Re: [Iasa20] Comments on draft-ietf-iasa2-rfc4844-bis-01

Alissa,

I think those are fair points, and best considered, as suggested, after 
6635bis is reviewed, too.   I think the second para in my proposed text 
is the more substantive.  In the first para quoted, it might be simple 
enough to s/operational oversight/contract oversight/.

Again — let’s revisit that when 6635bis settles somewhat.

Leslie.

-- 

-------------------------------------------------------------------
Leslie Daigle
Principal, ThinkingCat Enterprises
ldaigle@thinkingcat.com
-------------------------------------------------------------------

On 15 Feb 2019, at 10:21, Alissa Cooper wrote:

> Hi Leslie,
>
> Thanks for drafting text. Some comments below.
>
>> On Feb 14, 2019, at 12:29 PM, Leslie Daigle <ldaigle@thinkingcat.com> 
>> wrote:
>> PROPOSED:
>>
>> 3.3. Operational Oversight
>>
>> The IETF Administration Limited Liability Company (IETF LLC), as part
>> of the IETF Administrative Support Activity (IASA), is responsible
>> for administrative and financial matters for the IETF, the IAB, and
>> the Internet Research Task Force (IRTF) [I-D.ietf-iasa2-rfc4071bis].
>> As such, the IASA is tasked with providing the funding for and 
>> operational
>> oversight of the RFC Editor.
>>
>>
>
> Perhaps the resolution of this just needs to wait until the issue with 
> the definition of “IASA” is resolved in 4071bis, because based on 
> my understanding of what “IASA” includes and who performs 
> operational oversight over the RFC Editor, the above is not accurate. 
> For example, over the last few weeks I’ve been discussing with 
> Heather, the IAB, and the RSOC what the process is for updating the 
> RPC SLA and whose expectations about the RPC’s performance against 
> the SLA are meant to inform evaluations of the RPC contract. It sounds 
> like those processes are not clearly defined, but that in the past 
> both the RSOC and the stream managers have been involved in this piece 
> of operational oversight. If we intend to carry those roles forward, 
> and if IASA ends up being defined as the LLC staff and board, I 
> don’t think it is accurate to imply that IASA exclusively conducts 
> operational oversight of the RFC Editor.
>
> I’ll save my comments on the rest until I get through a re-review of 
> 6635bis.
>
> Thanks,
> Alissa
>
>> The IETF Executive Director establishes appropriate contractual
>> agreements with the selected persons or entities to carry out the
>> work that will satisfy the technical publication requirements defined
>> for the various RFC input streams (see Section 5.2). The IETF
>> Executive Director may define additional operational requirements and
>> policies for management purposes to meet the requirements defined by
>> the various communities.
>>
>> The specific details of how the IAB engages in the process of 
>> approving
>> an RFC Editor apopintment, and how IASA and IETF Executive Director
>> carry out these operational responsibilities is detailed in RFC6635
>> (and its successors).
>>
>> Leslie.
>>
>> --
>>
>> Leslie Daigle
>> Principal, ThinkingCat Enterprises
>>
>> ldaigle@thinkingcat.com <mailto:ldaigle@thinkingcat.com>
>> On 13 Feb 2019, at 21:27, Alissa Cooper wrote:
>>
>> Hi Leslie,
>>
>>> On Feb 11, 2019, at 11:55 AM, Leslie Daigle <ldaigle@thinkingcat.com 
>>> <mailto:ldaigle@thinkingcat.com>> wrote:
>>>
>>> So, I agree with this characterization 100%:
>>>
>>> [Bob Hinden wrote:]
>>>
>>> The process is: the IAB decides who it want’s to be the RSE, it 
>>> then asks the [was IAOC | will be LLC] to negotiate a contract with 
>>> that person and report the results of that negotiation back to the 
>>> IAB. If the LLC can’t negotiate a contract, then the IAB will need 
>>> to pick someone else. The IAB decides who it wants for the RSE, and 
>>> the LLC implements that via a contract.
>>>
>>> I think Richard’s later clarification works [*], but will note 
>>> that’s an update to 6635bis (Alissa’s note was commenting on the 
>>> seeming discrepancies between 4844bis and 6635bis, and the 
>>> hiring/firing text was in the latter).
