IETF Logo Mail Archive

Re: [Iasa20] Comments on draft-ietf-iasa2-rfc4844-bis-01

"Joel M. Halpern" <jmh@joelhalpern.com> Sun, 10 February 2019 01:45 UTC

Return-Path: <jmh@joelhalpern.com>
X-Original-To: iasa20@ietfa.amsl.com
Delivered-To: iasa20@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6F07A12DF71; Sat, 9 Feb 2019 17:45:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.701
X-Spam-Level:
X-Spam-Status: No, score=-2.701 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=joelhalpern.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id p6wsiYRAHQLn; Sat, 9 Feb 2019 17:45:40 -0800 (PST)
Received: from maila2.tigertech.net (maila2.tigertech.net [208.80.4.152]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4F311124BAA; Sat, 9 Feb 2019 17:45:40 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by maila2.tigertech.net (Postfix) with ESMTP id 43xsFJ03d4zR1pj; Sat, 9 Feb 2019 17:45:40 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=joelhalpern.com; s=2.tigertech; t=1549763140; bh=X09lNFRVjhBfhUutMZUXPXe4e3va66QYH164IJehvOk=; h=Subject:To:Cc:References:From:Date:In-Reply-To:From; b=g13e+xv4JhvAQBYUjpOQv7/ptHIUeYIKACQfl1Dninc3qyXan8exofZCkCgDUpgkA k5pRqHQDfQBVrXr/9mdBKfeHTeUKSlzewTK0eZCheRCRS2ZsUyBp1V00tGtmmLQ+Q+ I8Y9UsoSTmc0ISAesMt+Ouh4Mb/ax7lIkE+vtQR0=
X-Virus-Scanned: Debian amavisd-new at maila2.tigertech.net
Received: from Joels-MacBook-Pro.local (209-255-163-147.ip.mcleodusa.net [209.255.163.147]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by maila2.tigertech.net (Postfix) with ESMTPSA id 43xsFH1rQgzR1pg; Sat, 9 Feb 2019 17:45:38 -0800 (PST)
To: Richard Barnes <rlb@ipv.sx>
Cc: draft-ietf-iasa2-rfc4844-bis@ietf.org, IASA 2 WG <iasa20@ietf.org>
References: <32C06675-C60B-4D6A-979A-FC3653E56D42@cooperw.in> <23C614C4-5C79-4355-9D74-2ED7D0DE63B2@vigilsec.com> <CAL02cgTzEQPTXyPL-ermABDne2G8F8UjbPpYADkyxxWHnVVf4g@mail.gmail.com> <a0a2ef94-335f-5ab6-e49c-7b1c985af3fc@cs.tcd.ie> <CAL02cgSnxB8-W_m13KM_HsSrE308vv5DuRJzt=t140G9JBdhUw@mail.gmail.com> <8873e4a0-a3d4-02b3-1c7b-28a9ea347165@joelhalpern.com> <CAL02cgQTzWtNVAWRZizFEekLDmapL7wOUMkJ0CWT_P_t3SDEtA@mail.gmail.com>
From: "Joel M. Halpern" <jmh@joelhalpern.com>
Message-ID: <7436cbec-32a2-274d-7a22-b3db8388b10a@joelhalpern.com>
Date: Sat, 9 Feb 2019 20:45:37 -0500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:60.0) Gecko/20100101 Thunderbird/60.5.0
MIME-Version: 1.0
In-Reply-To: <CAL02cgQTzWtNVAWRZizFEekLDmapL7wOUMkJ0CWT_P_t3SDEtA@mail.gmail.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/iasa20/Qf4g4K4BXTCo5ot6bWqv4SmtGNc>
Subject: Re: [Iasa20] Comments on draft-ietf-iasa2-rfc4844-bis-01
X-BeenThere: iasa20@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: =?iso-8859-1?q?Discussions_relating_to_reorganising_the_IETF_administrative_structures_in_the_so_called_=93IASA_2=2E0=94_project=2E?= <iasa20.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/iasa20>, <mailto:iasa20-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/iasa20/>
List-Post: <mailto:iasa20@ietf.org>
List-Help: <mailto:iasa20-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/iasa20>, <mailto:iasa20-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 10 Feb 2019 01:45:44 -0000

Not quite.
While the IETF LLC (or, before that, the ISOC and the IASA) can sign 
contracts with whomever they want, they do NOT have the authority to 
make that person the RSE.  That authority resides with the IAB, and the 
primary responsibility for it is delegated to the RSOC, as an arm of the 
IAB.

the RSOC does not now, and has not ever, report to the IETF LLC, the 
IASA, or the ISOC.  The RSOC has made its performance reviews available 
to the IAD (and presumably will make them available to the eD).  Because 
to do otherwise wouldn't work.

This whole house of cards we are building relies on cooperation between 
the various entities.  To date, everyone has been very careful NOT to 
rock that boat.  We want this to work.

Please do not attempt to insert larger structural changes into these 
document revisions.

