IETF Logo Mail Archive

[Ietf-and-github] RobWilton review of draft-ietf-git-using-github-05

"Rob Wilton (rwilton)" <rwilton@cisco.com> Tue, 10 March 2020 16:23 UTC

Return-Path: <rwilton@cisco.com>
X-Original-To: ietf-and-github@ietfa.amsl.com
Delivered-To: ietf-and-github@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E7ED03A12D2; Tue, 10 Mar 2020 09:23:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.599
X-Spam-Level:
X-Spam-Status: No, score=-9.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=g72EeeQV; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=xKOETy38
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id m8cBa0izdWO7; Tue, 10 Mar 2020 09:23:04 -0700 (PDT)
Received: from alln-iport-7.cisco.com (alln-iport-7.cisco.com [173.37.142.94]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 307363A12D8; Tue, 10 Mar 2020 09:23:04 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=33315; q=dns/txt; s=iport; t=1583857384; x=1585066984; h=from:to:cc:subject:date:message-id:mime-version; bh=eAOUnNjGQSSohdlZVQL8zJN9JkE95aElyPNHStsn/ng=; b=g72EeeQVKtVJ2QVs0uFa4QUarYtYlhJ25z2JzuiPmL4HPU1c61ejMX3+ ZO763zyCw/WnQgFILsrb/4/yL4tnSpZP5MqHdrOvPFQKn0oQlBM0+DY2a KTd9GziIJlWJ7OnGPytw4BYGbOz6f83Zzbq3f4gb29BcRZ15ua8NL3qOS k=;
IronPort-PHdr: 9a23:1AHCXhGxMz8ffeAhqo7Ok51GYnJ96bzpIg4Y7IYmgLtSc6Oluo7vJ1Hb+e4z1A3SRYuO7fVChqKWqK3mVWEaqbe5+HEZON0pNVcejNkO2QkpAcqLE0r+eeT1bigmG8JqX15+9Hb9Ok9QS47z
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0AnAgALvmde/4kNJK1mHQEBAQkBEQUFAYFqBQELAYEkLyQsBWxYIAQLKgqHUAOKcJp0gUKBEANUCQEBAQwBAS0CBAEBhEMCggYkNwYOAgMBAQsBAQUBAQECAQUEbYVWDIVmFhsTAQE3AREBNQsBPyYBBAENDQwOgwWBfU0DLgGebwKBOYhigieCfwEBBYUPGIIMCYE4AYwrGoFBP4ERR4cPAREBEgEjPYMEgiyOIog8JIlrj0EKgjyXB4JKjHKLfo55gU6aBAIEAgQFAg4BAQWBaCMqPXFwFYMnUBgNjh2Dc4pVdIEpjEcBgQ8BAQ
X-IronPort-AV: E=Sophos;i="5.70,537,1574121600"; d="scan'208,217";a="445215559"
Received: from alln-core-4.cisco.com ([173.36.13.137]) by alln-iport-7.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 10 Mar 2020 16:23:03 +0000
Received: from XCH-ALN-004.cisco.com (xch-aln-004.cisco.com [173.36.7.14]) by alln-core-4.cisco.com (8.15.2/8.15.2) with ESMTPS id 02AGN2hM001694 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Tue, 10 Mar 2020 16:23:03 GMT
Received: from xhs-aln-003.cisco.com (173.37.135.120) by XCH-ALN-004.cisco.com (173.36.7.14) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Tue, 10 Mar 2020 11:23:02 -0500
Received: from xhs-rcd-002.cisco.com (173.37.227.247) by xhs-aln-003.cisco.com (173.37.135.120) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Tue, 10 Mar 2020 11:23:02 -0500