>>>
>>> But, to make a larger point: it’s not just 
>>> hiring/firing/designating as a single decision point. Every question 
>>> of responsibility for the contract and the contractor lies, legally, 
>>> with the LLC (e.g., if some future RSE turns out to be a serial 
>>> killer, the LLC might take issue with continuing employment…). ED 
>>> involvement is non-optional.
>>>
>>> What we have to get clear in these documents is that the contract is 
>>> the LLC’s, and that it’s the tail. The IAB owns the 
>>> responsibility to ensure that the RFC Series continues to meet its 
>>> mission, including the responsibility of identifying an appropriate 
>>> RSE. That responsibility is the dog. (<difficult sentence about IAB 
>>> wagging contract tail omitted for clarity>).
>>>
>>> The fact that the IAB undertakes the fulfillment of the 
>>> responsibility by working with the RSOC is 1/ smart and 2/ an 
>>> implementation.
>>>
>>> Both 4844bis and 6635bis might do with some clarification, but I 
>>> don’t think the text is actually at odds between them, even now.
>>>
>>>
>>
>> Does this mean you’re opposed to my suggestion to replace the text 
>> in 3.3 with a one-sentence reference to 6635bis? Just trying to 
>> figure out what the path forward is here.
>>
>> Thanks,
>> Alissa
>>
>>> Leslie.
>>>
>>> On 10 Feb 2019, at 0:21, Bob Hinden wrote:
>>>
>>> Richard,
>>> On Feb 9, 2019, at 6:22 PM, Richard Barnes <rlb@ipv.sx 
>>> <mailto:rlb@ipv.sx>> wrote:
>>>
>>> To the extent that the RSE is defined as "the person the IAB calls 
>>> the RSE", then yes, you are undoubtedly correct. The IAB has 
>>> unquestionable authority to choose that person.
>>>
>>> To the extent that the RSE is the party of the RSE contract who is 
>>> contracted and paid to act as RFC Series Editor, then no, the IAB 
>>> and RSOC do not have the authority to choose that person, as long as 
>>> they are not the other party to that contract.
>>>
>>> I don’t think that is the right way to describe it. The process 
>>> is: the IAB decides who it want’s to be the RSE, it then asks the 
>>> [was IAOC | will be LLC] to negotiate a contract with that person 
>>> and report the results of that negotiation back to the IAB. If the 
>>> LLC can’t negotiate a contract, then the IAB will need to pick 
>>> someone else. The IAB decides who it wants for the RSE, and the LLC 
>>> implements that via a contract.
>>>
>>> Another reason why it good to have the IETF Executive Director be 
>>> liaison to the RSOC inorder to make this handoff go smoothly.
>>>
>>> Bob
>>> --Richard
>>>
>>>
>>> On Sat, Feb 9, 2019 at 8:45 PM Joel M. Halpern <jmh@joelhalpern.com 
>>> <mailto:jmh@joelhalpern.com>> wrote:
>>> Not quite.
>>> While the IETF LLC (or, before that, the ISOC and the IASA) can sign
>>> contracts with whomever they want, they do NOT have the authority to
>>> make that person the RSE. That authority resides with the IAB, and 
>>> the
>>> primary responsibility for it is delegated to the RSOC, as an arm of 
>>> the
>>> IAB.
>>>
>>> the RSOC does not now, and has not ever, report to the IETF LLC, the
>>> IASA, or the ISOC. The RSOC has made its performance reviews 
>>> available
>>> to the IAD (and presumably will make them available to the eD). 
>>> Because
>>> to do otherwise wouldn't work.
>>>
>>> This whole house of cards we are building relies on cooperation 
>>> between
>>> the various entities. To date, everyone has been very careful NOT to
>>> rock that boat. We want this to work.
>>>
>>> Please do not attempt to insert larger structural changes into these
>>> document revisions.
>>>
>>> Yours,
>>> Joel
>>>
>>> On 2/9/19 8:27 PM, Richard Barnes wrote:
>>>
>>> The text that's in IETF process docs does not matter here. I'm 
>>> talking
>>> about the raw legal facts.
>>>
>>> The RSE contract is an agreement between some legal entity and the 
>>> RSE..