Yours,
Joel

On 2/9/19 8:27 PM, Richard Barnes wrote:
> The text that's in IETF process docs does not matter here.  I'm talking 
> about the raw legal facts.
> 
> The RSE contract is an agreement between some legal entity and the RSE.  
> That entity has decision power over the contract, no matter what we say 
> on this mailing list or in an RFC.  That entity was ISOC; it is now the 
> LLC, since the contract has been reassigned.  In neither case does the 
> IAB have decision authority, nor did they ever.
> 
> --Richard
> 
> On Sat, Feb 9, 2019 at 8:10 PM Joel M. Halpern <jmh@joelhalpern.com 
> <mailto:jmh@joelhalpern.com>> wrote:
> 
>     Richard, as far as I can tell you have this backwards.
>     The responsibility for the RFC Series, and for the RSE, rests with the
>     IAB.
>     The IAB, as a practical matter, does not have the ability to contract.
>     So the IAD was the person to handle the contract with the RSE.  And the
>     ISOC provided the money.
> 
>     The only say Ray had in the RSE process was if there was a problem and
>     the contract could not be agreed.
> 
>     For the IASA2 working group to change the authority over the RSE would
>     be a major structural change.  The ONLY reason we are revising 6635 is
>     to update the references to the IASA.  Bob has been careful about that.
> 
>     Do NOT attempt to make this change under this rubric.
> 
>     Yours,
>     Joel
> 
>     On 2/9/19 7:23 PM, Richard Barnes wrote:
>      >
>      >
>      > On Sat, Feb 9, 2019 at 6:59 PM Stephen Farrell
>      > <stephen.farrell@cs.tcd.ie <mailto:stephen.farrell@cs.tcd.ie>
>     <mailto:stephen.farrell@cs.tcd.ie
>     <mailto:stephen.farrell@cs.tcd.ie>>> wrote:
>      >
>      >
>      >
>      >     On 09/02/2019 23:48, Richard Barnes wrote:
>      >      > On Sat, Feb 9, 2019 at 1:44 PM Russ Housley
>     <housley@vigilsec.com <mailto:housley@vigilsec.com>
>      >     <mailto:housley@vigilsec.com <mailto:housley@vigilsec.com>>>
>     wrote:
>      >      >
>      >      >> Alissa:
>      >      >>
>      >      >> I think we want the hiring/firing of the RFC Series Editor to
>      >     stay with
>      >      >> the IAB, but the funding to stay with IASA.
>      >      >>
>      >      >
>      >      > This is not a reasonable thing to ask.
>      >
>      >     I'm way behind in being up to speed on this wg's stuff, so I
>      >     may be off base here, but I reckon I strongly agree with Russ.
>      >     The IAB are picked by the community and ought be the ones to
>      >     hire a new RSE if one is needed. With no disrespect meant to
>      >     trades-persons, I'd be fine with the hiring of electricians
>      >     being handled internal to IASA; but not an RSE - the context
>      >     here means those are utterly different.
>      >
>      >
>      > When the IAB wants to take legal responsibility for the RSE
>     contract,
>      > they can control it.  If they don't, then they can't.
>      >
>      > That doesn't mean they can't be extensively consulted, but they
>     can't
>      > have ultimate authority over the contract, since they aren't a party.
>      >
>      > --Richard
>      >
>      >
>      >     Cheers,
>      >     S.
>      >
>      >     PS: I'd have said the above even were I not an incoming IAB
>      >     member and hope not to be involved in picking a new RSE whilst
>      >     on the IAB:-)
>      >
>      >      > One of the key driving factors for
>      >      > this whole endeavor it makes no legal sense for an
>     organization
>      >     to delegate
>      >      > its hiring / firing / contracting decisions to people
>     external to
>      >     that
>      >      > organization.
>      >      >
>      >      > By all means, the IASA should work with the IAB on the
>     RSE, but
>      >     since the
>      >      > IASA is ultimately the responsible party, it can't totally
>     cede
>      >      > responsibility.  The "operational oversight" text that's
>     in there
>      >     now seems
>      >      > like it captures this accurately.
>      >      >
>      >      >
>      >      >
>      >      >> The decision whether the ED serves on the ROC should not be
>      >     determined by
>      >      >> this document.  If the IAB wants the ED to be part of
>     RSOC, they
>      >     can make
>      >      >> that appointment.
>      >      >>
>      >      >> Perhaps it would be best to make this change:
>      >      >>
>      >      >> OLD:
>      >      >>
>      >      >>    The IASA is tasked with providing the funding for and
>     operational
>      >      >>    oversight of the RFC Editor.
>      >      >>
>      >      >> NEW:
>      >      >>
>      >      >>    The IASA is tasked with providing the funding for the
>     RFC Editor.
>      >      >>    The IETF Executive Director is tasked with overnight
>     of contracts
>      >      >>    and operational agreements related to the RFC Editor.
>      >      >>
>      >      >
>      >      > I don't see how this accomplishes what you claim above. 
>     The IETF
>      >     ED is
>      >      > part of the IASA.  And especially given that, the second
>     sentence
>      >     here is
>      >      > really just micromanagement of the LLC.