Received: from NAM04-SN1-obe.outbound.protection.outlook.com (72.163.14.9) by xhs-rcd-002.cisco.com (173.37.227.247) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Tue, 10 Mar 2020 11:23:02 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=FkpcyJAa6LczkC5anmQGT+St5kWEtNHyOJ2YN2SeM+Lc7elsJBH4AQV3Kjae4mdRfwCNcR796JsFUNhz30W85cFSDJokQ9SUOGPnOt6PRM6KhfkxLCEG8CabYj0M6vXbawXBzq+ksUl0flc0MOY/XS3cc3NKaimS8Y1cdowTQn+L9BJVxPYSAlq4zaAJaSNBZPBEXWOy0LIbFEmw6RUufGh8YJmQ2gBS4bDJjx4xN4Za8+nfqItmGijOWqUSr1fxxfZodoe1wtgQUUsi9VPeSoOP8UUk4CLXJqOzQVwyqV7v14gYi28bV0uaTlnT3GUnfk/kxhytakt2y4JkcnUZ8A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=UuYl4q5Q6zgJSp+y+UyawfpfAWLEj0jlZCUbRn6MHWU=; b=nsK0j8BWFwZgGbFhjxzw4giXF0Je/Wj7M/lEJL3zGpQLSkGIl/WxiBQXqVPO3fQbrO7qWZhCdd3lXQpzLVAIeZXcCMRM8DI7NlCwnYamOpFlXOwpg5WmNXxgC5Vx0+PVXXiLiADpP1MeWsx5uRMwAgucnBkMdnY5NFedwOeRhitQnqugOsjaP8nfbP8GC/Kd04AxmOfwnBUQeqxJNDwdQz/IwaHm8Zse3h92eynMitGZjY//IM0kz2mBUFeN+nM1mq6mbk02CEpVCnGrGDKiGabvQ42xcDVeB6Sx2TEK7Bu2n3/RMhM/ObGblbFvc+fNLgJFyaQjJPRIePOyVT5s9g==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=UuYl4q5Q6zgJSp+y+UyawfpfAWLEj0jlZCUbRn6MHWU=; b=xKOETy38fxyDFgbKka3SiqRLVM7K6AAC3lcQXud3aX4gmOhLiictr5Vyj4A5Ur2UdJK00TYOBLhWI/ccGvs/Egcg0dPtF1gjypzJRTtb0eDxBEROdLJDBFJUooPK3U3ms2GAxx6rKIyw6VJSIfn00FnnUAa5bQaxxfyuaGf97tE=
Received: from BY5PR11MB4355.namprd11.prod.outlook.com (2603:10b6:a03:1c3::13) by BY5PR11MB4369.namprd11.prod.outlook.com (2603:10b6:a03:1cb::25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2793.17; Tue, 10 Mar 2020 16:23:01 +0000
Received: from BY5PR11MB4355.namprd11.prod.outlook.com ([fe80::5434:7127:ff4b:e6f4]) by BY5PR11MB4355.namprd11.prod.outlook.com ([fe80::5434:7127:ff4b:e6f4%4]) with mapi id 15.20.2793.013; Tue, 10 Mar 2020 16:23:01 +0000
From: "Rob Wilton (rwilton)" <rwilton@cisco.com>
To: The IESG <iesg@ietf.org>, "draft-ietf-git-using-github@ietf.org" <draft-ietf-git-using-github@ietf.org>
CC: "ietf-and-github@ietf.org" <ietf-and-github@ietf.org>, "git-chairs@ietf.org" <git-chairs@ietf.org>, "caw@heapingbits.net" <caw@heapingbits.net>
Thread-Topic: RobWilton review of draft-ietf-git-using-github-05
Thread-Index: AdX20DXn6nk7ia9BTXi3bSvYC2yFiw==
Date: Tue, 10 Mar 2020 16:23:01 +0000
Message-ID: <BY5PR11MB43554E4D2C6E916F070B680BB5FF0@BY5PR11MB4355.namprd11.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=rwilton@cisco.com;
x-originating-ip: [173.38.220.34]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 8e226bd8-419c-403b-a668-08d7c50f4da3
x-ms-traffictypediagnostic: BY5PR11MB4369:
