maintain, and grow a strong foundation of donation revenues.  This
>    can and does include both direct financial contributions as well as
>    in-kind contributions, such as equipment, software licenses, and
>    services.
> 
>    Donations to the IETF LLC shall not convey to donors any special

Suggest /shall/must/

>    oversight or direct influence over the IETF's technical work or other
>    activities of the IETF or IETF LLC.  This helps ensure that no undue
>    influence may be ascribed to those from whom funds are raised, and so
>    helps to maintain an open and consensus-based IETF standards process.
> 
> 
> 
> Haberman, et al.          Expires June 8, 2019                 [Page 19]
> Internet-Draft                    IASA2                    December 2018
> 
> 
>    To the extent that the IETF LLC needs to undertake any significant
>    special projects for the IETF, the IETF LLC may need to fundraise
>    distinctly for those special projects.  As a result, the IETF LLC may
>    conduct fundraising to support the IETF in general as well as one or
>    more special fundraising efforts (which may also be accounted for
>    distinctly and be held in a separate bank account or investment, as
>    needed).
> 
> 6.7.  Funding Supports the IETF
> 
>    The IETF LLC exists to support the IETF.  Therefore, the IETF LLC's
>    funding and all revenues, in-kind contributions, and other income
>    that comprise that funding shall be used solely to support IETF-
>    related activities and for no other purposes.

Good!

> 
> 6.8.  Charitable Fundraising Practices
> 
>    When the IETF LLC conducts fundraising, it substantiates charitable
>    contributions on behalf of ISOC.

I don’t understand what "substantiates charitable contributions on behalf of ISOC” means.  Please explain.

> The IETF LLC evaluates and
>    facilitates state, federal, and other applicable law and regulatory
>    compliance for ISOC and/or the LLC with respect to such fundraising
>    activities.  In addition, the IETF LLC ensures that all fundraising
>    activities are conducted in compliance with any policies developed by
>    the IETF LLC, including but not limited to those noted in Section 7.
> 
> 

. . . . .

> 
> 
> Haberman, et al.          Expires June 8, 2019                 [Page 20]
> Internet-Draft                    IASA2                    December 2018
> 
> 
>    IETF LLC meeting applicable legal and tax requirements and is a core
>    part of the IETF LLC Board's fiduciary responsibilities.
> 
>    As explained in Section 4.1, the IETF Executive Director is expected
>    to develop, execute, and report on the annual budget.  Regular
>    reporting is expected to include monthly and quarterly forecast vs.
>    budget statements, including updated projections of income and
>    expenses for the full fiscal year.
> 
>    The IETF LLC Board, as explained in Section 4.2, is expected to
>    review and approve the budget, as well as to provide ongoing
>    oversight of the budget and of any other significant financial
>    matters.
> 
>    The annual budget is expected to be developed in an open,
>    transparent, and collaborative manner, in accordance with
>    Section 3.4.  The specific timeline for the development, review, and
>    approval of the IETF LLC annual budget is established by the IETF LLC
>    Board and may be revised as needed.

I suggest adding something about also developing a longer term running budget (~ 5 years).   Only an annual budget is not enough.

I don’t see anything about debt.  Can the IETF LLC go into debt?   Can it borrow money?  Or does it just ask ISOC for more money?

> 
> 7.  IETF LLC Policies
> 
>    The Board is expected to maintain policies as necessary to achieve
>    the goals of the IETF LLC, meet transparency expectations of the
>    community, comply with applicable laws or regulations, or for other
>    reasons as appropriate.  All policies are expected to be developed
>    with input from the IETF community.  Some policies provided by ISOC
>    may provide a useful starting point for the Board to consider.

Suggest adding IAOC developed policies as well.  They were developed over the time the IAOC was running and take into account working with the IETF community.  We should learn from that experience.

> 
> 7.1.  Conflict of Interest Policy
> 
>    The Board is expected to maintain a Conflict of Interest policy for
>    the IETF LLC.  While the details are determined by the Board, at a
>    minimum such policy is expected to include the following:
> 
>    o  The IETF, ISOC Board, IAB, or IRTF chair cannot be chair of this
>       IETF LLC Board, though they may serve as a Director.
> 
>    o  A Director cannot be a paid consultant or employee of the IETF
>       Executive Director or their sub-contractors, nor a paid consultant
>       or employee of ISOC.