>>> That entity has decision power over the contract, no matter what we 
>>> say
>>> on this mailing list or in an RFC. That entity was ISOC; it is now 
>>> the
>>> LLC, since the contract has been reassigned. In neither case does 
>>> the
>>> IAB have decision authority, nor did they ever.
>>>
>>> --Richard
>>>
>>> On Sat, Feb 9, 2019 at 8:10 PM Joel M. Halpern <jmh@joelhalpern.com 
>>> <mailto:jmh@joelhalpern.com>
>>> <mailto:jmh@joelhalpern.com <mailto:jmh@joelhalpern.com>>> wrote:
>>>
>>> Richard, as far as I can tell you have this backwards.
>>> The responsibility for the RFC Series, and for the RSE, rests with 
>>> the
>>> IAB.
>>> The IAB, as a practical matter, does not have the ability to 
>>> contract.
>>> So the IAD was the person to handle the contract with the RSE. And 
>>> the
>>> ISOC provided the money.
>>>
>>> The only say Ray had in the RSE process was if there was a problem 
>>> and
>>> the contract could not be agreed.
>>>
>>> For the IASA2 working group to change the authority over the RSE 
>>> would
>>> be a major structural change. The ONLY reason we are revising 6635 
>>> is
>>> to update the references to the IASA. Bob has been careful about 
>>> that.
>>>
>>> Do NOT attempt to make this change under this rubric.
>>>
>>> Yours,
>>> Joel
>>>
>>> On 2/9/19 7:23 PM, Richard Barnes wrote:
>>>>
>>>>
>>>> On Sat, Feb 9, 2019 at 6:59 PM Stephen Farrell
>>>> <stephen.farrell@cs.tcd.ie <mailto:stephen.farrell@cs.tcd.ie> 
>>>> <mailto:stephen.farrell@cs.tcd.ie 
>>>> <mailto:stephen.farrell@cs.tcd.ie>>
>>> <mailto:stephen.farrell@cs.tcd.ie <mailto:stephen.farrell@cs.tcd.ie>
>>> <mailto:stephen.farrell@cs.tcd.ie 
>>> <mailto:stephen.farrell@cs.tcd.ie>>>> wrote:
>>>>
>>>>
>>>>
>>>> On 09/02/2019 23:48, Richard Barnes wrote:
>>>>> On Sat, Feb 9, 2019 at 1:44 PM Russ Housley
>>> <housley@vigilsec.com <mailto:housley@vigilsec.com> 
>>> <mailto:housley@vigilsec.com <mailto:housley@vigilsec.com>>
>>>> <mailto:housley@vigilsec.com <mailto:housley@vigilsec.com> 
>>>> <mailto:housley@vigilsec.com <mailto:housley@vigilsec.com>>>>
>>> wrote:
>>>>>
>>>>>> Alissa:
>>>>>>
>>>>>> I think we want the hiring/firing of the RFC Series Editor to
>>>> stay with
>>>>>> the IAB, but the funding to stay with IASA.
>>>>>>
>>>>>
>>>>> This is not a reasonable thing to ask.
>>>>
>>>> I'm way behind in being up to speed on this wg's stuff, so I
>>>> may be off base here, but I reckon I strongly agree with Russ.
>>>> The IAB are picked by the community and ought be the ones to
>>>> hire a new RSE if one is needed. With no disrespect meant to
>>>> trades-persons, I'd be fine with the hiring of electricians
>>>> being handled internal to IASA; but not an RSE - the context
>>>> here means those are utterly different.
>>>>
>>>>
>>>> When the IAB wants to take legal responsibility for the RSE
>>> contract,
>>>> they can control it. If they don't, then they can't.
>>>>
>>>> That doesn't mean they can't be extensively consulted, but they
>>> can't
>>>> have ultimate authority over the contract, since they aren't a 
>>>> party.
>>>>
>>>> --Richard
>>>>
>>>>
>>>> Cheers,
>>>> S.
>>>>
>>>> PS: I'd have said the above even were I not an incoming IAB
>>>> member and hope not to be involved in picking a new RSE whilst
>>>> on the IAB:-)
>>>>
>>>>> One of the key driving factors for
>>>>> this whole endeavor it makes no legal sense for an
>>> organization
>>>> to delegate
>>>>> its hiring / firing / contracting decisions to people
>>> external to
>>>> that
>>>>> organization.