>      >      >
>      >      > --Richard
>      >      >
>      >      >
>      >      >
>      >      >>
>      >      >> Russ
>      >      >>
>      >      >> On Feb 8, 2019, at 8:11 PM, Alissa Cooper
>     <alissa@cooperw.in <mailto:alissa@cooperw.in>
>      >     <mailto:alissa@cooperw.in <mailto:alissa@cooperw.in>>> wrote:
>      >      >>
>      >      >> Earlier this week the IAB discussed whether to
>      >      >> put draft-ietf-iasa2-rfc4844-bis-01 out for community
>     review. In
>      >     reviewing
>      >      >> it I felt there were some clarifications needed before it
>     would
>      >     be ready
>      >      >> and the IAB thought the most appropriate path would be to
>     bring
>      >     those to
>      >      >> the WG for resolution first.
>      >      >>
>      >      >> I haven’t started my AD review of 4071bis yet (hope to next
>      >     week), but I
>      >      >> think 4071bis has a problem in that the definition of
>     “IASA” in that
>      >      >> document is broken (it refers to the definition in 4071,
>     which
>      >     it itself is
>      >      >> obsoleting). And until it is clear how we are defining
>     “IASA,” I
>      >     have
>      >      >> trouble with statements such as the following from
>     Section 3.3
>      >     in 4844bis:
>      >      >>
>      >      >> "The IASA is tasked with providing the funding for and
>      >     operational oversight
>      >      >> of the RFC Editor.”
>      >      >>
>      >      >> Is the RSOC part of IASA? It’s pretty hard to tell
>     without a good
>      >      >> definition of IASA, which we do not currently have IMO.
>     (I think
>      >     there is a
>      >      >> further problem with the sentence above, which is that the
>      >     funding comes
>      >      >> from the LLC, and it would be better to be that specific.)
>      >      >>
>      >      >> While looking at Section 3.3, I don’t think this text belongs
>      >     there since
>      >      >> this document is about the RFC series and editor, not IASA
>      >     generally:
>      >      >>
>      >      >> "The IETF LLC Board provides oversight of the IASA, and
>     the IETF
>      >     Executive
>      >      >> Director is the chief actor for the IASA.”
>      >      >>
>      >      >> I also find lack of clarity between 4844bis Section 3 and
>      >     6635bis Section
>      >      >> 3. For example, 4844bis says:
>      >      >>
>      >      >> "The IETF Executive Director works with the IAB to identify
>      >     suitable persons
>      >      >> or entities to fulfill the mandate of the RFC Editor.”
>      >      >>
>      >      >> While 6635bis says:
>      >      >>
>      >      >> "For all decisions that affect the RSE individually (e.g.,
>      >     hiring and firing),
>      >      >> the RSOC prepares recommendations for the IAB, but the final
>      >     decision is
>      >      >> the responsibility of the IAB.”
>      >      >>
>      >      >> But under the current model (which I presume we plan to
>     keep),
>      >     the ED is a
>      >      >> member of the RSOC. So does the ED work directly with the
>     IAB? Or
>      >      >> indirectly with the IAB through the RSOC? Or both?
>      >      >>
>      >      >> 4844bis also says:
>      >      >>
>      >      >> "The IETF Executive Director may define additional
>     operational
>      >      >> requirements and policies for management purposes to meet the
>      >      >> requirements defined by the various communities.”
>      >      >>
>      >      >> I wonder if this is really consistent with what is
>     envisioned in
>      >     6635bis.
>      >      >>
>      >      >> I also find it odd that the budget for an RSE search is
>     discussed in
>      >      >> 6635bis, while the budget for the RFC Editor function
>     overall is
>      >     discussed
>      >      >> in 4844bis — is the separation meaningful? Since the LLC
>     Board
>      >     approves the
>      >      >> whole IETF budget, presumably what 4844bis says about the RFC
>      >     Editor budget
>      >      >> applies to the search budget mentioned in 6635bis as
>     well, but
>      >     since it’s
>      >      >> not explicit it isn’t totally clear.
>      >      >>
>      >      >> Thanks,
>      >      >> Alissa
>      >      >>
>      >      >>
>      >      >>
>      >      >> _______________________________________________
>      >      >> iasa20 mailing list
>      >      >> iasa20@ietf.org <mailto:iasa20@ietf.org>
>     <mailto:iasa20@ietf.org <mailto:iasa20@ietf.org>>
>      >      >> https://www.ietf.org/mailman/listinfo/iasa20
>      >      >>
>      >      >
>      >      >
>      >      > _______________________________________________
>      >      > iasa20 mailing list
>      >      > iasa20@ietf.org <mailto:iasa20@ietf.org>
>     <mailto:iasa20@ietf.org <mailto:iasa20@ietf.org>>
>      >      > https://www.ietf.org/mailman/listinfo/iasa20
>      >      >
>      >
>      >
>      > _______________________________________________
>      > iasa20 mailing list
>      > iasa20@ietf.org <mailto:iasa20@ietf.org>
>      > https://www.ietf.org/mailman/listinfo/iasa20
>      >
>

v2.8.7 | Report a Bug | By Email