Re: BCP97bis

John C Klensin <> Mon, 18 October 2021 15:38 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id D789F3A09F0; Mon, 18 Oct 2021 08:38:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id CR6towQxkIDE; Mon, 18 Oct 2021 08:38:05 -0700 (PDT)
Received: from ( []) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id D8FF33A08F8; Mon, 18 Oct 2021 08:38:04 -0700 (PDT)
Received: from [] (helo=PSB) by with esmtp (Exim 4.82 (FreeBSD)) (envelope-from <>) id 1mcUiB-000PNS-21; Mon, 18 Oct 2021 11:38:03 -0400
Date: Mon, 18 Oct 2021 11:37:56 -0400
From: John C Klensin <>
To: "Salz, Rich" <>, "Murray S. Kucherawy" <>
cc: Carsten Bormann <>, ietf <>
Subject: Re: BCP97bis
Message-ID: <83AE1023E61C0D81DA726D6B@PSB>
In-Reply-To: <>
References: <> < om> <> <> <> <> <>
X-Mailer: Mulberry/4.0.8 (Win32)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
X-SA-Exim-Scanned: No (on; SAEximRunCond expanded to false
Archived-At: <>
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF-Discussion <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 18 Oct 2021 15:38:10 -0000

--On Monday, October 18, 2021 14:36 +0000 "Salz, Rich"
<> wrote:

>   *   The IESG has had multiple cases during my time there
> where we haven't had access to some normative reference, and
> so we can't do our job.  This has added long delays to
> document processing.  That's what we're trying to address here.
> I believe it is far more common for the IESG to review and
> progress documents without having all normative references
> tracked down and read.

Murray, I think Rich is right.  Maybe it should be different,
but when I have written, been shepherd for, or otherwise been
heavily involved with documents that make normative references
outside the RFC Series in recent years, I think it has been
unusual if even one IESG member other than the responsible AD
studied all of the references documents carefully.

Another distinction may be worth making.  There are two kinds of
normative reference to documents outside the RFC Series.   We
encountered an important example earlier this year although I
did not figure out how to formulate the distinction until now.
In one case, the referencing document actually contains
everything one needs to know to implement whatever is being
specified.  RFC 20 is a perfect example of that: it contains
copies of the relevant tables and the definitions that were
considered relevant.  X3.4-1968 is a normative reference (even
though we did not make the distinction at that time), but the
reference is needed only to identify the authority for what the
RFC says.  If one needed to actually read and understand
X3.4-1968, it would only be to verify that its relevant contents
are accurately portrayed.  Depending on definitions that, AFAIK,
have never been spelled out explicitly enough that one could use
them to split hairs, one could even argue that reference is
Informative and not Normative.  

At the other extreme, we've seen documents that essentially say
"to do X, go look at [BigDoc] and do what it says" where
[BigDoc] is, e.g., something more than 1000 pages long and hard
for non-specialists to read, much less fully understand
references to specific sections (so even "[BigDoc] Section 999"
would not be of tremendous help).  Clearly a Normative
reference, but anyone claiming to have reviewed the proposed RFC
who has not studied [BigDoc] and understood the specification
there and its implications... well, really has not done so.

The solution to the latter type of situation is not to be sure
free copies of [BigDoc] are available to anyone who might (or
should) be interested in the hope they will read them, but for
the IESG to push things more in the direction of RFC 20 and good
summaries about exactly what the actual requirements are in
practice.  There are many much more recent examples that have
done just that.

And, if we could separate this issue from the contents of the
I-D, this document and the discussions of it would get easier.
Unfortunately, the requirement for that separation is that the
IESG become clear about the distinction and push back
aggressively on shortcuts like the "just look over there" one
implied by the second case.