>>>>>
>>>>> By all means, the IASA should work with the IAB on the
>>> RSE, but
>>>> since the
>>>>> IASA is ultimately the responsible party, it can't totally
>>> cede
>>>>> responsibility. The "operational oversight" text that's
>>> in there
>>>> now seems
>>>>> like it captures this accurately.
>>>>>
>>>>>
>>>>>
>>>>>> The decision whether the ED serves on the ROC should not be
>>>> determined by
>>>>>> this document. If the IAB wants the ED to be part of
>>> RSOC, they
>>>> can make
>>>>>> that appointment..
>>>>>>
>>>>>> Perhaps it would be best to make this change:
>>>>>>
>>>>>> OLD:
>>>>>>
>>>>>> The IASA is tasked with providing the funding for and
>>> operational
>>>>>> oversight of the RFC Editor.
>>>>>>
>>>>>> NEW:
>>>>>>
>>>>>> The IASA is tasked with providing the funding for the
>>> RFC Editor.
>>>>>> The IETF Executive Director is tasked with overnight
>>> of contracts
>>>>>> and operational agreements related to the RFC Editor.
>>>>>>
>>>>>
>>>>> I don't see how this accomplishes what you claim above.
>>> The IETF
>>>> ED is
>>>>> part of the IASA. And especially given that, the second
>>> sentence
>>>> here is
>>>>> really just micromanagement of the LLC.
>>>>>
>>>>> --Richard
>>>>>
>>>>>
>>>>>
>>>>>>
>>>>>> Russ
>>>>>>
>>>>>> On Feb 8, 2019, at 8:11 PM, Alissa Cooper
>>> <alissa@cooperw.in <mailto:alissa@cooperw.in> 
>>> <mailto:alissa@cooperw.in <mailto:alissa@cooperw.in>>
>>>> <mailto:alissa@cooperw.in <mailto:alissa@cooperw.in> 
>>>> <mailto:alissa@cooperw.in <mailto:alissa@cooperw.in>>>> wrote:
>>>>>>
>>>>>> Earlier this week the IAB discussed whether to
>>>>>> put draft-ietf-iasa2-rfc4844-bis-01 out for community
>>> review. In
>>>> reviewing
>>>>>> it I felt there were some clarifications needed before it
>>> would
>>>> be ready
>>>>>> and the IAB thought the most appropriate path would be to
>>> bring
>>>> those to
>>>>>> the WG for resolution first.
>>>>>>
>>>>>> I haven’t started my AD review of 4071bis yet (hope to next
>>>> week), but I
>>>>>> think 4071bis has a problem in that the definition of
>>> “IASA” in that
>>>>>> document is broken (it refers to the definition in 4071,
>>> which
>>>> it itself is
>>>>>> obsoleting). And until it is clear how we are defining
>>> “IASA,” I
>>>> have
>>>>>> trouble with statements such as the following from
>>> Section 3.3
>>>> in 4844bis:
>>>>>>
>>>>>> "The IASA is tasked with providing the funding for and
>>>> operational oversight
>>>>>> of the RFC Editor.”
>>>>>>
>>>>>> Is the RSOC part of IASA? It’s pretty hard to tell
>>> without a good
>>>>>> definition of IASA, which we do not currently have IMO.
>>> (I think
>>>> there is a
>>>>>> further problem with the sentence above, which is that the
>>>> funding comes
>>>>>> from the LLC, and it would be better to be that specific.)
>>>>>>
>>>>>> While looking at Section 3.3, I don’t think this text belongs
>>>> there since
>>>>>> this document is about the RFC series and editor, not IASA
>>>> generally:
>>>>>>
>>>>>> "The IETF LLC Board provides oversight of the IASA, and
>>> the IETF
>>>> Executive
>>>>>> Director is the chief actor for the IASA.”
>>>>>>
>>>>>> I also find lack of clarity between 4844bis Section 3 and
>>>> 6635bis Section
>>>>>> 3. For example, 4844bis says:
>>>>>>
>>>>>> "The IETF Executive Director works with the IAB to identify
>>>> suitable persons
>>>>>> or entities to fulfill the mandate of the RFC Editor.”