x-microsoft-antispam-prvs: <BY5PR11MB4369FFD9B23DCD44504E9564B5FF0@BY5PR11MB4369.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 033857D0BD
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(39860400002)(376002)(346002)(396003)(366004)(136003)(199004)(189003)(66556008)(66446008)(76116006)(66476007)(55016002)(110136005)(2906002)(6506007)(9686003)(5660300002)(186003)(478600001)(64756008)(54906003)(7696005)(4326008)(86362001)(66946007)(26005)(316002)(81156014)(81166006)(8676002)(8936002)(9326002)(71200400001)(33656002)(52536014)(66574012); DIR:OUT; SFP:1101; SCL:1; SRVR:BY5PR11MB4369; H:BY5PR11MB4355.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: DBcGhJiwCP5BVJge5yvBy8nhkB8tmaE4NmLuCxhvaIItRmfcmhvOMkmZVdXnYLT2RC8Ek0s2vLbVrVPgPQAxpHrhgYKdj1GL9jju2k3VQs9M5rVgoxTwlH+PkVk3EAa0uR1i1ycPoynEtJSMeMe30SZANOjbA6y5dEbi17Fisal43picMUUYQhcWNuTvTMw1YChFHtA2xFRCLRw3Ud8OQhoQdi+qwI1HQH/x1KXK6ZqcbeNW2QrNz6wL4ifi1NI1+YiT66bvsyeczKRA2OlhJEV9WbHZwQjbwNCkAN5rjnaiFkVQULETlJcmxEgFok8paZmZTQk4OvS5emMP9SZjtHUTLVULJbdZRmiqfaT31L5ix7oI5gAoFvAjpXH4UKNR3Y1H5NhaOkZr8viSipl588EZAvGDm8TktuRgbtI4PkuOHrPdCCnJm60EsHVFewUK
x-ms-exchange-antispam-messagedata: ABdELPtdAWGkGxj9kg4BvT6jLBH9OfXWqDG3l5zZTSXWvf00u6EwZOstMqselrKMeUIYIqVde49Alozoa6X+9Qstp2/ZEPsArt/42iiw+JkD8FpOFu3UC+rcktsD5HhRkL4tS85gCXJblKQ1qGybeg==
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_BY5PR11MB43554E4D2C6E916F070B680BB5FF0BY5PR11MB4355namp_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 8e226bd8-419c-403b-a668-08d7c50f4da3
X-MS-Exchange-CrossTenant-originalarrivaltime: 10 Mar 2020 16:23:01.1617 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: qlhqrH1XkX51aViUr+npq1E9WeeQ0dSdR6hOscWVMyTOtCRvwzYTiSUmhPvUmmyEBCDFJnMyk/jDzqIAR6yDYg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY5PR11MB4369
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.36.7.14, xch-aln-004.cisco.com
X-Outbound-Node: alln-core-4.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-and-github/2Sg2W3HeEZFE5xFOZqsd-gJgSRk>
Subject: [Ietf-and-github] RobWilton review of draft-ietf-git-using-github-05
X-BeenThere: ietf-and-github@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discussion of using GitHub in IETF activities, particularly for Working Groups" <ietf-and-github.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-and-github>, <mailto:ietf-and-github-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-and-github/>
List-Post: <mailto:ietf-and-github@ietf.org>
List-Help: <mailto:ietf-and-github-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-and-github>, <mailto:ietf-and-github-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Mar 2020 16:23:12 -0000