Should the affiliation of LLC directors be transparent?   If they are a consultant, should we know who their major source of income is from?

. . . . .

> 7.3.  Compliance
> 
>    The IETF LLC is expected to implement a compliance program to ensure
>    its compliance with all applicable laws, rules and regulations,
>    including without limitation laws governing bribery, anti-terrorism
>    sanctions, export controls, data protection/privacy, as well as other
>    applicable policies noted in Section 7.  In addition, actions and
>    activities of the IETF LLC must be consistent with 501(c)(3)
>    purposes.
> 
>    The IETF LLC is expected report to ISOC on the implementation of its
>    compliance plan on an annual basis.

Please add “and the IETF community”

> 
> 8.  Three-Year Assessment
> 
>    The IETF LLC, with the involvement of the community, shall conduct
>    and complete an assessment of the structure, processes, and operation
>    of IASA 2.0 and the IETF LLC.  This should be presented to the
>    community after a period of roughly three years of operation.  The
>    assessment may potentially include recommendations for improvements
>    or changes to the IASA2 and/or IETF LLC.


Might be good for a first year report, then every three years.


> 
> 
> 
> Haberman, et al.          Expires June 8, 2019                 [Page 22]
> Internet-Draft                    IASA2                    December 2018
> 
> 
> 9.  Security Considerations
> 
>    This document describes the structure of the IETF's Administrative
>    Aupport Activity (IASA), version 2 (IASA2).  It introduces no
>    security considerations for the Internet.

I hope so :-)

> 
> 10.  IANA Considerations
> 
>    This document has no IANA considerations in the traditional sense.
>    However, some of the information in this document may affect how the
>    IETF standards process interfaces with the IANA, so the IANA may be
>    interested in the contents.
> 
> 11.  Acknowledgments
> 
>    Thanks to Jari Arkko, Richard Barnes, Brian E Carpenter, Alissa
>    Cooper, John C Klensin, Bob Hinden, Jon Peterson, Sean Turner and the
>    IASA2 Working Group for discussions of possible structures, and to
>    the attorneys of Morgan Lewis and Brad Biddle for legal advice.
> 
> 12.  Informative References
> 
>    [I-D.haberman-iasa20dt-recs]
>               Haberman, B., Arkko, J., Daigle, L., Livingood, J., Hall,
>               J., and E. Rescorla, "IASA 2.0 Design Team
>               Recommendations", draft-haberman-iasa20dt-recs-03 (work in
>               progress), November 2018.
> 
>    [I-D.ietf-iasa2-rfc2031bis]
>               Camarillo, G. and J. Livingood, "The Updated IETF-ISOC
>               Relationship", draft-ietf-iasa2-rfc2031bis-00 (work in
>               progress), November 2018.
> 
>    [I-D.ietf-iasa2-trust-update]
>               Arkko, J. and T. Hardie, "Update to the Process for
>               Selection of Trustees for the IETF Trust", draft-ietf-
>               iasa2-trust-update-02 (work in progress), October 2018.
> 
>    [I-D.ietf-mtgvenue-iaoc-venue-selection-process]
>               Lear, E., "IETF Plenary Meeting Venue Selection Process",
>               draft-ietf-mtgvenue-iaoc-venue-selection-process-16 (work
>               in progress), June 2018.
> 
>    [IETF-LLC-A]
>               The Internet Society, "Limited Liability Company Agreement
>               of IETF Administration LLC", August 2018,
>               <https://www.ietf.org/documents/180/
>               IETF-LLC-Agreement.pdf>

Shouldn’t this reference be Normative?   This document does depend on it.

Perhaps some of the other IASA2 related documents as well.

> 
> 
> Haberman, et al.          Expires June 8, 2019                 [Page 23]
> Internet-Draft                    IASA2                    December 2018
> 
> 

. . . . .