>>>>>>
>>>>>> While 6635bis says:
>>>>>>
>>>>>> "For all decisions that affect the RSE individually (e.g.,
>>>> hiring and firing),
>>>>>> the RSOC prepares recommendations for the IAB, but the final
>>>> decision is
>>>>>> the responsibility of the IAB.”
>>>>>>
>>>>>> But under the current model (which I presume we plan to
>>> keep),
>>>> the ED is a
>>>>>> member of the RSOC. So does the ED work directly with the
>>> IAB? Or
>>>>>> indirectly with the IAB through the RSOC? Or both?
>>>>>>
>>>>>> 4844bis also says:
>>>>>>
>>>>>> "The IETF Executive Director may define additional
>>> operational
>>>>>> requirements and policies for management purposes to meet the
>>>>>> requirements defined by the various communities.”
>>>>>>
>>>>>> I wonder if this is really consistent with what is
>>> envisioned in
>>>> 6635bis.
>>>>>>
>>>>>> I also find it odd that the budget for an RSE search is
>>> discussed in
>>>>>> 6635bis, while the budget for the RFC Editor function
>>> overall is
>>>> discussed
>>>>>> in 4844bis — is the separation meaningful? Since the LLC
>>> Board
>>>> approves the
>>>>>> whole IETF budget, presumably what 4844bis says about the RFC
>>>> Editor budget
>>>>>> applies to the search budget mentioned in 6635bis as
>>> well, but
>>>> since it’s
>>>>>> not explicit it isn’t totally clear.
>>>>>>
>>>>>> Thanks,
>>>>>> Alissa
>>>>>>
>>>>>>
>>>>>>
>>>>>> _______________________________________________
>>>>>> iasa20 mailing list
>>>>>> iasa20@ietf.org <mailto:iasa20@ietf.org> <mailto:iasa20@ietf.org 
>>>>>> <mailto:iasa20@ietf.org>>
>>> <mailto:iasa20@ietf.org <mailto:iasa20@ietf.org> 
>>> <mailto:iasa20@ietf.org <mailto:iasa20@ietf.org>>>
>>>>>> https://www.ietf.org/mailman/listinfo/iasa20 
>>>>>> <https://www.ietf.org/mailman/listinfo/iasa20>
>>>>>>
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> iasa20 mailing list
>>>>> iasa20@ietf.org <mailto:iasa20@ietf.org> <mailto:iasa20@ietf.org 
>>>>> <mailto:iasa20@ietf.org>>
>>> <mailto:iasa20@ietf.org <mailto:iasa20@ietf.org> 
>>> <mailto:iasa20@ietf.org <mailto:iasa20@ietf.org>>>
>>>>> https://www.ietf.org/mailman/listinfo/iasa20 
>>>>> <https://www.ietf.org/mailman/listinfo/iasa20>
>>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> iasa20 mailing list
>>>> iasa20@ietf.org <mailto:iasa20@ietf.org> <mailto:iasa20@ietf.org 
>>>> <mailto:iasa20@ietf.org>>
>>>> https://www.ietf.org/mailman/listinfo/iasa20 
>>>> <https://www.ietf.org/mailman/listinfo/iasa20>
>>>>
>>> _______________________________________________
>>> iasa20 mailing list
>>> iasa20@ietf.org <mailto:iasa20@ietf.org>
>>> https://www.ietf.org/mailman/listinfo/iasa20 
>>> <https://www.ietf.org/mailman/listinfo/iasa20>
>>> _______________________________________________
>>> iasa20 mailing list
>>> iasa20@ietf.org <mailto:iasa20@ietf.org>
>>> https://www.ietf.org/mailman/listinfo/iasa20 
>>> <https://www.ietf.org/mailman/listinfo/iasa20>
>>> --
>>>
>>> Leslie Daigle
>>> Principal, ThinkingCat Enterprises
>>>
>>> ldaigle@thinkingcat.com <mailto:ldaigle@thinkingcat.com>
>> _______________________________________________
>> iasa20 mailing list
>> iasa20@ietf.org
>> https://www.ietf.org/mailman/listinfo/iasa20 
>> <https://www.ietf.org/mailman/listinfo/iasa20>