Hi,

I have reviewed this document as an incoming Ops/Mgmt AD.

Overall, I am a strong proponent of this work, and I'm of the opinion that leveraging tools such as github can and will greatly help IETF.

I do have some comments/questions/suggestions on the document:

Main comments:


  1.  My main concerns with IETF's use of github are:
     *   Losing ownership control of the repository.
     *   Inexperienced users accidentally committing private SSH keys, or otherwise leaking access.
     *   Loosing access to historical data if a new better tool comes along, e.g. if we want to migrate repositories.

I think that (a) can be mitigated by adding extra organization owners, beyond just the responsible AD.  E.g., the github-config suggests also adding the Secretariat.  We should be consistent here, and I think that we should decide whether having just the AD and Secretariat is sufficient.  Would it also make sense to mandate the 2FA must be used by all members? If so, then this can be enforced in the organization settings.

The second point can probably be mitigated in a couple of ways:
- Educating users: to ensure that they don't accidentally commit credentials to the repo, to enable 2FA, and to generate account recovery passwords.  Should this document cover this.
- Perhaps having a gitignore file that filters out standard ssh key names?

The third point I know least about.  I understand that the plan is that IETF will backup the repos + issues + wikipages?  Hopefully the issues/wikipages are backed up in a format that a script could be written to update into future tools if required.



  1.  It was slightly unclear to me exactly what the full lifecycle of managing documents in github is meant to be.  E.g. is it only for drafts up to the point that they are published as RFCs, or is there an expectation that repositories could exist for longer than that, e.g. for tracking issues, future revisions, or errata.  I think that there are some source of truth considerations here that perhaps need to be carefully documented in the repo readme.  E.g. folks reading the doc on github are not getting the formal RFC, no notification about errata, etc.


I also have some other comments on particular sections:

1.3: Other Services
   "This document concentrates primarily on GitHub as it has a large and
   active community of contributors."

- Presumably another reason why github was chosen wasn't just because of large/active contributors, but also because various IETF WGs are actively making use of github for managing documents - I know that we are.

1.4: Document Goals
   "This document only aims to address use of GitHub in developing
   Documents"

- As above regarding the comment on document lifecycle, is that just through to RFC editor, or beyond?

1.5: Notational Conventions
   "The words "MUST", "MUST NOT", "SHOULD", "SHOULD NOT", and "MAY" are
   used in this document.  It's not shouting; when they are capitalized,
   they have the special meaning defined in BCP 14 [RFC2119] [RFC8174]."

- Nice, but this doesn't appear to quite follow the normal RFC8174 boilerplate. ;-)


2.1: Organizations

   Each organization requires owners.  The owner team for a Working
   Group repository MUST include responsible Area Directors.

- Should this also include IETF Secretariat (i.e. for consistency with the github configuration draft)?


2.2: Communicating Policies

- Should IETF github repositories not also have a LICENSE file? E.g. in alignment with the Note-well?

3: Deciding to Use GitHub

   Chairs MUST involve Area Directors in any decision to use GitHub for
   anything more than managing drafts.

- Is it clear what "draft" means here?  Would "Internet-Draft" be better?  It might be worth checking other usage of draft in the document.


3.1: What to Use GitHub For
- Looking at the first paragraph in section 3, and the second paragraph in section 3.1, it is slightly unclear to me whether it is the WG or WG chairs who choose whether github should be used by the WG.
   "Features that the Working Group does not rely upon SHOULD be made
   available to document editors."
   "Chairs SHOULD periodically consult with
   document editors to ensure that policies are effective."
- I suggest "should" rather than SHOULD for both of these.
   "A document editor can still use GitHub independently for documents
   that they edit, even if the Working Group does not expressly choose
   to use GitHub.  Any such public repository MUST follow the IETF Note
   Well and bear notices; see Section 2.2.  This recognizes that editors
   have traditionally chosen their own methods for managing the
   documents they edit but preserves the need for contributors to
   understand their obligations with respect to IETF processes."
- I agree with the sentiment here, but I think that there perhaps should be some more rules:
     - Is the assumption that this repository is not under ietf-wg-<name>?
     - If not, perhaps this document should recommended a statement that the repository is for use by the authors and does not necessarily reflect the procedures defined in draft-ietf-git-using-github, and that the WG work formally happens on the WG email alias.


3.3: Editors and Contributors
   Working Groups MAY create a team for regular contributors that is
   only given read access to a repository.  This does not confer
   additional privileges on these contributors, it instead allows for
   issues and pull requests to be assigned to those people.  This can be
   used to manage the assignment of editorial or review tasks to
   individuals outside of the editor team.

   - If these are public repositories then I would thought that everyone has read access anyway, and can have issues assigned to them, etc.


6: Internet-Draft Publication

   Revisions used to generate documents that are submitted as Internet-
   Drafts SHOULD be tagged in repositories to provide a record of
   submissions.

   - Perhaps suggest the format of the tag.  I.e. the tag should just be the name/version of the draft being published.  [Ideally, longer term we would have tooling to help with this.]

Thanks,
Rob

v2.23.0 | Report a Bug | By Email